PkgRadar

Package evidence

@emulsify/[email protected]

no findings

Trust signals

Why this verdict

PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.

Weekly downloads
463
Versions published
39Mature · −50% score
First published
Jun 2024
Publisher
callinmullaney

Effective trust discount applied: 50% (max across signals — discounts don’t stack). New install-lifecycle deltas vs the previous release would clear the discount.

Recommended action

Looks clean — keep monitoring

No high-signal indicators in the stored static report. PkgRadar will re-check on the next ingest pass.

Inspect tarballAdd to CI gate
Block this release in CIcurl · GitHub Actions

Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.

curl -fsS https://pkgradar.com/gate/npm \
  -H "Authorization: Bearer $PKGRADAR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"specs":["@emulsify/[email protected]"],"fail_on":"review"}'

GitHub Actions step:

- name: PkgRadar gate
  run: |
    curl -fsS https://pkgradar.com/gate/npm \
      -H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
      -H "Content-Type: application/json" \
      -d '{"specs":["@emulsify/[email protected]"],"fail_on":"review"}'
Publishercallinmullaney
Artifact bytes546,345
Previous version4.0.1
Published2026-06-19T18:37:36.098Z
SHA-256005373777c846bbd83330bf4427507271bc4b7cca25f85b38dbfcbaf0babf460

Why flagged

What the scanner saw

No high-signal static finding in the saved report.

Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.

Availability ledger

available

low
Last checked
lowRisk
0Score
4.0.2Version
Status history (1 event)
  1. newavailable · risk low · score 0 · status changed

Evidence

Static findings

No findings stored for this release.

Manifest

Package metadata

Scripts23
  • auditnpm run check-node-version && node scripts/audit.js
  • audit:twig-storiesnpm run check-node-version && node scripts/audit-twig-stories.js
  • check-node-versionnode scripts/check-node-version.js
  • coveragenpm run check-node-version && npm run test && open-cli .coverage/lcov-report/index.html
  • fixtures:releasenpm run check-node-version && node scripts/release-fixtures.js
  • fixtures:release:listnpm run check-node-version && node scripts/release-fixtures.js --list
  • formatnpm run check-node-version && npm run lint-fix && npm run prettier-fix
  • husky:commit-msgnpm run check-node-version && commitlint --edit $1
  • husky:pre-commitnpm run check-node-version && npm run lint
  • lintnpm run check-node-version && npm run lint-js && npm run prettier
  • lint-fixnpm run check-node-version && npm run lint-js -- --fix
  • lint-jsnpm run check-node-version && eslint --config config/eslint.config.js ./.cli ./.storybook ./config ./scripts ./src
  • lint-stagednpm run check-node-version && lint-staged
  • preparenpm run check-node-version && husky
  • prettiernpm run check-node-version && prettier --check --config config/.prettierrc.json --ignore-unknown "**/*.{js,mjs,cjs,jsx,json,yml,yaml,scss,md,twig}"
  • prettier-fixnpm run check-node-version && prettier --config config/.prettierrc.json --write --ignore-unknown "**/*.{js,mjs,cjs,jsx,json,yml,yaml,scss,md,twig}"
  • semantic-releasenpm run check-node-version && semantic-release --config ./release.config.cjs
  • storybooknpm run check-node-version && NODE_OPTIONS=--no-deprecation storybook dev -p 6006 --no-open --exact-port
  • storybook-buildnpm run check-node-version && storybook build -o .out
  • storybook-deploynpm run check-node-version && storybook-to-ghpages -o .out
  • testnpm run check-node-version && jest --coverage --config ./config/jest.config.js
  • twatchnpm run check-node-version && jest --no-coverage --watch --verbose
  • version:developnpm run check-node-version && node scripts/bump-version-from-commits.js
Dependencies48
  • @babel/core^7.28.4
  • @babel/eslint-parser^7.28.6
  • @babel/preset-env^7.28.3
  • @emulsify/cli^1.11.4
  • @eslint/js^9.39.4
  • @storybook/addon-a11y^10.1.4
  • @storybook/addon-links^10.1.4
  • @storybook/addon-themes^10.1.4
  • @storybook/react^10.1.4
  • @storybook/react-vite^10.1.4
  • @vituum/vite-plugin-twig^1.1.0
  • autoprefixer^10.4.21
  • axe-core^4.11.4
  • babel-preset-minify^0.5.2
  • concurrently^9.2.1
  • eslint^9.39.4
  • eslint-config-prettier^10.1.8
  • eslint-plugin-import^2.32.0
  • eslint-plugin-jest^29.0.1
  • eslint-plugin-prettier^5.5.4
  • eslint-plugin-security^4.0.0
  • eslint-plugin-storybook^10.1.4
  • fs-extra^11.3.1
  • glob^13.0.6
  • graceful-fs^4.2.11
  • jest^30.2.0
  • jest-environment-jsdom^30.2.0
  • js-yaml^4.1.0
  • normalize.css^8.0.1
  • open-cli^9.0.0
  • …and 18 more.