Trust signals
Why this verdict
PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.
- Versions published
- 376Mature · −50% score
- First published
- Aug 2014
- Publisher
- swagger-api
Effective trust discount applied: −50% (max across signals — discounts don’t stack). New install-lifecycle deltas vs the previous release would clear the discount.
Recommended action
Looks clean — keep monitoringNo high-signal indicators in the stored static report. PkgRadar will re-check on the next ingest pass.
Block this release in CIcurl · GitHub Actions
Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.
curl -fsS https://pkgradar.com/gate/npm \
-H "Authorization: Bearer $PKGRADAR_TOKEN" \
-H "Content-Type: application/json" \
-d '{"specs":["[email protected]"],"fail_on":"review"}'GitHub Actions step:
- name: PkgRadar gate
run: |
curl -fsS https://pkgradar.com/gate/npm \
-H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
-H "Content-Type: application/json" \
-d '{"specs":["[email protected]"],"fail_on":"review"}'Why flagged
What the scanner saw
Large Javascript Payload: 6036673 bytes
Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.
Availability ledger
available
Status history (1 event)
- new → available · risk low · score 0 · status changed
Evidence
Static findings
3 static · 0 from release diff · showing high-signal first.
No high-signal findings — see all findings below.
Show all 3 findings (low-signal and informational)
| Severity | Kind | Path | Detail | Points |
|---|---|---|---|---|
| low | Large Javascript Payload | package/dist/esm/apidom.worker.js | 6036673 bytes | 0 |
| low | Large Javascript Payload | package/dist/umd/apidom.worker.js | 5229928 bytes | 0 |
| low | Large Javascript Payload | package/dist/umd/swagger-editor.js | 15968530 bytes | 0 |
Manifest
Package metadata
Scripts23
buildnpm run build:app && npm run build:bundle:esm && npm run build:bundle:umd && npm run build:definitionsbuild:appcross-env NODE_OPTIONS=--max_old_space_size=8192 vite build --config vite.config.app.jsbuild:app:servevite preview --outDir build --port 3050build:bundle:esmrimraf ./dist/esm && cross-env NODE_OPTIONS=--max_old_space_size=4096 node vite/scripts/build-bundle-esm.js && rimraf ./dist/esm/swagger-editor.css*build:bundle:umdrimraf ./dist/umd ./dist/swagger-editor.css && cross-env NODE_OPTIONS=--max_old_space_size=4096 node vite/scripts/build-bundle-umd.js && copyfiles -u 2 ./dist/umd/swagger-editor.css ./dist && rimraf ./dist/umd/swagger-editor.cssbuild:definitionstsc -p tsconfig.jsoncleanrimraf ./build ./distlink:apidomnpm link @swagger-api/apidom-ast @swagger-api/apidom-core @swagger-api/apidom-error @swagger-api/apidom-json-path @swagger-api/apidom-json-pointer @swagger-api/apidom-ls @swagger-api/apidom-ns-api-design-systems @swagger-api/apidom-ns-asyncapi-2 @swagger-api/apidom-ns-json-schema-draft-4 @swagger-api/apidom-ns-json-schema-draft-6 @swagger-api/apidom-ns-json-schema-draft-7 @swagger-api/apidom-ns-openapi-2 @swagger-api/apidom-ns-openapi-3-0 @swagger-api/apidom-ns-openapi-3-1 @swagger-api/apidom-ns-openapi-3-2 @swagger-api/apidom-ns-openapi-3-2 @swagger-api/apidom-parser-adapter-api-design-systems-json @swagger-api/apidom-parser-adapter-api-design-systems-yaml @swagger-api/apidom-parser-adapter-asyncapi-json-2 @swagger-api/apidom-parser-adapter-asyncapi-yaml-2 @swagger-api/apidom-parser-adapter-json @swagger-api/apidom-parser-adapter-openapi-json-2 @swagger-api/apidom-parser-adapter-openapi-json-3-0 @swagger-api/apidom-parser-adapter-openapi-json-3-1 @swagger-api/apidom-parser-adapter-openapi-json-3-2 @swagger-api/apidom-parser-adapter-openapi-yaml-2 @swagger-api/apidom-parser-adapter-openapi-yaml-3-0 @swagger-api/apidom-parser-adapter-openapi-yaml-3-1 @swagger-api/apidom-parser-adapter-openapi-yaml-3-2 @swagger-api/apidom-parser-adapter-yaml-1-2 @swagger-api/apidom-parser @swagger-api/apidom-referencelink:apidom-lsnpm link @swagger-api/apidom-lslinteslint . --ext .jsx,.js,.tsx,.tslint:fixeslint . --ext .jsx,.js,.tsx,.ts --fixpw:ciplaywright testpw:dev:servercross-env ENABLE_PROGRESS_PLUGIN=false vite --port 3000pw:installplaywright install --with-deps chromiumpw:reportplaywright show-report test/playwright/reportpw:testplaywright testpw:test:debugplaywright test --debugpw:test:headedplaywright test --headedpw:test:uiplaywright test --uistartcross-env DISABLE_ESLINT_PLUGIN=false ENABLE_PROGRESS_PLUGIN=true vitetestvitesttest:coveragevitest run --coveragetest:runvitest run
Dependencies61
@asyncapi/avro-schema-parser3.0.24@asyncapi/openapi-schema-parser3.0.24@asyncapi/parser3.6.0@asyncapi/protobuf-schema-parser3.6.0@asyncapi/react-component3.1.1@codingame/monaco-vscode-api=31.0.1@emotion/react^11.14.0@emotion/styled^11.14.0@mui/material^5.16.9@primer/octicons-react^19.15.2@swagger-api/apidom-core1.11.1@swagger-api/apidom-json-pointer1.11.1@swagger-api/apidom-ls1.11.1@swagger-api/apidom-ns-api-design-systems1.11.1@swagger-api/apidom-ns-openapi-21.11.1@swagger-api/apidom-ns-openapi-3-01.11.1@swagger-api/apidom-ns-openapi-3-11.11.1@swagger-api/apidom-ns-openapi-3-21.11.1@swagger-api/apidom-parser-adapter-api-design-systems-json1.11.1@swagger-api/apidom-parser-adapter-api-design-systems-yaml1.11.1@swagger-api/apidom-parser-adapter-asyncapi-json-21.11.1@swagger-api/apidom-parser-adapter-asyncapi-yaml-21.11.1@swagger-api/apidom-parser-adapter-json1.11.1@swagger-api/apidom-parser-adapter-openapi-json-21.11.1@swagger-api/apidom-parser-adapter-openapi-json-3-01.11.1@swagger-api/apidom-parser-adapter-openapi-json-3-11.11.1@swagger-api/apidom-parser-adapter-openapi-json-3-21.11.1@swagger-api/apidom-parser-adapter-openapi-yaml-21.11.1@swagger-api/apidom-parser-adapter-openapi-yaml-3-01.11.1@swagger-api/apidom-parser-adapter-openapi-yaml-3-11.11.1- …and 31 more.