PkgRadar

Package evidence

@hyperledger-cacti/[email protected]

no findings

Trust signals

Why this verdict

PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.

Weekly downloads
86
Versions published
2
First published
Jun 2026
Publisher
lfdt-npm

Recommended action

Looks clean — keep monitoring

No high-signal indicators in the stored static report. PkgRadar will re-check on the next ingest pass.

Inspect tarballAdd to CI gate
Block this release in CIcurl · GitHub Actions

Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.

curl -fsS https://pkgradar.com/gate/npm \
  -H "Authorization: Bearer $PKGRADAR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"specs":["@hyperledger-cacti/[email protected]"],"fail_on":"review"}'

GitHub Actions step:

- name: PkgRadar gate
  run: |
    curl -fsS https://pkgradar.com/gate/npm \
      -H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
      -H "Content-Type: application/json" \
      -d '{"specs":["@hyperledger-cacti/[email protected]"],"fail_on":"review"}'
Publisherlfdt-npm
Artifact bytes12,470
Previous versionnone
Published2026-06-12T17:18:06.082Z
SHA-256810bc209f1b83a1a26d8ab6a0035106fc6b031cceb5c0a678caaae5b8cf9c8ed

Why flagged

What the scanner saw

No high-signal static finding in the saved report.

Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.

Availability ledger

available

low
Last checked
lowRisk
0Score
3.0.0-alpha.5Version
Status history (1 event)
  1. newavailable · risk low · score 0 · status changed

Evidence

Static findings

No findings stored for this release.

Manifest

Package metadata

Scripts6
  • cleanrm -rf node_modules package-lock.json build
  • clean-runrm -rf package-lock.json build
  • copy-interop-contractscp ../../../core/network/besu/contracts/interop/manageAssetAny.sol contracts/ && cp ../../../core/network/besu/interface/asset-exchange/transferInterface.sol contracts/ && cp ../../../common/protos-sol/asset_locks.proto.sol contracts/
  • deploy-contractyarn run copy-interop-contracts && yarn install && yarn run update-truffle-config && yarn run truffle compile && yarn run truffle migrate
  • redeployyarn run copy-interop-contracts && yarn run truffle migrate --reset
  • update-truffle-confignode get-network-details.js
Dependencies8
  • @lazyledger/protobuf3-solidity-lib0.6.0
  • @openzeppelin/contracts4.9.6
  • @truffle/contract4.6.28
  • chai4.3.7
  • dotenv16.3.1
  • ganache-cli6.12.2
  • solc0.8.21
  • web31.10.0