-= Per source details. Do not edit below this line.=-
The package capacitor-plugin-service-worker was found to contain malicious code.
The OpenSSF Package Analysis project identified 'capacitor-plugin-service-worker' @ 100.0.0 (npm) as malicious.
It is considered malicious because:
{
"malicious-packages-origins": [
{
"sha256": "3f28ba8fd7638915ed1060990ac5bbe779c131ee7453a155248a2f5d9d8c8e53",
"import_time": "2026-05-04T16:39:00.007598101Z",
"modified_time": "2026-05-04T16:15:46Z",
"source": "ossf-package-analysis",
"versions": [
"100.0.0"
]
},
{
"sha256": "aa55f7d30d38d7e0c527b9205044ad39277fc98c6d2ed056e55edbe539c2dcb3",
"import_time": "2026-05-04T16:39:00.178261635Z",
"modified_time": "2026-05-04T16:30:52Z",
"source": "ossf-package-analysis",
"versions": [
"100.2.0"
]
},
{
"sha256": "36f1958d8bc44724a00d45b291983ad836dc2f28370c27f83c76f7bf1780bd4b",
"import_time": "2026-05-12T07:28:49.610150366Z",
"modified_time": "2026-05-12T06:53:21Z",
"source": "amazon-inspector",
"versions": [
"100.0.0",
"100.2.0"
]
}
]
}