PkgRadar

Package evidence

@nlabs/[email protected]

no findings

Trust signals

Why this verdict

PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.

Weekly downloads
468
Versions published
39Mature · −50% score
First published
Jul 2018
Publisher
nitrog7

Effective trust discount applied: 50% (max across signals — discounts don’t stack). New install-lifecycle deltas vs the previous release would clear the discount.

Recommended action

Looks clean — keep monitoring

No high-signal indicators in the stored static report. PkgRadar will re-check on the next ingest pass.

Inspect tarballAdd to CI gate
Block this release in CIcurl · GitHub Actions

Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.

curl -fsS https://pkgradar.com/gate/npm \
  -H "Authorization: Bearer $PKGRADAR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"specs":["@nlabs/[email protected]"],"fail_on":"review"}'

GitHub Actions step:

- name: PkgRadar gate
  run: |
    curl -fsS https://pkgradar.com/gate/npm \
      -H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
      -H "Content-Type: application/json" \
      -d '{"specs":["@nlabs/[email protected]"],"fail_on":"review"}'
Publishernitrog7
Artifact bytes1,543,463
Previous version1.3.0
Published2026-06-02T13:35:20.928Z
SHA-256605f9bdcdcf5719797ee8fc08f941a5f637e5848fc24aa4ec3aa6d3f932563f8

Why flagged

What the scanner saw

No high-signal static finding in the saved report.

Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.

Availability ledger

available

low
Last checked
lowRisk
0Score
1.3.1Version
Status history (1 event)
  1. newavailable · risk low · score 0 · status changed

Evidence

Static findings

No findings stored for this release.

Manifest

Package metadata

Scripts18
  • buildnpm run tailwind:build && lex compile --remove --config ./tsconfig.build.json && npm run sync:tailwind-lib
  • build:devnpm run tailwind:build && NODE_ENV=development lex compile --remove --config ./tsconfig.build.json && npm run sync:tailwind-lib
  • cleanlex clean
  • devnpm run tailwind:build && npm run sync:tailwind-lib && lex dev
  • lintlex lint --fix
  • prepublishOnlynpm test && npm run build
  • publish:majornpm version major && npm run publish:tags && npm publish
  • publish:minornpm version minor && npm run publish:tags && npm publish
  • publish:patchnpm version patch && npm run publish:tags && npm publish
  • publish:tagsgit push --tags && git push origin HEAD
  • startnpm run tailwind:build && npm run sync:tailwind-lib && lex dev -r -o
  • storybooknpm run tailwind:build && npm run sync:tailwind-lib && lex storybook
  • sync:tailwind-libnode -e "const fs=require('fs'); fs.mkdirSync('./lib/styles',{recursive:true}); fs.writeFileSync('./lib/styles/tailwind.css','@import \"./index.css\";\n');"
  • tailwind:buildnpx @tailwindcss/cli -i ./src/styles/tailwind.css -o ./src/styles/index.css
  • tailwind:watchnpx @tailwindcss/cli -i ./src/styles/tailwind.css -o ./src/styles/index.css --watch
  • testlex test
  • updatelex update --interactive
  • watchlex compile -w
Dependencies22
  • @headlessui/react^2.2.10
  • @nlabs/rip-hunter^3.1.0
  • @nlabs/utils^2.10.4
  • autosuggest-highlight^3.3.4
  • cropperjs^2.1.1
  • hast-util-sanitize5.0.2
  • highlight.js^11.11.1
  • history^5.3.0
  • i18next^26.3.0
  • lucide-react^1.17.0
  • progressbar.js^1.1.1
  • react-autosuggest^10.1.0
  • react-cropper^2.3.3
  • react-i18next^17.0.8
  • react-markdown^10.1.0
  • react-router^7.16.0
  • react-spinkit^3.0.0
  • react-tag-autocomplete^7.5.1
  • react-transition-group^4.4.5
  • rehype-react^8.0.0
  • yet-another-react-lightbox^3.32.0
  • zod^4.4.3