PkgRadar

Package evidence

@coorpacademy/[email protected]

Remote Dependency Spec: devDependencies.react-native-camera="https://github.com/CoorpAcademy/react-native-camera#master"

Trust signals

Why this verdict

PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.

Weekly downloads
4,206Niche · −30% score
Versions published
2,444Mature · −50% score
First published
Jan 2016
Publisher
esa-coorp

Effective trust discount applied: 50% (max across signals — discounts don’t stack). New install-lifecycle deltas vs the previous release would clear the discount.

Recommended action

Review before promoting

Mixed signals: the package has indicators worth reading before allowing the update in automated dependency flows.

Inspect tarballAdd to CI gate
Block this release in CIcurl · GitHub Actions

Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.

curl -fsS https://pkgradar.com/gate/npm \
  -H "Authorization: Bearer $PKGRADAR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"specs":["@coorpacademy/[email protected]"],"fail_on":"review"}'

GitHub Actions step:

- name: PkgRadar gate
  run: |
    curl -fsS https://pkgradar.com/gate/npm \
      -H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
      -H "Content-Type: application/json" \
      -d '{"specs":["@coorpacademy/[email protected]"],"fail_on":"review"}'
Publisheresa-coorp
Artifact bytes2,573,689
Previous version11.40.22
Published2026-06-05T11:06:47.976Z
SHA-256a256d5bb68c7ee088f9491d45e78149af84ef1ccf4a37771bbfbc987a166688e

Why flagged

What the scanner saw

Remote Dependency Spec: devDependencies.react-native-camera="https://github.com/CoorpAcademy/react-native-camera#master"

1 remote tarball(s) were followed statically.

Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.

Availability ledger

available

review
Last checked
reviewRisk
2Score
11.40.23Version
Status history (1 event)
  1. newavailable · risk review · score 2 · status changed

Evidence

Static findings

1 static · 0 from release diff · showing high-signal first.

SeverityKindPathDetailPoints
mediumRemote Dependency Specpackage.jsondevDependencies.react-native-camera="https://github.com/CoorpAcademy/react-native-camera#master"8

Remote payloads

Followed remote artifacts

SourceURLRiskScoreSummary
devDependencies.react-native-camerahttps://github.com/CoorpAcademy/react-native-camera#mastererror0invalid gzip header

Manifest

Package metadata

Scripts32
  • avaava
  • buildconcurrently "npm run build:commonjs" "npm run build:es"
  • build:commonjsnpm run build:commonjs:babel && npm run build:commonjs:types
  • build:commonjs:babelcross-env BABEL_ENV=commonjs babel src --out-dir lib -s --copy-files --no-copy-ignored --ignore "**/test" --extensions ".ts,.tsx,.js"
  • build:commonjs:typestsc -p tsconfig.lib.json
  • build:esnpm run build:es:babel && npm run build:es:types
  • build:es:babelcross-env BABEL_ENV=es babel src --out-dir es -s --copy-files --no-copy-ignored --ignore "**/test" --extensions ".ts,.tsx,.js"
  • build:es:typestsc -p tsconfig.es.json
  • build:statswebpack --profile --json=dist/stats.json
  • build:watchnpm run build:es -- -w --verbose
  • chromaticnpx chromatic --build-script-name storybook:export
  • cleanconcurrently "npm run clean:commonjs" "npm run clean:es"
  • clean:commonjsrm -rf lib
  • clean:esrm -rf es
  • eslinteslint . --ext .js,.json,.ts,.tsx --cache --cache-location "node_modules/.cache/.eslintcache"
  • generateconcurrently "npm run generate:storybook" "npm run generate:fixtures"
  • generate:fixturesnode scripts/fixture-tests.js src src/test/helpers/render-component.js
  • generate:storybooknode scripts/storybook-index.js src
  • lintnpm run eslint && npm run typecheck
  • lint:fixnpm run eslint -- --fix
  • preavanpm run generate:fixtures
  • preparenpm run clean && npm run build --production
  • prestartnpm run generate:storybook
  • prestaticnpm run generate:storybook
  • startnpm run storybook:run
  • start:ieIE=true npm start
  • staticnpm run storybook:export
  • storybook:exportcross-env BABEL_ENV=es build-storybook -c .storybook -o static
  • storybook:runcross-env BABEL_ENV=es start-storybook -p 3004 -c .storybook
  • testnpm run lint && npm run test:unit
  • …and 2 more.
Dependencies31
  • @coorpacademy/nova-icons4.5.1
  • @coorpacademy/react-native-animation1.1.0
  • @fortawesome/fontawesome-svg-core^6.5.1
  • @fortawesome/pro-solid-svg-icons^6.5.1
  • @fortawesome/react-fontawesome^0.2.0
  • @jwplayer/jwplayer-react^1.1.0
  • @sjmc11/tourguidejs^0.0.27
  • @types/react^17.0.50
  • @types/react-dom^17.0.17
  • autoprefixer^10.4.12
  • classnames^2.3.2
  • colorjs.io^0.5.0
  • css-color-function^1.3.3
  • cubic-bezier^0.1.2
  • eslint-plugin-react-hooks^4.6.0
  • extended-proptypes^1.3.0
  • hammerjs^2.0.8
  • isomorphic-unfetch^3.1.0
  • lodash^4.17.21
  • lottie-web5.11.0
  • markdown-to-jsx^7.7.2
  • postcss^8.4.16
  • postcss-calc^8.2.4
  • postcss-color-function^4.1.0
  • postcss-modules-values-replace^3.4.0
  • qs6.11.0
  • react-autosuggest^10.0.2
  • react-dropzone^9.0.0
  • react-tooltip4.5.1
  • recharts^2.12.2
  • …and 1 more.