PkgRadar

Package evidence

@panneau/[email protected]

no findings

Trust signals

Why this verdict

PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.

Versions published
686Mature · −50% score
First published
Aug 2019
Publisher
dmongeau

Effective trust discount applied: 50% (max across signals — discounts don’t stack). New install-lifecycle deltas vs the previous release would clear the discount.

Recommended action

Looks clean — keep monitoring

No high-signal indicators in the stored static report. PkgRadar will re-check on the next ingest pass.

Inspect tarballAdd to CI gate
Block this release in CIcurl · GitHub Actions

Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.

curl -fsS https://pkgradar.com/gate/npm \
  -H "Authorization: Bearer $PKGRADAR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"specs":["@panneau/[email protected]"],"fail_on":"review"}'

GitHub Actions step:

- name: PkgRadar gate
  run: |
    curl -fsS https://pkgradar.com/gate/npm \
      -H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
      -H "Content-Type: application/json" \
      -d '{"specs":["@panneau/[email protected]"],"fail_on":"review"}'
Publisherdmongeau
Artifact bytes89,517
Previous version4.0.60
Published2026-06-15T15:01:56.326Z
SHA-256c36fb89b40e99545972bd9db36046e63e2aac019146403513ed39d11cf841192

Why flagged

What the scanner saw

No high-signal static finding in the saved report.

Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.

Availability ledger

available

low
Last checked
lowRisk
0Score
4.0.61Version
Status history (1 event)
  1. newavailable · risk low · score 0 · status changed

Evidence

Static findings

No findings stored for this release.

Manifest

Package metadata

Scripts4
  • buildnpm run css:aggregates && ../../scripts/prepare-package.sh --types && npm run css:packages
  • css:aggregates../../scripts/build-packages-styles.js --pattern='@panneau/element-*' ./src/styles/packages.css.ejs ./src/styles/packages.css
  • css:packagespostcss ./src/styles/packages.css -o ./assets/css/packages.css
  • prepublishOnlynpm run build
Dependencies49
  • @babel/runtime^7.28.6
  • @folklore/routes^0.2.44
  • @fortawesome/fontawesome-svg-core^6.5.1
  • @fortawesome/free-solid-svg-icons^6.5.1
  • @fortawesome/react-fontawesome^0.2.0
  • @panneau/actions^4.0.61
  • @panneau/auth^4.0.60
  • @panneau/core^4.0.58
  • @panneau/data^4.0.60
  • @panneau/displays^4.0.58
  • @panneau/element-accordion^4.0.58
  • @panneau/element-alert^4.0.58
  • @panneau/element-avatar^4.0.58
  • @panneau/element-breadcrumbs^4.0.58
  • @panneau/element-button^4.0.58
  • @panneau/element-buttons^4.0.58
  • @panneau/element-dropdown^4.0.58
  • @panneau/element-form^4.0.58
  • @panneau/element-form-group^4.0.58
  • @panneau/element-grid^4.0.58
  • @panneau/element-icon^4.0.58
  • @panneau/element-label^4.0.58
  • @panneau/element-link^4.0.58
  • @panneau/element-loading^4.0.58
  • @panneau/element-media-card^4.0.58
  • @panneau/element-media-player^4.0.58
  • @panneau/element-menu^4.0.58
  • @panneau/element-modal^4.0.58
  • @panneau/element-navbar^4.0.58
  • @panneau/element-pagination^4.0.58
  • …and 19 more.