PkgRadar

Package evidence

@hyperledger-cacti/[email protected]

no findings

Trust signals

Why this verdict

PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.

Weekly downloads
83
Versions published
2
First published
Jun 2026
Publisher
lfdt-npm

Recommended action

Looks clean — keep monitoring

No high-signal indicators in the stored static report. PkgRadar will re-check on the next ingest pass.

Inspect tarballAdd to CI gate
Block this release in CIcurl · GitHub Actions

Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.

curl -fsS https://pkgradar.com/gate/npm \
  -H "Authorization: Bearer $PKGRADAR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"specs":["@hyperledger-cacti/[email protected]"],"fail_on":"review"}'

GitHub Actions step:

- name: PkgRadar gate
  run: |
    curl -fsS https://pkgradar.com/gate/npm \
      -H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
      -H "Content-Type: application/json" \
      -d '{"specs":["@hyperledger-cacti/[email protected]"],"fail_on":"review"}'
Publisherlfdt-npm
Artifact bytes10,844
Previous versionnone
Published2026-06-12T17:18:38.293Z
SHA-256c886e421884145a045490ef53762bb613999050239196c8fb5119f5b6ccf94e6

Why flagged

What the scanner saw

No high-signal static finding in the saved report.

Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.

Availability ledger

available

low
Last checked
lowRisk
0Score
3.0.0-alpha.5Version
Status history (1 event)
  1. newavailable · risk low · score 0 · status changed

Evidence

Static findings

No findings stored for this release.

Manifest

Package metadata

Scripts2
  • stress-testnode --expose-gc --no-opt dist/lib/main/typescript/verifier-with-go-eth-stress-check.js
  • stress-test-inspectnode --expose-gc --inspect-brk --no-opt dist/lib/main/typescript/verifier-with-go-eth-stress-check.js
Dependencies15
  • @hyperledger-cacti/cactus-api-client3.0.0-alpha.5
  • @hyperledger-cacti/cactus-common3.0.0-alpha.5
  • @hyperledger-cacti/cactus-core3.0.0-alpha.5
  • @hyperledger-cacti/cactus-core-api3.0.0-alpha.5
  • @hyperledger-cacti/cactus-plugin-ledger-connector-ethereum3.0.0-alpha.5
  • @hyperledger-cacti/cactus-test-geth-ledger3.0.0-alpha.5
  • @hyperledger-cacti/cactus-test-tooling3.0.0-alpha.5
  • @hyperledger-cacti/cactus-verifier-client3.0.0-alpha.5
  • body-parser1.20.3
  • express5.1.0
  • log4js6.4.1
  • socket.io4.6.2
  • uuid10.0.0
  • web31.7.3
  • web3-core1.7.3