Package evidence
[email protected]
Remote Dependency Spec: devDependencies.tree-sitter-ada="git+https://github.com/briot/tree-sitter-ada.git#6b58259a08b1a22ba0247a7ce30be384db618da6"
Trust signals
Why this verdict
PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.
- Weekly downloads
- 265
- Versions published
- 4
- First published
- May 2026
- Publisher
- crysthamus
Recommended action
Review before promotingMixed signals: the package has indicators worth reading before allowing the update in automated dependency flows.
Block this release in CIcurl · GitHub Actions
Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.
curl -fsS https://pkgradar.com/gate/npm \
-H "Authorization: Bearer $PKGRADAR_TOKEN" \
-H "Content-Type: application/json" \
-d '{"specs":["[email protected]"],"fail_on":"review"}'GitHub Actions step:
- name: PkgRadar gate
run: |
curl -fsS https://pkgradar.com/gate/npm \
-H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
-H "Content-Type: application/json" \
-d '{"specs":["[email protected]"],"fail_on":"review"}'Why flagged
What the scanner saw
Remote Dependency Spec: devDependencies.tree-sitter-ada="git+https://github.com/briot/tree-sitter-ada.git#6b58259a08b1a22ba0247a7ce30be384db618da6"
Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.
Availability ledger
available
Status history (1 event)
- new → available · risk review · score 100 · status changed
Evidence
Static findings
43 static · 0 from release diff · showing high-signal first.
Showing 30 of 43 findings.
| Severity | Kind | Path | Detail | Points |
|---|---|---|---|---|
| medium | Remote Dependency Spec | package.json | devDependencies.tree-sitter-ada="git+https://github.com/briot/tree-sitter-ada.git#6b58259a08b1a22ba0247a7ce30be384db618da6" | 8 |
| medium | Remote Dependency Spec | package.json | devDependencies.tree-sitter-asm="git+https://github.com/RubixDev/tree-sitter-asm.git#839741fef4dab5128952334624905c82b40c7133" | 8 |
| medium | Remote Dependency Spec | package.json | devDependencies.tree-sitter-astro="git+https://github.com/virchau13/tree-sitter-astro.git#213f6e6973d9b456c6e50e86f19f66877e7ef0ee" | 8 |
| medium | Remote Dependency Spec | package.json | devDependencies.tree-sitter-bibtex="git+https://github.com/latex-lsp/tree-sitter-bibtex.git#8d04ed27b3bc7929f14b7df9236797dab9f3fa66" | 8 |
| medium | Remote Dependency Spec | package.json | devDependencies.tree-sitter-cairo="git+https://github.com/starkware-libs/tree-sitter-cairo.git#8dcd77dbe7f68b2cc661031dff224dfc17bdbaf4" | 8 |
| medium | Remote Dependency Spec | package.json | devDependencies.tree-sitter-clojure="git+https://github.com/sogaiu/tree-sitter-clojure.git#e43eff80d17cf34852dcd92ca5e6986d23a7040f" | 8 |
| medium | Remote Dependency Spec | package.json | devDependencies.tree-sitter-cmake="git+https://github.com/uyha/tree-sitter-cmake.git#c7b2a71e7f8ecb167fad4c97227c838439280175" | 8 |
| medium | Remote Dependency Spec | package.json | devDependencies.tree-sitter-commonlisp="git+https://github.com/tree-sitter-grammars/tree-sitter-commonlisp.git#32323509b3d9fe96607d151c2da2c9009eb13a2f" | 8 |
| medium | Remote Dependency Spec | package.json | devDependencies.tree-sitter-csv="git+https://github.com/tree-sitter-grammars/tree-sitter-csv.git#f6bf6e35eb0b95fbadea4bb39cb9709507fcb181" | 8 |
| medium | Remote Dependency Spec | package.json | devDependencies.tree-sitter-d="git+https://github.com/gdamore/tree-sitter-d.git#8bcb13dbddf16ca44a42f8e98e8cf3d86b2b2e48" | 8 |
| medium | Remote Dependency Spec | package.json | devDependencies.tree-sitter-desktop="git+https://github.com/ValdezFOmar/tree-sitter-desktop.git#954da7259e0f6c3bb4f811fddce11eb5ac94d9f6" | 8 |
