Severity
Medium
Description
Contains native code which could be a vector to obscure malicious code, and generally decrease the likelihood of reproducible or reliable installs.
Suggestion
Ensure that native code bindings are expected. Consumers may consider pure JS and functionally similar alternatives to avoid the challenges and risks associated with native code bindings.
Packages with this alert
An example Node.js native module
Dectecting key events with Node.js
(request|cancel)AnimationFrame analog for the desktop
GOTHIC Pocket installer!
Appium WebdriverIO Starter Boilerplate for NodeJS with Mocha. Test your mobile apps with ease!
Native APM agent for the Application Insights Node.js SDK