npm · registry.npmjs.org
thumbgate
Install Lifecycle Suppresses Failure: postinstall="node bin/postinstall.js || true"
Why PkgRadar flagged 1.27.7
| Severity | Signal | Evidence |
|---|---|---|
| high | Install Lifecycle Suppresses Failure | postinstall="node bin/postinstall.js || true" · package.json |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
1.27.7 | High risk | 28 | 2026-06-16 |
1.25.0 | High risk | 19 | 2026-06-10 |
1.23.2 | High risk | 28 | 2026-06-10 |
1.23.1 | High risk | 19 | 2026-06-10 |
1.23.0 | High risk | 19 | 2026-06-10 |
1.27.6 | High risk | 28 | 2026-06-10 |
1.27.4 | High risk | 19 | 2026-06-10 |
1.27.3 | High risk | 19 | 2026-06-10 |
1.27.2 | High risk | 19 | 2026-06-10 |
1.26.7 | High risk | 19 | 2026-06-10 |
1.26.8 | High risk | 19 | 2026-06-10 |
1.26.2 | High risk | 19 | 2026-06-10 |
1.26.1 | High risk | 19 | 2026-06-10 |
1.26.0 | High risk | 19 | 2026-06-10 |
1.25.2 | High risk | 28 | 2026-06-10 |
1.25.1 | High risk | 19 | 2026-06-10 |
Block this in CI
pkgradar gate --ecosystem npm [email protected]