| medium | Remote Dependency Spec | package.json | devDependencies.tree-sitter-diff="git+https://github.com/tree-sitter-grammars/tree-sitter-diff.git#2520c3f934b3179bb540d23e0ef45f75304b5fed" | 8 |
| medium | Remote Dependency Spec | package.json | devDependencies.tree-sitter-dockerfile="git+https://github.com/camdencheek/tree-sitter-dockerfile.git#971acdd908568b4531b0ba28a445bf0bb720aba5" | 8 |
| medium | Remote Dependency Spec | package.json | devDependencies.tree-sitter-editorconfig="git+https://github.com/ValdezFOmar/tree-sitter-editorconfig.git#9d843ad4cf118e007792de26d7f173c670a4fbd6" | 8 |
| medium | Remote Dependency Spec | package.json | devDependencies.tree-sitter-erlang="git+https://github.com/WhatsApp/tree-sitter-erlang.git#e446ec60022a7cafe157805742b41c04b499cc5d" | 8 |
| medium | Remote Dependency Spec | package.json | devDependencies.tree-sitter-fish="git+https://github.com/ram02z/tree-sitter-fish.git#f435b0bd772578c70e5d158b85267bb886316f88" | 8 |
| medium | Remote Dependency Spec | package.json | devDependencies.tree-sitter-gdshader="git+https://github.com/airblast-dev/tree-sitter-gdshader.git#68268631c8b6dc093985f1246b099f81b30ea7d1" | 8 |
| medium | Remote Dependency Spec | package.json | devDependencies.tree-sitter-git-config="git+https://github.com/the-mikedavis/tree-sitter-git-config.git#0fbc9f99d5a28865f9de8427fb0672d66f9d83a5" | 8 |
| medium | Remote Dependency Spec | package.json | devDependencies.tree-sitter-git-rebase="git+https://github.com/the-mikedavis/tree-sitter-git-rebase.git#32686d6b72980b36f876ae2d07719c9c3ed154e2" | 8 |
| medium | Remote Dependency Spec | package.json | devDependencies.tree-sitter-gitignore="git+https://github.com/shunsambongi/tree-sitter-gitignore.git#f4685bf11ac466dd278449bcfe5fd014e94aa504" | 8 |
| medium | Remote Dependency Spec | package.json | devDependencies.tree-sitter-gleam="git+https://github.com/gleam-lang/tree-sitter-gleam.git#4e4643c2215c2b2343d9ec179c798818c132c9cc" | 8 |
| medium | Remote Dependency Spec | package.json | devDependencies.tree-sitter-graphql="git+https://github.com/joowani/tree-sitter-graphql.git#df5b88d1d24dcfc02e64919d2d20491359abe4c8" | 8 |
| medium | Remote Dependency Spec | package.json | devDependencies.tree-sitter-groovy="git+https://github.com/murtaza64/tree-sitter-groovy.git#deb0dcf8c4544f07564060f6e9b9f6e4b0bfc27d" | 8 |
| medium | Remote Dependency Spec | package.json | devDependencies.tree-sitter-ini="git+https://github.com/justinmk/tree-sitter-ini.git#e4018b5176132b4f3c5d6e61cea383f42288d0f5" | 8 |
| medium | Remote Dependency Spec | package.json | devDependencies.tree-sitter-jq="git+https://github.com/flurie/tree-sitter-jq.git#c204e36d2c3c6fce1f57950b12cabcc24e5cc4d9" | 8 |
| medium | Remote Dependency Spec | package.json | devDependencies.tree-sitter-julia="git+https://github.com/tree-sitter/tree-sitter-julia.git#e0f9dcd180fdcfcfa8d79a3531e11d99e79321d3" | 8 |
| medium | Remote Dependency Spec | package.json | devDependencies.tree-sitter-just="git+https://github.com/casey/tree-sitter-just.git#5685543a6e64f66335e25518c9ae8ffa1dae3d01" | 8 |
| medium | Remote Dependency Spec | package.json | devDependencies.tree-sitter-kdl="git+https://github.com/tree-sitter-grammars/tree-sitter-kdl.git#b37e3d58e5c5cf8d739b315d6114e02d42e66664" | 8 |
| medium | Remote Dependency Spec | package.json | devDependencies.tree-sitter-latex="git+https://github.com/latex-lsp/tree-sitter-latex.git#7e0ecdc02926c7b9b2e0c76003d4fe7b0944f957" | 8 |
| medium | Remote Dependency Spec | package.json | devDependencies.tree-sitter-liquid="git+https://github.com/hankthetank27/tree-sitter-liquid.git#e45dbac8c5fa95b1f0e00e7e0c04bc8855823391" | 8 |
Manifest
Package metadata
Scripts2
buildnode build.jstestecho "WASM binaries verified during build." && exit 0