Trust signals
Why this verdict
PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.
- Weekly downloads
- 5,739Niche · −30% score
- Versions published
- 2,570Mature · −50% score
- First published
- Dec 2020
- Publisher
- hhg_admin_dev
Effective trust discount applied: −50% (max across signals — discounts don’t stack). New install-lifecycle deltas vs the previous release would clear the discount.
Recommended action
Looks clean — keep monitoringNo high-signal indicators in the stored static report. PkgRadar will re-check on the next ingest pass.
Block this release in CIcurl · GitHub Actions
Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.
curl -fsS https://pkgradar.com/gate/npm \
-H "Authorization: Bearer $PKGRADAR_TOKEN" \
-H "Content-Type: application/json" \
-d '{"specs":["@hhgtech/[email protected]"],"fail_on":"review"}'GitHub Actions step:
- name: PkgRadar gate
run: |
curl -fsS https://pkgradar.com/gate/npm \
-H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
-H "Content-Type: application/json" \
-d '{"specs":["@hhgtech/[email protected]"],"fail_on":"review"}'Why flagged
What the scanner saw
No high-signal static finding in the saved report.
Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.
Availability ledger
available
Status history (1 event)
- new → available · risk low · score 0 · status changed
Evidence
Static findings
No findings stored for this release.
Manifest
Package metadata
Scripts29
buildrm -rf build && rollup -cbuild-copynpm run build && rm -rf $PROJECT_PATH/.next $PROJECT_PATH/node_modules/.cache $PROJECT_PATH/node_modules/@hhgtech/hhg-components/build && cp -R ./build $PROJECT_PATH/node_modules/@hhgtech/hhg-components && cp package.json $PROJECT_PATH/node_modules/@hhgtech/hhg-components/package.json && echo 'Ready to test on local'build-storybookstorybook build --quiet -o ./storybook-buildbuild2rm -rf build2 && npm run build2:typescript && npm run build2:copy-assetsbuild2:copy-assetsnode copyAssets.jsbuild2:typescriptttsc -p tsconfig.json --jsx preserve -t es2020 --outDir build2 --declarationDir build2 --noEmit falsedeploy-storybooknpm run storybook-deployer -- --ci --source-branch=master --host-token-env-variable=GITHUB_TOKENdevrollup -c -wformatpretty-quickgenerate:componentplop componentgenerate:hookplop hookget-baby-growthnode ./src/scripts/getBabyGrowthData.jsget-translationnode ./src/scripts/getTranslationFromFile.jsgitlabnode ./src/scripts/gitWorkflow.mjsicons:generatenode ./scripts/generate-storybook-icons.jslinteslint "*/**/*.{ts,tsx}" --ignore-pattern "/build/"lint:fixeslint --fix '*/**/*.{ts,tsx}' --ignore-pattern '/build/'preparehusky installprepublishOnlynpm run buildsbstorybook dev -p 6006storybookstorybook dev -p 6006storybook-deployerstorybook-to-ghpagesstorybook:exportstorybook buildtestpretty-quick --staged && npm run linttest:update:snapshotjest --updateSnapshottest:watchjest --watchtype-checktsc --project ./tsconfig.jsonwatchnpx watch -u -d --wait=5 --interval=5 "npm run build" src/watch-copynpx watch -u -d --wait=5 --interval=5 "npm run build-copy" src/
Dependencies45
@emotion/react^11.11.1@emotion/styled^11.11.5@hhgtech/icons^0.0.68@hookform/resolvers^2.9.10@mantine/carousel6.0.21@mantine/core6.0.21@mantine/dates6.0.21@mantine/form6.0.21@mantine/hooks6.0.21@mantine/modals6.0.21@mantine/notifications6.0.21@react-google-maps/api^2.18.1@storybook/manager-api^7.0.17@storybook/theming^7.0.17browser-image-compression^2.0.0classnames^2.5.1dayjs^1.11.8embla-carousel^7.1.0embla-carousel-react^7.1.0embla-carousel-wheel-gestures^3.0.0fastdom^1.0.12framer-motion^6.5.1html-react-parser^1.2.7innertext^1.0.3intl-tel-input^17.0.19js-cookie^3.0.5lottie-light-react^2.4.0react-contenteditable^3.3.6react-day-picker^7.4.10react-google-recaptcha^3.1.0- …and 15 more.