Trust signals
Why this verdict
PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.
- Versions published
- 267Mature · −50% score
- First published
- May 2015
- Publisher
- particlebot
Effective trust discount applied: −50% (max across signals — discounts don’t stack). New install-lifecycle deltas vs the previous release would clear the discount.
Recommended action
Looks clean — keep monitoringNo high-signal indicators in the stored static report. PkgRadar will re-check on the next ingest pass.
Block this release in CIcurl · GitHub Actions
Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.
curl -fsS https://pkgradar.com/gate/npm \
-H "Authorization: Bearer $PKGRADAR_TOKEN" \
-H "Content-Type: application/json" \
-d '{"specs":["[email protected]"],"fail_on":"review"}'GitHub Actions step:
- name: PkgRadar gate
run: |
curl -fsS https://pkgradar.com/gate/npm \
-H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
-H "Content-Type: application/json" \
-d '{"specs":["[email protected]"],"fail_on":"review"}'Why flagged
What the scanner saw
No high-signal static finding in the saved report.
Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.
Availability ledger
available
Status history (1 event)
- new → available · risk low · score 0 · status changed
Evidence
Static findings
No findings stored for this release.
Manifest
Package metadata
Scripts39
buildpkg .cleannpm run clean:modulesclean:modulesrm -rf ./node_modulescoveragenpm run coverage:unit && npm run coverage:integration && npm run coverage:reportcoverage:e2enyc npm run test:e2e:silentcoverage:integrationnyc --no-clean npm run test:integration:silentcoverage:reportnyc report --reporter=htmlcoverage:unitnyc npm run test:unit:silentdoctocdoctoc --title '## Table of Contents' README.mdgenerate:manifestnode ./scripts/generate-manifest.jsgenerate:win-installernode ./scripts/generate-win-installer.jslinteslintreinstallnpm run clean && npm isign:winnode ./scripts/win-sign.jsstartnode ./src/index.jstestnpm run lint && npm run test:unit && npm run test:integration && npm run test:e2etest:cinpm run lint && npm run test:unit:ci && npm run test:integration:citest:e2enpm run build -- --target host && mocha 'test/{,!(__fixtures__)/**}/*.e2e.js' --timeout 120000 --exittest:e2e:cinpm run test:e2e:no-device -- --forbid-onlytest:e2e:device-protectionnpm run test:e2e -- --grep @device,@device-protectiontest:e2e:inspectnpm test:e2e -- --inspect-brktest:e2e:no-devicenpm run test:e2e -- --grep @device --inverttest:e2e:silentPARTICLE_NOOP=$(npm run test:e2e:ci)test:e2e:watchnpm run test:e2e -- --watch --watch-extensions js,jsontest:e2e:wifinpm run test:e2e -- --grep @device,@wifitest:integrationmocha test/integrationtest:integration:cinpm run test:integration -- --forbid-onlytest:integration:inspectnpm test:integration -- --inspect-brktest:integration:silentPARTICLE_NOOP=$(npm run test:integration:ci)test:integration:watchnpm run test:integration -- --watch --watch-extensions js,json- …and 9 more.
Dependencies37
@particle/device-constants^4.1.0@particle/softap-setup^4.1.2archiver^7.0.1binary-version-reader^4.0.0chalk^2.4.2cli-progress^3.12.0cli-spinner^0.2.10cli-table^0.3.1core-js^3.4.7execa^5.1.1fs-extra^8.1.0glob^7.1.6gpt^3.0.0handlebars^4.1.2inquirer^6.5.2jose^4.13.1lodash^4.17.15moment^2.24.0node-fetch^2.7.0node-wifiscanner2^1.2.2particle-api-js^11.1.7particle-commands^1.0.6particle-library-manager^1.0.6particle-usb^4.1.0request^2.88.2safe-buffer^5.2.0semver^7.5.2serialport~10.4.0sha512crypt-node^1.0.2temp^0.9.4- …and 7 more.