// npm 패키지
@antv/dumi-theme-antv
AntV website theme based on dumi2.
버전
139
메인테이너
52
라이선스
MIT
최초 publish
2022-04-08
publisher
GitHub Actions
tarball
2,518,012 B
AUTO-PUBLISHED·1개 버전 인덱싱됨·최근 publish: 2026-04-16
// publisher 캠페인by GitHub Actions
이 계정에서 catch된 패키지 5건고립된 catch가 아닙니다. 동일 publisher가 4개의 다른 패키지를 추가로 발행했고, 모두 파이프라인이 catch했습니다 — 일회성이 아닌 조직적 캠페인의 형태. 아래 링크는 각 형제 catch의 분석으로 이동합니다.
// offending code· @0.8.4· no static-pattern hits
llm: benign · 0.85→ 의심 전송지 없음, 원격 실행 형태 없음 — 3 known-vendor host(s), 2 other host(s).
- @0.8.4··AUTO-PUBLISHED·publisher: GitHub Actionsheuristic 75/100static flags 0llm benign (0.85) via ollamamature-packageosv-flagged:MAL-2026-3874
→ 의심 전송지 없음, 원격 실행 형태 없음 — 3 known-vendor host(s), 2 other host(s).
// offending code· no static-pattern hits
--- package.json (entry) --- { "name": "@antv/dumi-theme-antv", "version": "0.8.4", "description": "AntV website theme based on dumi2.", "keywords": [ "dumi", "dumi-theme", "dumi-theme-antv" ], "homepage": "https://github.com/antvis/dumi-theme-antv#readme", "bugs": { "url": "https://github.com/antvis/dumi-theme-antv/issues" }, "repository": { "type": "git", "url": "https://github.com/antvis/dumi-theme-antv" }, "license": "MIT", "types": "dist/types.d.ts", "files": [ "dist" ], "commitlint": { "extends": [ "@commitlint/config-conventional" ] }, "lint-staged": { "*.{md,json}": [ "prettier --write --no-error-on-unmatched-pattern" ], "*.{css,less}": [ "stylelint --fix", "prettier --write" ], "*.{js,jsx}": [ "eslint --fix", "prettier --write" ], "*.{ts,tsx}": [ "eslint --fix", "prettier --parser=typescript --write" ] }, "dependencies": { "@ai-sdk/openai": "^2.0.59", "@ai-sdk/react": "^2.0.86", "@ant-design/cssinjs": "^1.23.0", "@ant-design/icons": "^4.8.3", "@ant-design/pro-components": "^2.8.7", "@ant-design/x": "^1.6.1", "@babel/plugin --- index.js (entry) --- export function isUUID(str) { if (typeof str !== 'string') { return false; } var regex = /^[0-9a-f]{8}-[0-9a-f]{4}-4[0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i; return regex.test(str); } --- bundled output (OSV-MAL flagged — LLM scope expansion) --- --- dist/context.js (bundled) --- import { createContext } from 'react'; export var ThemeAntVContext = /*#__PURE__*/createContext({}); --- dist/types.js (bundled) --- export {}; --- dist/typings.d.ts (bundled) --- declare module '*.jpg' { const content: string; export default content; } declare module '*.png' { const content: string; export default content; } declare module '*.json' { const content: string; export default content; } declare module '*.module.less' { const classes: any; export default classes; } declare module '*.less' { const content: any; export default content; } declare module '*.svg' { const content: any; export default content; } /** * 由构建工具注入的包版本号。 * @see fatherrc.ts */ declare const __PACKAGE_VERSION__: string; --- dist/utils/analytics.js (bundled) --- /** * 统一的事件跟踪函数 * @param {string} eventName - 事件名称,如 'button_click' * @param {object} params - 事件相关的参数 */ export var trackEvent = function trackEvent(eventName) { var params = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {}; if (typeof window === 'undefined') { return false; } if (window.gtag) { window.gtag('event', eventName, params); } else { console.warn('[Analytics] gtag is not available.'); } }; --- dist/utils/code.js (bundled) --- function _typeof(o) { "@babel/helpers - typeof"; return _typeof = "function" == typeof Symbol && "symbol" == typeof Symbol.iterator ? function (o) { return typeof o; } : function (o) { return o && "function" == typeof Symbol && o.constructor === Symbol && o !== Symbol.prototype ? "symbol" : typeof o; }, _typeof(o); } function _wrapRegExp() { _wrapRegExp = function _wrapRegExp(e, r) { return new BabelRegExp(e, void 0, r); }; var e = RegExp.prototype, r = new WeakMap(); function BabelRegExp(e, t, p) { var o = new RegExp(e, t); return r.set(o, p || r.get(e)), _setPrototypeOf(o, BabelRegExp.prototype); } function buildGroups(e, t) { var p = r.get(t); return Object.keys(p).reduce(function (r, t) { var o = p[t]; if ("number" == typeof o) r[t] = e[o];else { for (var i = 0; void 0 === e[o[i]] && i + 1 < o.length;) i++; r[t] = e[o[i]]; } return r; }, Object.create(null)); } return _inherits(BabelRegExp, RegExp), BabelRegExp.prototype.exec = function (r) { var t = e.exec.call(this, r); if (t) { t.groups = buildGroups(t, this); var p = t.indices; p && (p.groups = buildGroups(p, this)); } return t; }, BabelRegExp.prototype[Symbol.replace] = function (t, p) { if ("string" == typeof p) { var o = r.get(this); return e[Symbol.replace].call(this, t, p.replace(/\$<([^>]+)>/g, function (e, r) { var t = o[r]; return "$" + (Array.isArray(t) ? t.join("$") : t); })); } if ("function" == typeof p) { var i = this; return e[Symbol.replace].call(this, t, function () { var e = arguments; return "object" != _typeof(e[e.length - 1]) && (e = [].slice.call(e)).push(buildGroups(e, i)), p.apply(this, e); }); } return e[Symbol.replace].call(this, t, p); }, _wrapRegExp.apply(this, arguments); } function _inherits(subClass, superClass) { if (typeof superClass !