Big update!Introducing GitHub Bot Commands. Learn more
Socket
BlogLoveLog in
Book a demo

Filesystem access

Severity

Low

Description

Accesses the file system, and could potentially read sensitive data.

Suggestion

If a package must read the file system, clarify what it will read and ensure it reads only what it claims to. If appropriate, packages can leave file system access to consumers and operate on data passed to it instead.

Packages with this issue

wpm-webiste-performance-monitoring

Website Performance Monitoring (WPM) is a Puppeteer-based library developed in order to monitor the performance of a website using WebVitals scores (like Lighthouse).

duclearc
 published 1.0.1 •

debug

small debugging utility

tootallnate
 published 2.6.9 •

source-map

Generates and consumes source maps

loganfsmyth
 published 0.8.0-beta.0 •

strip-ansi

Strip ANSI escape codes

sindresorhus
 published 2.0.1 •

commander

the complete solution for node.js command-line programs

abetomo
 published 9.4.0 •

locate-path

Get the first path that exists on disk of multiple paths

sindresorhus
 published 7.1.1 •

glob

a little globber

isaacs
 published 8.0.3 •

schema-utils

webpack Validation Utils

michael-ciniawsky
 published 1.0.0 •

yargs-parser

the mighty option parser used by yargs

oss-bot
 published 21.1.1 •

yargs

yargs the modern, pirate-themed, successor to optimist.

oss-bot
 published 17.5.1 •
2345
1272Next
Socket

Product

About

NPM Packages

Subscribe to our newsletter

Get open source security insights delivered straight into your inbox. Be the first to learn about new features and product updates.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc