PkgRadar

Package evidence

@foundation0/[email protected]

no findings

Trust signals

Why this verdict

PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.

Weekly downloads
253
Versions published
3
First published
Mar 2026
Publisher
markopolojarvi

Recommended action

Looks clean — keep monitoring

No high-signal indicators in the stored static report. PkgRadar will re-check on the next ingest pass.

Inspect tarballAdd to CI gate
Block this release in CIcurl · GitHub Actions

Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.

curl -fsS https://pkgradar.com/gate/npm \
  -H "Authorization: Bearer $PKGRADAR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"specs":["@foundation0/[email protected]"],"fail_on":"review"}'

GitHub Actions step:

- name: PkgRadar gate
  run: |
    curl -fsS https://pkgradar.com/gate/npm \
      -H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
      -H "Content-Type: application/json" \
      -d '{"specs":["@foundation0/[email protected]"],"fail_on":"review"}'
Publishermarkopolojarvi
Artifact bytes1,747,005
Previous version1.0.0
Published2026-06-07T11:23:37.677Z
SHA-256fe8978d24cb4695e93a1587132be24732ac274075d4ec28e113547d1655de337

Why flagged

What the scanner saw

No high-signal static finding in the saved report.

Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.

Availability ledger

available

low
Last checked
lowRisk
0Score
1.6.0Version
Status history (1 event)
  1. newavailable · risk low · score 0 · status changed

Evidence

Static findings

No findings stored for this release.

Manifest

Package metadata

Scripts6
  • api-reportpnpm -w exec bun run scripts/test-helpers/run-auth-public-evidence-command.ts api-report
  • api-report:checkpnpm -w exec bun run scripts/test-helpers/run-auth-public-evidence-command.ts api-report:check
  • buildpnpm -w exec bun run scripts/test-helpers/build-auth-dist.ts
  • testpnpm -w exec vitest run packages/auth/src/public-sdk-contracts.test.ts packages/auth/src/public-sdk-evidence.test.ts packages/auth/src/zero/public-wrapper.test.ts packages/auth/src/install-smoke.test.ts packages/auth/src/package-metadata.test.ts packages/auth/src/public-package-ownership.test.ts packages/adl-sdk/src/releaseManifest.test.ts packages/adl-sdk/src/verifyCall.test.ts packages/adl-sdk/src/resourceUri.test.ts packages/adl-sdk/src/zero/coordinate.test.ts packages/adl-sdk/src/zero/zero-resource.test.ts packages/adl-sdk/src/zero/resolve-zero-authority.test.ts packages/adl-sdk/src/zero/non-authority.test.ts packages/adl-sdk/src/zero/zero-evidence-bundle.test.ts packages/adl-sdk/src/client/create-adl.test.ts packages/adl-sdk/src/index/client.test.ts --coverage=false
  • type-regressionpnpm -w exec bun run scripts/test-helpers/run-auth-public-evidence-command.ts type-regression
  • typecheckpnpm -w exec tsgo -p packages/auth/tsconfig.json --noEmit
Dependencies4
  • pg8.19.0
  • sql.js1.13.0
  • viem2.46.3
  • zod4.3.6