== "function" && superClass !== null) { throw new TypeError("Super expression must either be null or a function"); } subClass.prototype = Object.create(superClass && superClass.prototype, { constructor: { value: subClass, writable: true, configur --- dist/utils/env.js (bundled) --- // 判断是否在浏览器环境 export var isBrowser = function isBrowser() { return typeof window !== 'undefined' && window; }; // 安全访问浏览器 API // eslint-disable-next-line no-unused-vars export var safeWindow = function safeWindow(fn) { if (isBrowser()) return fn(window); return undefined; }; /** * 环境类型枚举 */ /** * 获取当前环境类型 * @returns {EnvType} 当前环境类型 */ export var getEnv = function getEnv() { // 服务端环境默认返回生产环境 if (typeof window === 'undefined') { return 'prod'; } var hostname = window.location.hostname; // 生产环境 if (hostname.endsWith('antv.antgroup.com')) { return 'prod'; } // 预发环境 if (hostname.endsWith('-pre.alipay.com')) { return 'pre'; } // 本地环境 if (hostname.endsWith('.alipay.net')) { return 'dev'; } // 默认返回生产环境 return 'prod'; }; /** * 根据当前环境动态获取 API 的 baseURL。 * 在浏览器中,它会根据域名判断;在服务端,它会返回一个固定的生产环境地址。 * @returns {string} API 的 baseURL */ export var getBaseURL = function getBaseURL() { var env = getEnv(); switch (env) { case 'dev': return 'https://weavefox.alipay.net:8443'; case 'pre': return 'https://prepub.weavefox.cn'; case 'prod': default: return 'https://www.weavefox.cn'; } }; export var getBaseSiteDataUrl = function getBaseSiteDataUrl() { var env = getEnv(); switch (env) { case 'dev': case 'pre': return 'https://site-data-pre.alipay.com'; case 'prod': default: return 'https://assets.antv.antgroup.com'; } }; --- dist/utils/github.js (bundled) --- function _typeof(o) { "@babel/helpers - typeof"; return _typeof = "function" == typeof Symbol && "symbol" == typeof Symbol.iterator ? function (o) { return typeof o; } : function (o) { return o && "function" == typeof Symbol && o.constructor === Symbol && o !== Symbol.prototype ? "symbol" : typeof o; }, _typeof(o); } function _regeneratorRuntime() { "use strict"; /*! regenerator-runtime -- Copyright (c) 2014-present, Facebook, Inc. -- license (MIT): https://github.com/facebook/regenerator/blob/main/LICENSE */ _regeneratorRuntime = function _regeneratorRuntime() { return e; }; var t, e = {}, r = Object.prototype, n = r.hasOwnProperty, o = Object.defineProperty || function (t, e, r) { t[e] = r.value; }, i = "function" == typeof Symbol ? Symbol : {}, a = i.iterator || "@@iterator", c = i.asyncIterator || "@@asyncIterator", u = i.toStringTag || "@@toStringTag"; function define(t, e, r) { return Object.defineProperty(t, e, { value: r, enumerable: !0, configurable: !0, writable: !0 }), t[e]; } try { define({}, ""); } catch (t) { define = function define(t, e, r) { return t[e] = r; }; } function wrap(t, e, r, n) { var i = e && e.prototype instanceof Generator ? e : Generator, a = Object.create(i.prototype), c = new Context(n || []); return o(a, "_invoke", { value: makeInvokeMethod(t, r, c) }), a; } function tryCatch(t, e, r) { try { return { type: "normal", arg: t.call(e, r) }; } catch (t) { return { type: "throw", arg: t }; } } e.wrap = wrap; var h = "suspendedStart", l = "suspendedYield", f = "executing", s = "completed", y = {}; function Generator() {} function GeneratorFunction() {} function GeneratorFunctionPrototype() {} var p = {}; define(p, a, function () { return this; }); var d = Object.getPrototypeOf, v = d && d(d(values([]))); v && v !== r && n.call(v, a) && (p = v); var g = GeneratorFunctionPrototype.prototype = Generator.prototype = Object.create(p); function defineIteratorMethods(t) { ["next", "throw", "return"].forEach(function (e) { define(t, e, function ( --- dist/utils/index.js (bundled) --- export function isUUID(str) { if (typeof str !== 'string') { return false; } var regex = /^[0-9a-f]{8}-[0-9a-f]{4}-4[0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i; return regex.test(str); } --- dist/utils/location.js (bundled) --- /** * 统一去掉中英文前缀 */ export function getPurePathname(pathname) { return pathname.replace('/zh', '').replace('/en', ''); } --- dist/utils/menu.js (bundled) --- function _toConsumableArray(arr) { return _arrayWithoutHoles(arr) || _iterableToArray(arr) || _unsupportedIterableToArray(arr) || _nonIterableSpread(); } function _nonIterableSpread() { throw new TypeError("Invalid attempt to spread non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method."); } function _iterableToArray(iter) { if (typeof Symbol !== "undefined" && iter[Symbol.iterator] != null || iter["@@iterator"] != null) return Array.from(iter); } function _arrayWithoutHoles(arr) { if (Array.isArray(arr)) return _arrayLikeToArray(arr); } function _createForOfIteratorHelper(o, allowArrayLike) { var it = typeof Symbol !== "undefined" && o[Symbol.iterator] || o["@