PkgRadar

npm · registry.npmjs.org

openmux

Manifest Codeless Dependency Stub: package ships no JS/TS source but declares 6 dependency(ies) (0 with loose/empty version specs) — dependency-confusion / install-chain loader shape

Why PkgRadar flagged 0.3.168

SeveritySignalEvidence
mediumManifest Codeless Dependency Stubpackage ships no JS/TS source but declares 6 dependency(ies) (0 with loose/empty version specs) — dependency-confusion / install-chain loader shape · package.json

Scanned versions

VersionVerdictScoreScanned (UTC)
0.3.168Review102026-06-16
0.3.167Review102026-06-15
0.3.166Review102026-06-15
0.3.165Review142026-06-12
0.3.164Review142026-06-08
0.3.163Review202026-06-05
0.3.162Review142026-06-05
0.3.161Review202026-06-05
0.3.160Review202026-06-05
0.3.159Review142026-06-05
0.3.158Review202026-06-05
0.3.157Review202026-06-04
0.3.156Review142026-06-04
0.3.155Review202026-06-04
0.3.153Review202026-06-04
0.3.152Review202026-06-04
0.3.151Review202026-06-03
0.3.148Review202026-06-03
0.3.149Review202026-06-03
0.3.145Review202026-06-03
0.3.144Review142026-06-03
0.3.143Review202026-06-02
0.3.142Review142026-06-02
0.3.140Review202026-06-01
0.3.141Review202026-06-01
0.3.137Review202026-06-01
0.3.138Review202026-06-01
0.3.135Review32026-05-31
0.3.136Review32026-05-31
0.3.134Review32026-05-30
0.3.133Review32026-05-30
0.3.132Review32026-05-30
0.3.131Review32026-05-30
0.3.130Review52026-05-29
0.3.129Review52026-05-28
0.3.128Review52026-05-28
0.3.127Review52026-05-28
0.3.126Review52026-05-27
0.3.125Review52026-05-27
0.3.122Review52026-05-27
0.3.120Review52026-05-24
0.3.119Review52026-05-24

Block this in CI

PkgRadar gates openmux (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm [email protected]
Start free — 25 scans / moView full evidence