npm · registry.npmjs.org
spudmobile-bridge
Install Lifecycle Remote Or Exec: postinstall="node -e \"const p=require('path'),fs=require('fs');const d=p.join(__dirname,'node_modules','node-pty','prebuilds');['darwin-arm64','darwin-x64'].forEach(a=>{const f=p.join(d,a,'spawn-helper');try{fs.chmodSync(f,0o755)}catch{}})\""
Why PkgRadar flagged 2.4.49
| Severity | Signal | Evidence |
|---|---|---|
| high | Install Lifecycle Remote Or Exec | postinstall="node -e \"const p=require('path'),fs=require('fs');const d=p.join(__dirname,'node_modules','node-pty','prebuilds');['darwin-arm64','darwin-x64'].forEach(a=>{const f=p.join(d,a,'spawn-helper');try{fs.chmodSync(f,0o755)}catch{}})\"" · package.json |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
2.4.49 | High risk | 35 | 2026-06-10 |
2.4.48 | High risk | 24 | 2026-06-10 |
2.4.47 | High risk | 24 | 2026-06-10 |
2.4.46 | High risk | 35 | 2026-06-10 |
2.4.45 | High risk | 35 | 2026-06-10 |
2.4.44 | High risk | 35 | 2026-06-10 |
2.4.43 | High risk | 35 | 2026-06-10 |
2.4.42 | High risk | 35 | 2026-06-10 |
2.4.41 | High risk | 35 | 2026-06-10 |
2.4.40 | High risk | 35 | 2026-06-10 |
2.4.39 | High risk | 24 | 2026-06-10 |
2.4.38 | High risk | 35 | 2026-06-10 |
2.4.37 | Review | 5 | 2026-05-29 |
2.4.35 | Review | 3 | 2026-05-27 |
2.4.36 | Review | 3 | 2026-05-27 |
2.4.16 | Review | 5 | 2026-05-26 |
2.4.17 | Review | 5 | 2026-05-26 |
2.3.9 | Review | 3 | 2026-05-26 |
2.4.0 | Review | 3 | 2026-05-26 |
2.3.7 | Review | 5 | 2026-05-26 |
2.3.6 | Review | 5 | 2026-05-25 |
2.3.5 | Review | 5 | 2026-05-25 |
2.3.4 | Review | 5 | 2026-05-25 |
2.3.3 | Review | 5 | 2026-05-25 |
Block this in CI
pkgradar gate --ecosystem npm [email protected]