Severity
Medium
Description
Contains native code which could be a vector to obscure malicious code, and generally decrease the likelihood of reproducible or reliable installs.
Suggestion
Ensure that native code bindings are expected. Consumers may consider pure JS and functionally similar alternatives to avoid the challenges and risks associated with native code bindings.
Packages with this alert
Synchronous exec with a cool twist. Zesty like lemon lime.
AminoGfx implementation for OpenGL 2 / OpenGL ES 2
Calculation library for the Department of Energy Advanced Manufacturing Office (DOE AMO) suite of tools
An example Node.js native module
A Node.js LevelDB binding, primary backend for LevelUP