@depup/nestjs__common@11.1.18
A trojanized fork of the official @nestjs/common package published under the @depup scope. Identical to the real package except for an injected phantom dependency 'file-type' not present in the original NestJS package. This phantom dependency can contain arbitrary code that executes when the package is installed. Developers who install @depup/nestjs__common thinking it's a legitimate NestJS variant get the trojanized version with the hidden payload.
@depup/nestjs__common@11.1.18-depup.0 is a fork of the legitimate @nestjs/common package that injects a phantom dependency file-type@^22.0.0 which never existed in the original. The file-type dep pulls in suspicious sub-dependencies (@tokenizer/inflate, token-types). The package impersonates the official NestJS repository, using the real github.com/nestjs/nest.git as its repo URL. Same attacker pattern as the @depup/miniflare Cloudflare impersonation campaign.
| Field | Value |
|---|---|
| Name | @depup/nestjs__common |
| Version | 11.1.18-depup.0 |
| Claimed Author | Kamil Mysliwiec (the real NestJS creator) |
| Actual Maintainer | chiefmikey (wolfemikl@gmail.com) |
| Repository | github.com/nestjs/nest.git (impersonation of real repo) |
| Original Package | @nestjs/common@11.1.18 |
| License | MIT |
| Published | 2026-04-03 |
| Risk Score | 135 (filter: 45, scanner: 90) |
The @depup namespace presents itself as a dependency update service that forks popular packages and "updates their dependencies." In reality, it injects dependencies that never existed in the original package, creating a supply chain injection vector disguised as a helpful upgrade.
The original @nestjs/common@11.1.18 does not depend on file-type. This fork adds it:
"dependencies": {
"file-type": "^22.0.0", // INJECTED — not in original
"iterare": "1.2.1", // original
"load-esm": "1.0.3", // original
"tslib": "2.8.1", // original
"uid": "2.0.2" // original
}
The file-type package is never imported in any source file in the extracted package. It exists solely to be pulled into node_modules on install.
The phantom file-type dep depends on @tokenizer/inflate and token-types, which are flagged as suspicious packages. These transitive dependencies execute on install and can contain arbitrary code.
The package.json claims the official NestJS repository:
"repository": {
"type": "git",
"url": "https://github.com/nestjs/nest.git",
"directory": "packages/common"
}
This is the real NestJS repo URL, making it appear legitimate. The package.json also credits "Kamil Mysliwiec" (the actual NestJS author) as the author.
Scanner detected pkg_repo_mismatch: package name @depup/nestjs__common does not match the claimed repository name nest. This is a strong indicator of impersonation.
depup MetadataThe package includes a depup field designed to look like an automated upgrade:
"depup": {
"changes": { "file-type": { "from": "21.3.4", "to": "^22.0.0" } },
"originalPackage": "@nestjs/common",
"originalVersion": "11.1.18",
"smokeTest": "passed"
}
This is entirely fabricated. The original @nestjs/common never had file-type at any version. The "from" version 21.3.4 is a lie to make the "upgrade" look routine.
"keywords": ["@nestjs/common", "depup", "updated-dependencies", "security", "latest", "patched"]
Keywords like "security", "patched", and "latest" are designed to lure developers searching for secure versions of NestJS.
utils/load-package.util.js line 9 uses a dynamic require:
return loaderFn ? loaderFn() : require(packageName);
While this exists in the original NestJS source, combined with the phantom dependency injection, it provides a mechanism for loading injected code at runtime.
This package is part of the broader @depup campaign by chiefmikey:
file-type| Technique | ID | Evidence |
|---|---|---|
| Supply Chain Compromise: Compromise Software Dependencies | T1195.001 | Phantom file-type dependency injected into NestJS fork |
| Masquerading: Match Legitimate Name or Location | T1036.005 | Uses real NestJS repo URL and author name |
| Trusted Developer Utilities Proxy Execution | T1127 | Leverages npm dependency resolution to pull malicious deps |
| Supply Chain Compromise: Compromise Software Supply Chain | T1195.002 | Fork-and-inject attack on popular framework |
| Subvert Trust Controls | T1553 | Fabricated "depup" metadata to appear as automated security update |
Malicious — Dependency Injection via Fork Impersonation. The package masquerades as an updated version of @nestjs/common while injecting a phantom dependency with suspicious transitive dependencies. The use of the real NestJS repository URL and author name is deliberate impersonation. Part of a multi-package campaign targeting popular frameworks.
npm uninstall @depup/nestjs__common
# Install the real package instead:
npm install @nestjs/common