PkgRadar

Package evidence

@opendatalabs/[email protected]

no findings

Trust signals

Why this verdict

PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.

Weekly downloads
2,618Niche · −30% score
Versions published
224Established · −30% score
First published
Jul 2025
Publisher
tim_vana

Effective trust discount applied: 30% (max across signals — discounts don’t stack). New install-lifecycle deltas vs the previous release would clear the discount.

Recommended action

Looks clean — keep monitoring

No high-signal indicators in the stored static report. PkgRadar will re-check on the next ingest pass.

Inspect tarballAdd to CI gate
Block this release in CIcurl · GitHub Actions

Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.

curl -fsS https://pkgradar.com/gate/npm \
  -H "Authorization: Bearer $PKGRADAR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"specs":["@opendatalabs/[email protected]"],"fail_on":"review"}'

GitHub Actions step:

- name: PkgRadar gate
  run: |
    curl -fsS https://pkgradar.com/gate/npm \
      -H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
      -H "Content-Type: application/json" \
      -d '{"specs":["@opendatalabs/[email protected]"],"fail_on":"review"}'
Publishertim_vana
Artifact bytes1,099,795
Previous version3.2.0-canary.e3ef84a
Published2026-06-19T18:19:04.857Z
SHA-256554767c544cc945e09a88b12ab45ec3345023574aa6a7eeca865958c5c05721c

Why flagged

What the scanner saw

No high-signal static finding in the saved report.

Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.

Availability ledger

available

low
Last checked
lowRisk
0Score
3.2.0-pr.155.6da79c6Version
Status history (1 event)
  1. newavailable · risk low · score 0 · status changed

Evidence

Static findings

No findings stored for this release.

Manifest

Package metadata

Scripts23
  • buildnpm run clean && npm run build:types && npm run build:node && npm run build:browser && npm run build:entries && npm run build:fix-esm
  • build:browsertsup --config tsup-browser.config.ts
  • build:entriestsx scripts/bundle-entry-points.ts
  • build:fix-esmtsx scripts/fix-esm-import-extensions.ts
  • build:nodetsup --config tsup.config.ts
  • build:typestsc -p tsconfig.build.json --listEmittedFiles
  • cleanrimraf dist .tsbuildinfo
  • devnpm run build -- --watch
  • discover-addressestsx scripts/discover-addresses.ts
  • fetch-abistsx scripts/fetch-abis.ts
  • generatenpm run discover-addresses && npm run fetch-abis
  • linteslint .
  • lint:fixeslint . --fix
  • prebuildnpm run validate:platform && npm run validate:entries && npm run validate:types
  • testvitest
  • test:coveragevitest run --coverage
  • test:coverage:verbosevitest run --coverage --reporter=verbose --coverage.reporter=text
  • test:verbosevitest --reporter=verbose
  • typechecktsc -p tsconfig.json
  • validate:entriestsx scripts/validate-entry-points.ts
  • validate:package-importsnpm run build && tsx scripts/validate-package-imports.ts
  • validate:platformtsx scripts/validate-platform-separation.ts
  • validate:typesrimraf test-dist && tsc -p tsconfig.build.json --outDir test-dist && test -f test-dist/index.node.d.ts && test -f test-dist/index.browser.d.ts && echo '✅ Type declarations can be generated' && rimraf test-dist || (echo '❌ Failed to generate type declarations' && rimraf test-dist && exit 1)
Dependencies6
  • @noble/hashes^1.8.0
  • @noble/secp256k1^2.3.0
  • abitype^1.0.9
  • openpgp^6.1.1
  • viem^2.35.1
  • zod^4.1.12
Optional dependencies1
  • secp256k1^5.0.1