npm · registry.npmjs.org
sapper-iq
Install Lifecycle Remote Or Exec: postinstall="node -e \"try{require('fs').chmodSync(require('path').join(require.resolve('node-pty/package.json'),'..','prebuilds','darwin-arm64','spawn-helper'),0o755)}catch(e){};try{require('fs').chmodSync(require('path').join(require.resolve('node-pty/package.json'),'..','prebuilds','darwin-x64','spawn-helper'),0o755)}catch(e){}\""
Why PkgRadar flagged 1.3.1
| Severity | Signal | Evidence |
|---|---|---|
| high | Install Lifecycle Remote Or Exec | postinstall="node -e \"try{require('fs').chmodSync(require('path').join(require.resolve('node-pty/package.json'),'..','prebuilds','darwin-arm64','spawn-helper'),0o755)}catch(e){};try{require('fs').chmodSync(require('path').join(require.resolve('node-pty/package.json'),'..','prebuilds','darwin-x64','spawn-helper'),0o755)}catch(e){}\"" · package.json |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
1.3.1 | High risk | 35 | 2026-06-05 |
1.3.2 | High risk | 35 | 2026-06-05 |
1.2.4 | High risk | 35 | 2026-06-05 |
1.2.5 | High risk | 35 | 2026-06-05 |
1.2.0 | High risk | 75 | 2026-06-05 |
1.2.1 | High risk | 35 | 2026-06-05 |
1.1.39 | Low risk | 0 | 2026-06-05 |
1.1.40 | Low risk | 0 | 2026-06-05 |
Block this in CI
pkgradar gate --ecosystem npm [email protected]