Severity
High
Description
Contains a dependency which resolves to a remote HTTP URL which could be used to inject untrusted code and reduce overall package reliability.
Suggestion
Publish the HTTP URL dependency to npm or a private package repository and consume it from there.
Packages with this alert
第三方上传SDK,支持aws、qiniu等
This is a parser for the NPX file format that µPad uses
app资源离线管理定制版,配合osm系统,进行版本更新
Expo starter template with TypeScript.
setup automated semver compliant package publishing
Provides methods to easily access the files in "video-testdata"
A react component to render network graphs using vis.js
An HTML 5 Player for Vistar Media assets.
This template should help get you started developing with Vue 3 and TypeScript in Vite. The template uses Vue 3 `<script setup>` SFCs, check out the [script setup docs](https://v3.vuejs.org/api/sfc-script-setup.html#sfc-script-setup) to learn more.