Trust signals
Why this verdict
PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.
- Versions published
- 212Established · −30% score
- First published
- Nov 2025
- Publisher
- amirvue95
Effective trust discount applied: −30% (max across signals — discounts don’t stack). New install-lifecycle deltas vs the previous release would clear the discount.
Recommended action
Looks clean — keep monitoringNo high-signal indicators in the stored static report. PkgRadar will re-check on the next ingest pass.
Block this release in CIcurl · GitHub Actions
Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.
curl -fsS https://pkgradar.com/gate/npm \
-H "Authorization: Bearer $PKGRADAR_TOKEN" \
-H "Content-Type: application/json" \
-d '{"specs":["@amirjalili1374/[email protected]"],"fail_on":"review"}'GitHub Actions step:
- name: PkgRadar gate
run: |
curl -fsS https://pkgradar.com/gate/npm \
-H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
-H "Content-Type: application/json" \
-d '{"specs":["@amirjalili1374/[email protected]"],"fail_on":"review"}'Why flagged
What the scanner saw
Large Javascript Payload: 2035518 bytes
Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.
Availability ledger
available
Status history (1 event)
- new → available · risk low · score 0 · status changed
Evidence
Static findings
2 static · 0 from release diff · showing high-signal first.
No high-signal findings — see all findings below.
Show all 2 findings (low-signal and informational)
| Severity | Kind | Path | Detail | Points |
|---|---|---|---|---|
| low | Large Javascript Payload | package/dist/ui-kit.cjs.js | 2035518 bytes | 0 |
| low | Large Javascript Payload | package/dist/ui-kit.es.js | 3367688 bytes | 0 |
Manifest
Package metadata
Scripts31
buildnpm run typecheck && vite build --mode devbuild:analyzenpm run build && npx vite-bundle-analyzer dist/stats.htmlbuild:demonpm run typecheck && vite build --mode demobuild:devnpm run typecheck && vite build --mode devbuild:libcross-env BUILD_LIB=true vite build && npm run build:typesbuild:livenpm run typecheck && vite build --mode livebuild:prelivenpm run typecheck && vite build --mode prelivebuild:typesvue-tsc --declaration --emitDeclarationOnly --project tsconfig.lib.json --skipLibCheck || echo 'Type generation completed with warnings'cleanrimraf dist node_modules/.vitedevvite --mode devdev:demovite --mode demodev:livevite --mode livedev:prelivevite --mode preliveformatprettier --write "src/**/*.{js,ts,vue,scss,css,json}"format:checkprettier --check "src/**/*.{js,ts,vue,scss,css,json}"linteslint . --fixlint:checkeslint .prepublishOnlynpm run build:libpreviewvite preview --port 5050 --hostpreview:demovite preview --port 9090 --hostpreview:devvite preview --port 5050 --hostpreview:livevite preview --port 5050 --hostpreview:prelivevite preview --port 5050 --hostpublish:currentnpm publish --access publicrelease:majornpm version major && npm publish --access publicrelease:minornpm version minor && npm publish --access publicrelease:patchnpm version patch && npm publish --access publicservevue-cli-service servetestecho "No tests specified" && exit 0typecheckvue-tsc --noEmit- …and 1 more.
Dependencies32
@amirjalili1374/ui-kit^1.2.1@dsb-norge/vue-keycloak-js^3.0.0@mdi/js^7.4.47@tabler/icons-vue^3.33.0@tsconfig/node2020.1.4@typescript-eslint/parser^7.8.0@vueuse/core^13.0.0apexcharts3.49.1axios^1.8.0axios-mock-adapter^1.22.0chance1.1.11date-fns3.6.0jalaali-js^1.2.8jspdf^3.0.0lodash4.17.21lodash-es^4.17.21lottie-web^5.12.2pinia2.1.7remixicon4.2.0vee-validate4.12.8vite-plugin-vuetify^2.1.2vue^3.3.0vue-router^4.3.0vue3-apexcharts1.5.2vue3-lottie^3.3.1vue3-perfect-scrollbar2.0.0vue3-persian-datetime-picker^1.2.2vue3-print-nb0.1.4vuetify^3.10.0webpack-plugin-vuetify^3.1.2- …and 2 more.