PkgRadar

Package evidence

@el-j/[email protected]

no findings

Trust signals

Why this verdict

PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.

Weekly downloads
37
Versions published
23
First published
Mar 2026
Publisher
el-j-personal

Recommended action

Looks clean — keep monitoring

No high-signal indicators in the stored static report. PkgRadar will re-check on the next ingest pass.

Inspect tarballAdd to CI gate
Block this release in CIcurl · GitHub Actions

Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.

curl -fsS https://pkgradar.com/gate/npm \
  -H "Authorization: Bearer $PKGRADAR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"specs":["@el-j/[email protected]"],"fail_on":"review"}'

GitHub Actions step:

- name: PkgRadar gate
  run: |
    curl -fsS https://pkgradar.com/gate/npm \
      -H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
      -H "Content-Type: application/json" \
      -d '{"specs":["@el-j/[email protected]"],"fail_on":"review"}'
Publisherel-j-personal
Artifact bytes60,276
Previous version2.2.0-beta.1
Published2026-03-29T10:08:07.771Z
SHA-2564a5b8f734d03ed28ad5dd9daeb166b37b8febb296ef19f22e96d95e7369d5116

Why flagged

What the scanner saw

No high-signal static finding in the saved report.

Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.

Availability ledger

available

low
Last checked
lowRisk
0Score
2.2.0-beta.2Version
Status history (1 event)
  1. newavailable · risk low · score 0 · status changed

Evidence

Static findings

No findings stored for this release.

Manifest

Package metadata

Scripts19
  • buildnpm run build:types && npm run build:cjs && npm run build:esm
  • build:actionrimraf dist-action && esbuild src/action-entrypoint.ts --bundle --platform=node --format=esm --outfile=dist-action/index.mjs --banner:js="import{createRequire}from'module';const require=createRequire(import.meta.url);" --log-level=info
  • build:cjsesbuild src/index.ts --bundle --format=cjs --outfile=dist/index.js --platform=node --packages=external
  • build:esmesbuild src/index.ts --bundle --format=esm --outfile=dist/esm/index.js --platform=node --packages=external && node -e "require('fs').writeFileSync('dist/esm/package.json', JSON.stringify({type:'module'}))"
  • build:typestsc --emitDeclarationOnly
  • changelog:previewnode scripts/changelog-preview.mjs
  • cleanrimraf dist
  • devtsc --watch
  • docs:buildvitepress build website
  • docs:devvitepress dev website
  • docs:previewvitepress preview website
  • linteslint src/ --ext .ts --max-warnings 0
  • prebuildnpm run clean
  • preparenpm run build
  • releasesemantic-release
  • release:dry-runsemantic-release --dry-run
  • sync:translationsnode scripts/sync-demo-translations.mjs
  • testjest
  • test:integrationINTEGRATION=true jest --testPathPatterns=integration --testTimeout=60000 --coverage=false
Dependencies3
  • @actions/core^3.0.0
  • google-auth-library^10.6.1
  • google-spreadsheet^5.2.0