PkgRadar

Package evidence

[email protected]

Suspicious Publish Context: {"package_age_days":6,"publisher":"pietercolpaert","burst_same_day":2,"burst_week":3,"lure":null,"version_anomaly":false}

Trust signals

Why this verdict

PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.

Weekly downloads
1,086Niche · −30% score
Versions published
7
First published
Jun 2026
Publisher
pietercolpaert

Effective trust discount applied: 30% (max across signals — discounts don’t stack). New install-lifecycle deltas vs the previous release would clear the discount.

Recommended action

Review before promoting

Mixed signals: the package has indicators worth reading before allowing the update in automated dependency flows.

Inspect tarballAdd to CI gate
Block this release in CIcurl · GitHub Actions

Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.

curl -fsS https://pkgradar.com/gate/npm \
  -H "Authorization: Bearer $PKGRADAR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"specs":["[email protected]"],"fail_on":"review"}'

GitHub Actions step:

- name: PkgRadar gate
  run: |
    curl -fsS https://pkgradar.com/gate/npm \
      -H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
      -H "Content-Type: application/json" \
      -d '{"specs":["[email protected]"],"fail_on":"review"}'
Publisherpietercolpaert
Artifact bytes91,926
Previous version0.2.4
Published2026-06-12T10:11:40.195Z
SHA-2565e0a1ee359aa096d1a3c86d3d70a96de2bc80b94eb515001a576c407b3ed7e75

Why flagged

What the scanner saw

Suspicious Publish Context: {"package_age_days":6,"publisher":"pietercolpaert","burst_same_day":2,"burst_week":3,"lure":null,"version_anomaly":false}

Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.

Availability ledger

available

review
Last checked
reviewRisk
10Score
0.2.5Version
Status history (1 event)
  1. newavailable · risk review · score 10 · status changed

Evidence

Static findings

1 static · 0 from release diff · showing high-signal first.

SeverityKindPathDetailPoints
mediumSuspicious Publish Contextmanifest{"package_age_days":6,"publisher":"pietercolpaert","burst_same_day":2,"burst_week":3,"lure":null,"version_anomaly":false}10

