Package evidence

@_linked/[email protected]

Large Javascript Payload: 2228925 bytes

Trust signals

Why this verdict

PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.

Weekly downloads: 19
Versions published: 16
First published: Apr 2026
Publisher: rene_reborn

Recommended action

Looks clean — keep monitoring

No high-signal indicators in the stored static report. PkgRadar will re-check on the next ingest pass.

Inspect tarball Add to CI gate

Block this release in CIcurl · GitHub Actions

Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.

curl -fsS https://pkgradar.com/gate/npm \
  -H "Authorization: Bearer $PKGRADAR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"specs":["@_linked/[email protected]"],"fail_on":"review"}'

GitHub Actions step:

- name: PkgRadar gate
  run: |
    curl -fsS https://pkgradar.com/gate/npm \
      -H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
      -H "Content-Type: application/json" \
      -d '{"specs":["@_linked/[email protected]"],"fail_on":"review"}'

Publisherrene_reborn

Artifact bytes1,433,098

Previous version1.6.2

Published2026-06-07T17:32:06.686Z

SHA-256b6660292ea171b36116d7f89853dbf8c57c290e88140618f1ade615b71bce583

Why flagged

What the scanner saw

Large Javascript Payload: 2228925 bytes

Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.

Availability ledger

available

low

34h agoLast checked

lowRisk

0Score

1.6.3Version

Status history (1 event)

new → available34h ago · risk low · score 0 · status changed

Evidence

Static findings

1 static · 0 from release diff · showing high-signal first.

No high-signal findings — see all findings below.

Show all 1 findings (low-signal and informational)

Severity	Kind	Path	Detail	Points
low	Large Javascript Payload	package/defaults/app-with-backend/.yarn/releases/yarn-3.6.1.cjs	2228925 bytes	0

Manifest

Package metadata

Scripts13

buildrimraf ./lib && yarn build-esm && yarn build-cjs && yarn copy-to-lib && yarn dual-package
build-cjsecho "compiling CJS" && rimraf ./lib/cjs && yarn tsc -p tsconfig-cjs.json
build-esmecho "compiling ESM" && rimraf ./lib/esm && yarn tsc -p tsconfig-esm.json
copy-to-libecho '💫 Copying CSS assets to lib folder' && yarn copyfiles -u 1 'src/**/*.css' lib/esm && yarn copyfiles -u 1 'src/**/*.css' lib/cjs
devyarn tsc -p tsconfig-esm.json -w
dev-cjsyarn tsc -p tsconfig-cjs.json -w
dual-packageecho 'adding package.json to each lib folder for dual output support' && yarn tsconfig-to-dual-package ./tsconfig-cjs.json ./tsconfig-esm.json
formatyarn prettier:fix && yarn lint:fix
prettierprettier "src/**/*.{js,jsx,ts,tsx,css,scss}" --check
prettier:fixyarn prettier --write
testyarn test:unit && yarn test:e2e
test:e2eplaywright test --config playwright.config.ts
test:unitjest --config jest.config.cjs

Dependencies66

@_linked/core^2.6.0
@babel/cli^7.23.9
@babel/core^7.24.0
@babel/plugin-proposal-decorators^7.24.0
@babel/plugin-transform-runtime^7.24.0
@babel/preset-env^7.24.0
@babel/preset-react^7.23.3
@babel/preset-typescript^7.23.3
@babel/register^7.23.7
@pmmmwh/react-refresh-webpack-plugin^0.5.11
@tailwindcss/postcss^4.1.4
@types/node^20.12.7
@types/react^18.0.17
@types/react-dom^18.0.6
babel-loader^9.1.3
chalk^4.1.2
child-process-promise^2.2.1
colors^1.4.0
commander^11.0.0
copy-webpack-plugin^12.0.2
copyfiles^2.4.1
create-esm-loader^0.2.5
css-loader^6.10.0
css-parse^2.0.0
cssnano^7.0.7
depcheck^1.4.7
env-cmd^10.1.0
find-nearest-package-json^2.0.1
fs-extra^11.2.0
glob^10.3.12
…and 36 more.