Plausible version number evasion

Wave 3 packages use version numbers that resemble genuine mature-project releases (6.4.8, 6.4.9, 7.1.7) rather than anomalous strings (99.99.99, 5.7.1) used in Waves 1 and 2. The packages jump directly to these versions with no prior history, which remains a weak signal, but the version numbers themselves do not trigger version-anomaly heuristics common in OSS security tooling.