# Install anti-trojan-source with npm

Detect trojan source attacks that employ unicode bidi attacks to inject malicious code. Version 1.11.4 via npm; verified 2026-06-14.

## Install

```sh
sudo av install npm:anti-trojan-source
```

Additional install commands:

### Portable and language managers

- npm (100%):

```sh
npm install -g anti-trojan-source
```

  Evidence: local npm package metadata

## Package facts

- **Package key:** npm:anti-trojan-source
- **Package manager:** npm
- **Package manager page:** <https://www.npmjs.com/package/anti-trojan-source>
- **Version:** 1.11.4
- **Source summary:** Detect trojan source attacks that employ unicode bidi attacks to inject malicious code
- **Homepage:** <https://github.com/lirantal/anti-trojan-source>
- **Repository:** <https://github.com/lirantal/anti-trojan-source>
- **Upstream docs:** <https://github.com/lirantal/anti-trojan-source>
- **License:** Apache-2.0
- **Source archive:** <https://registry.npmjs.org/anti-trojan-source/-/anti-trojan-source-1.11.4.tgz>
- **Issue tracker:** <https://github.com/lirantal/anti-trojan-source/issues>
- **Published:** 2026-06-14T19:26:05.785Z
- **Last updated:** 2026-06-14T19:26:05.785Z
- **Generated:** 2026-07-08T18:08:21+00:00

## Executables

- anti-trojan-source (cli)
- anti-trojan-source (alias)

## Dependencies

- globby
- meow

## Build dependencies

- @babel/core
- @babel/eslint-parser
- @babel/plugin-syntax-top-level-await
- @commitlint/cli
- @commitlint/config-conventional
- @semantic-release/changelog
- @semantic-release/commit-analyzer
- @semantic-release/git
- @semantic-release/github
- @semantic-release/npm
- @semantic-release/release-notes-generator
- eslint
- eslint-plugin-jest
- eslint-plugin-node
- eslint-plugin-security
- eslint-plugin-standard
- husky
- jest
- lint-staged
- lockfile-lint
- open-cli
- prettier
- rollup
- semantic-release

## Install behavior

- Post-install hook: not defined
- Bottle: not available

## Freshness

- Page generated: 2026-07-08
- Package-manager version: 1.11.4
- Package-manager updated: 2026-06-14
- Local data: ok
- Upstream repository: https://github.com/lirantal/anti-trojan-source
- info: No cached GitHub release or tag data was available.

## Security Notes

No matching local secret-handling manifest was found for anti-trojan-source. Nucleus package metadata is still published here so future coverage has a stable package URL.


## Source Database Details

- **Source Database:** npm registry
- **Dist Tags:** Latest: 1.11.4
- **Version Count:** 28
- **Maintainers:** lirantal, lirantal_bot
- **Author:** Liran Tal
- **Publisher:** GitHub Actions
- **Engines:** Node: >=24.0.0, npm: >=11.10.0
- **Integrity:** sha512-cyt49G22WWo3zGAwikkMKubiDvDza6IRlMu3jf6HBz33Vo7lCsJi1XUxMvFaPtxpadBp1HAvZPqRPsiHKAfp9w==
- **Shasum:** 85fb602abc2f364879b0395c2db7232e7e235102
- **Unpacked Size:** 94,842
- **File Count:** 0
- **Created At:** 2021-11-05T14:38:37.755Z
- **Latest Published At:** 2026-06-14T19:26:05.785Z
- **Modified At:** 2026-06-14T19:26:06.078Z


## Related links

- [Security and crypto packages](https://www.automicvault.com/pkg/security-crypto-tools/) - Matched curated package taxonomy and local package facts.
- [auditjs](https://www.automicvault.com/pkg/npm/auditjs/) - Security-sensitive metadata or terminology overlaps. Shared terms: cli, http, npm, scanning, security.
- [better-npm-audit](https://www.automicvault.com/pkg/npm/better-npm-audit/) - Security-sensitive metadata or terminology overlaps. Shared terms: cli, http, npm, scanning, security.
- [audit-ci](https://www.automicvault.com/pkg/npm/audit-ci/) - Security-sensitive metadata or terminology overlaps. Shared terms: cli, http, npm, scanning, security.

## Sources

- Nucleus package database
- package-page enrichment
- package version freshness
- av.db category and tag curation
- package relationship graph
- cross-ecosystem install command graph
