PkgRadar

Package evidence

@mgdis/[email protected]

no findings

Trust signals

Why this verdict

PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.

Versions published
87Mature · −50% score
First published
Apr 2022
Publisher
jouanno-n

Effective trust discount applied: 50% (max across signals — discounts don’t stack). New install-lifecycle deltas vs the previous release would clear the discount.

Recommended action

Looks clean — keep monitoring

No high-signal indicators in the stored static report. PkgRadar will re-check on the next ingest pass.

Inspect tarballAdd to CI gate
Block this release in CIcurl · GitHub Actions

Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.

curl -fsS https://pkgradar.com/gate/npm \
  -H "Authorization: Bearer $PKGRADAR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"specs":["@mgdis/[email protected]"],"fail_on":"review"}'

GitHub Actions step:

- name: PkgRadar gate
  run: |
    curl -fsS https://pkgradar.com/gate/npm \
      -H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
      -H "Content-Type: application/json" \
      -d '{"specs":["@mgdis/[email protected]"],"fail_on":"review"}'
Publisherjouanno-n
Artifact bytes2,223,165
Previous version6.22.0
Published2026-04-17T08:44:17.319Z
SHA-2568cefd78007a6557cbc003354584b6cc6e7e98948c8e72f06b8fa5e3f0ff8fcd4

Why flagged

What the scanner saw

No high-signal static finding in the saved report.

Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.

Availability ledger

available

low
Last checked
lowRisk
0Score
6.22.1Version
Status history (1 event)
  1. newavailable · risk low · score 0 · status changed

Evidence

Static findings

No findings stored for this release.

Manifest

Package metadata

Scripts12
  • buildpnpm prebuild && stencil build --docs
  • coverageTZ=UTC stencil test --spec --no-build --collectCoverage --reporters="default" --reporters="jest-junit"
  • generatestencil generate
  • prebuildnode ./bin/build-icons
  • startpnpm prebuild && stencil build --dev --watch --serve
  • storybookstorybook dev -p 6006
  • storybook:buildstorybook build
  • testTZ=UTC stencil test --spec --e2e
  • test:e2epnpm --package=@pnpm/@playwright/test dlx playwright test
  • test:e2e:dockerpnpm dlx @playwright/test test
  • test:unitTZ=UTC stencil test --spec --collectCoverage
  • test:watchstencil test --spec --e2e --watchAll
Dependencies7
  • @mgdis/core-ui-helpers1.1.2
  • @mgdis/img2.6.1
  • @mgdis/sanitize-html1.1.1
  • @mgdis/styles2.17.1
  • @popperjs/core2.11.8
  • @stencil/core4.43.4
  • jodit4.12.2