PkgRadar

Package evidence

@cognite/[email protected]

no findings

Trust signals

Why this verdict

PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.

Weekly downloads
53
Versions published
6
First published
Aug 2020
Publisher
larsmoa

Recommended action

Looks clean — keep monitoring

No high-signal indicators in the stored static report. PkgRadar will re-check on the next ingest pass.

Inspect tarballAdd to CI gate
Block this release in CIcurl · GitHub Actions

Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.

curl -fsS https://pkgradar.com/gate/npm \
  -H "Authorization: Bearer $PKGRADAR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"specs":["@cognite/[email protected]"],"fail_on":"review"}'

GitHub Actions step:

- name: PkgRadar gate
  run: |
    curl -fsS https://pkgradar.com/gate/npm \
      -H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
      -H "Content-Type: application/json" \
      -d '{"specs":["@cognite/[email protected]"],"fail_on":"review"}'
Publisherlarsmoa
Artifact bytes196,729
Previous version1.2.0
Published2021-12-01T07:45:53.468Z
SHA-2568d615db7b2747df3c1647e715f18d8ebf34702378d34cfe8d1ab892caaa579fe

Why flagged

What the scanner saw

No high-signal static finding in the saved report.

Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.

Availability ledger

available

low
Last checked
lowRisk
0Score
1.3.0Version
Status history (1 event)
  1. newavailable · risk low · score 0 · status changed

Evidence

Static findings

No findings stored for this release.

Manifest

Package metadata

Scripts17
  • buildyarn clean && yarn run build:wasm && webpack --env.development && yarn local-cdn:copy
  • build:prodyarn clean && yarn build:wasm && webpack
  • build:wasmwasm-pack build --release
  • bump yarn bump:commit && yarn bump:tag && yarn bump:push
  • bump:commitcross-var git commit -am "chore(parser-worker): bump version $npm_package_version"
  • bump:pushgit push -u origin head && git push --tags
  • bump:tagcross-var git tag $npm_package_name@$npm_package_version
  • cdn-uploadnode uploadToCDN.js
  • cleanrimraf -rf ./dist ./pkg
  • local-cdnyarn local-cdn:build && yarn local-cdn:copy && yarn local-cdn:viewer && yarn local-cdn:start
  • local-cdn:buildcross-var cross-env PUBLIC_PATH=https://localhost:$npm_package_conf_port/$npm_package_conf_folder/ yarn run build
  • local-cdn:copycross-var rimraf -rf ../examples/public/$npm_package_conf_folder && cross-var cpy ./dist/local/* ../examples/public/$npm_package_conf_folder/
  • local-cdn:startcd ../examples && cross-var cross-env PORT=$npm_package_conf_port yarn start
  • local-cdn:viewercd ../viewer && cross-var cross-env PUBLIC_PATH=https://localhost:$npm_package_conf_port/$npm_package_conf_folder/ yarn build
  • prebumpyarn version --no-git-tag-version && yarn
  • releaseyarn build:prod && yarn publish --non-interactive
  • testecho "Error: no test specified" && exit 1
Dependencies1
  • comlink4.3.1