npm · registry.npmjs.org

lakebed

Credential file access: matched "GITHUB_TOKEN"

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`0.0.26-staging.27325818451`	Low risk	0	2026-06-11
`0.0.26-staging.27323673859`	Low risk	0	2026-06-11
`0.0.26-staging.27316022458`	Low risk	0	2026-06-11
`0.0.26-staging.27182188423`	Low risk	0	2026-06-09
`0.0.25`	Low risk	0	2026-06-02
`0.0.25-staging.26851320986`	Low risk	0	2026-06-02
`0.0.25-staging.26777933377`	Low risk	0	2026-06-01
`0.0.25-staging.26725443050`	Low risk	0	2026-05-31
`0.0.24`	Low risk	0	2026-05-31
`0.0.24-staging.26708176300`	Low risk	0	2026-05-31
`0.0.25-staging.26708666344`	Low risk	0	2026-05-31
`0.0.24-staging.26700248435`	Low risk	0	2026-05-31
`0.0.23-staging.26700078024`	Low risk	0	2026-05-31
`0.0.23-staging.26699880384`	Low risk	0	2026-05-31
`0.0.21`	Review	5	2026-05-27
`0.0.22`	Review	3	2026-05-27
`0.0.20`	Review	3	2026-05-26
`0.0.19`	Review	5	2026-05-26
`0.0.18`	Review	30	2026-05-24
`0.0.17`	Review	30	2026-05-24

Block this in CI

PkgRadar gates lakebed (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm [email protected]