Summary

Few published versions is not enough to classify as malware, especially given the reputable project behind the package. No strong evidence.

Verification Record

No verification record available.

Details

The provided evidence suggests the package has few published versions. While this could indicate a problem, it is not sufficient to classify the package as malware. Many legitimate packages have few versions, especially if they are relatively new or have a limited scope. The project definitelytyped has a large number of stars and forks, increasing the likelihood that this package is legitimate. Without stronger evidence, it's not possible to conclude that this package is malicious.

View Full Report

Summary

Few published versions is not enough to classify as malware, especially given the reputable project behind the package. No strong evidence.

Verification Record

No verification record available.

Details

View Full Report

@types/deep-eql@4.0.2Clean

Analysed at: 6/6/25, 11:25 AM

Source: https://github.com/definitelytyped/definitelytyped

SHA256: b63d185ff2cd2223bd6962b12b10342df4c5a4c25fd20017d2d9f335c35f3607

Confidence: Medium

Version

4.0.2

Vulnerabilities

OpenSSF Scorecard

6.6/10

License

MIT

Ecosystem

npm