Severity
Medium
Description
Contains native code which could be a vector to obscure malicious code, and generally decrease the likelihood of reproducible or reliable installs.
Suggestion
Ensure that native code bindings are expected. Consumers may consider pure JS and functionally similar alternatives to avoid the challenges and risks associated with native code bindings.
Packages with this alert
GOTHIC Pocket installer!
Appium WebdriverIO Starter Boilerplate for NodeJS with Mocha. Test your mobile apps with ease!
Native APM agent for the Application Insights Node.js SDK
Node Application Metrics
Enable or disable app nap for your app, from Node
Bindings to liboboe for the AppOptics APM agent
Node.js bindings for argon2 password hashing and proof-of-work algorithm
Dilithium3 bindings for Arielcoin