Manifest

Package metadata

Scripts37
  • buildnpm run build:node && npm run build:browser
  • build:browsernode scripts/build-browser.cjs
  • build:nodetsup src/index.ts src/bin/rdf-parser.ts --format cjs,esm --dts --target node24 --platform node --clean --splitting false --out-dir dist
  • checknpm run lint && npm run build && npm test
  • cinpm run check && npm run perf:regression
  • cleanrm -rf dist coverage .rdf-test-suite-cache
  • hooks:installnode scripts/install-hooks.cjs
  • linttsc --noEmit
  • perfnpm run build && node perf/bench.js
  • perf:graphynpm run build && node perf/bench.js --no-triple-terms
  • perf:quicknpm run build && node perf/bench.js --sizes 1000,10000
  • perf:regressionnpm run build && node --expose-gc perf/regression.js
  • preparenpm run build && npm run hooks:install
  • specnpm run build && npm run spec-clean && npm run spec-1-1 && npm run spec-1-2
  • spec-1-1npm run spec-1-1-turtle && npm run spec-1-1-ntriples && npm run spec-1-1-nquads && npm run spec-1-1-trig
  • spec-1-1-earlnpm run spec-1-1-earl-turtle && npm run spec-1-1-earl-ntriples && npm run spec-1-1-earl-nquads && npm run spec-1-1-earl-trig
  • spec-1-1-earl-nquadsrdf-test-suite spec/parser.cjs https://w3c.github.io/rdf-tests/rdf/rdf11/rdf-n-quads/manifest.ttl -i '{ "format": "n-quads" }' -c .rdf-test-suite-cache/ -o earl -p spec/earl-meta.json > spec/earl-nquads.ttl
  • spec-1-1-earl-ntriplesrdf-test-suite spec/parser.cjs https://w3c.github.io/rdf-tests/rdf/rdf11/rdf-n-triples/manifest.ttl -i '{ "format": "n-triples" }' -c .rdf-test-suite-cache/ -o earl -p spec/earl-meta.json > spec/earl-ntriples.ttl
  • spec-1-1-earl-trigrdf-test-suite spec/parser.cjs https://w3c.github.io/rdf-tests/rdf/rdf11/rdf-trig/manifest.ttl -i '{ "format": "trig" }' -c .rdf-test-suite-cache/ -o earl -p spec/earl-meta.json > spec/earl-trig.ttl
  • spec-1-1-earl-turtlerdf-test-suite spec/parser.cjs https://w3c.github.io/rdf-tests/rdf/rdf11/rdf-turtle/manifest.ttl -i '{ "format": "turtle" }' -c .rdf-test-suite-cache/ -o earl -p spec/earl-meta.json > spec/earl-turtle.ttl
  • spec-1-1-nquadsrdf-test-suite spec/parser.cjs https://w3c.github.io/rdf-tests/rdf/rdf11/rdf-n-quads/manifest.ttl -i '{ "format": "n-quads" }' -c .rdf-test-suite-cache/
  • spec-1-1-ntriplesrdf-test-suite spec/parser.cjs https://w3c.github.io/rdf-tests/rdf/rdf11/rdf-n-triples/manifest.ttl -i '{ "format": "n-triples" }' -c .rdf-test-suite-cache/
  • spec-1-1-trigrdf-test-suite spec/parser.cjs https://w3c.github.io/rdf-tests/rdf/rdf11/rdf-trig/manifest.ttl -i '{ "format": "trig" }' -c .rdf-test-suite-cache/ --skip "(prefix_with|reserved_escaped|localname|localName|labeled_blank_node|blankNodePropertyList|sole_blankNodePropertyList|nested_blankNodePropertyLists|repeated_semis|comment_following|number_sign_following|trig-syntax-bad-base-0[245]|trig-syntax-bad-prefix-0[67]|trig-syntax-struct-0[4567]|trig-syntax-minimal-whitespace-01|trig-syntax-prefix-06|trig-syntax-pname-esc|trig-syntax-bnode-0[89]|trig-syntax-bnode-10|trig-syntax-number-0[58]|trig-syntax-bad-uri-0[14]|trig-syntax-bad-struct-03|trig-syntax-bad-kw-01|trig-syntax-bad-n3-extras-06|trig-syntax-bad-numeric-escape|trig-syntax-bad-pname-0[12]|trig-eval-bad-0[1-4]|trig-syntax-bad-ln|trig-syntax-bad-number-dot-in-anon|trig-syntax-ln-colons|trig-syntax-ns-dots|trig-kw-graph-0[1456789]|trig-turtle-05|IRI-resolution-0[127]|bareword_decimal)"
  • spec-1-1-turtlerdf-test-suite spec/parser.cjs https://w3c.github.io/rdf-tests/rdf/rdf11/rdf-turtle/manifest.ttl -i '{ "format": "turtle" }' -c .rdf-test-suite-cache/ --skip "(prefix_with|reserved_escaped|localname|localName|labeled_blank_node|blankNodePropertyList|sole_blankNodePropertyList|nested_blankNodePropertyLists|predicateObjectList_with_blankNodePropertyList|repeated_semis|comment_following|number_sign_following|turtle-syntax-prefix-06|turtle-syntax-pname-esc|turtle-syntax-bnode-0[89]|turtle-syntax-bnode-10|turtle-syntax-number-0[58]|turtle-syntax-struct-0[45]|turtle-syntax-bad-uri-0[14]|turtle-syntax-bad-base-02|turtle-syntax-bad-struct-03|turtle-syntax-bad-kw-01|turtle-syntax-bad-n3-extras-06|turtle-syntax-bad-numeric-escape|turtle-syntax-bad-pname-0[12]|turtle-eval-bad-0[1-4]|turtle-syntax-bad-ln|turtle-syntax-bad-number-dot-in-anon|turtle-syntax-ln-colons|turtle-syntax-ns-dots|IRI-resolution-0[127])"
  • spec-1-2npm run spec-1-2-turtle && npm run spec-1-2-ntriples && npm run spec-1-2-nquads && npm run spec-1-2-trig
  • spec-1-2-earlnpm run spec-1-2-earl-turtle && npm run spec-1-2-earl-ntriples && npm run spec-1-2-earl-nquads && npm run spec-1-2-earl-trig
  • spec-1-2-earl-nquadsrdf-test-suite spec/parser.cjs https://w3c.github.io/rdf-tests/rdf/rdf12/rdf-n-quads/syntax/manifest.ttl -i '{ "format": "n-quads" }' -c .rdf-test-suite-cache/ -o earl -p spec/earl-meta.json > spec/earl-nquads.ttl
  • spec-1-2-earl-ntriplesrdf-test-suite spec/parser.cjs https://w3c.github.io/rdf-tests/rdf/rdf12/rdf-n-triples/syntax/manifest.ttl -i '{ "format": "n-triples" }' -c .rdf-test-suite-cache/ -o earl -p spec/earl-meta.json > spec/earl-ntriples.ttl
  • spec-1-2-earl-trigrdf-test-suite spec/parser.cjs https://w3c.github.io/rdf-tests/rdf/rdf12/rdf-trig/syntax/manifest.ttl -i '{ "format": "trig" }' -c .rdf-test-suite-cache/ -o earl -p spec/earl-meta.json > spec/earl-trig.ttl
  • spec-1-2-earl-turtlerdf-test-suite spec/parser.cjs https://w3c.github.io/rdf-tests/rdf/rdf12/rdf-turtle/syntax/manifest.ttl -i '{ "format": "turtle" }' -c .rdf-test-suite-cache/ -o earl -p spec/earl-meta.json > spec/earl-turtle.ttl
  • …and 7 more.
Dependencies1
  • @rdfjs/types^2.0.1