Exciting news!Announcing our $4.6M Series Seed. Learn more
Socket
LoveBlogFAQ
Install
Log in

Filesystem access

Severity

Low

Description

Accesses the file system, and could potentially read sensitive data.

Suggestion

If a package must read the file system, clarify what it will read and ensure it reads only what it claims to. If appropriate, packages can leave file system access to consumers and operate on data passed to it instead.

Packages with this issue

debug

small debugging utility

tootallnate
 published 2.6.9 •

source-map

Generates and consumes source maps

loganfsmyth
 published 0.8.0-beta.0 •

strip-ansi

Strip ANSI escape codes

sindresorhus
 published 2.0.1 •

commander

the complete solution for node.js command-line programs

abetomo
 published 9.2.0 •

locate-path

Get the first path that exists on disk of multiple paths

sindresorhus
 published 7.1.0 •

schema-utils

webpack Validation Utils

michael-ciniawsky
 published 1.0.0 •

yargs-parser

the mighty option parser used by yargs

oss-bot
 published 21.0.1 •

yargs

yargs the modern, pirate-themed, successor to optimist.

oss-bot
 published 17.5.1 •

rimraf

A deep deletion module for node (like `rm -rf`)

isaacs
 published 3.0.2 •

postcss

Tool for transforming styles with JS plugins

ai
 published 8.4.14 •
Socket

Product

NPM Packages

About

Subscribe to our newsletter

Get open source security insights delivered straight into your inbox. Be the first to learn about new features and product updates.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc