Exciting news!Announcing our $4.6M Series Seed. Learn more
Socket
LoveBlogFAQ
Install
Log in

HTTP dependency

Severity

High

Description

Contains a dependency which resolves to a remote HTTP URL which could be used to inject untrusted code and reduce overall package reliability.

Suggestion

Publish the HTTP URL dependency to npm or a private package repository and consume it from there.

Packages with this issue

socket.io-parser

socket.io protocol parser

rauchg
 published 2.2.0 •

engine.io-client

Client for the realtime Engine

rauchg
 published 1.4.3 •

has-cors

Detects support for Cross-Origin Resource Sharing

shtylman
 published 1.0.3 •

browserify

browser-side require() the node way

substack
 published 3.24.13 •

jshint

Static analysis tool for JavaScript

antonkovalyov
 published 1.1.0 •

ipfs-utils

Package to aggregate shared logic and dependencies for the IPFS ecosystem

achingbrain
 published 9.0.6 •

apn

An interface to the Apple Push Notification service for Node.js

florianreinhart
 published 2.2.0 •

appdynamics

Performance Profiler and Monitor

appdynamics
 published 22.5.0 •

distube

A Discord.js module to simplify your music commands and play songs with audio filters on Discord without any API key. Support YouTube, SoundCloud, Bandcamp, Facebook, and 700+ more sites

skick
 published 3.3.4 •

@yakj/y407

```typescript // 在vue中 this.$store.state.Auth.Rule // 在ts中 store.state.Auth.Rule ``` ### 判断权限 ```typescript // Rule.Cur标识当前企业 /** * 权限对象 */ export default class URule { /** * 用户UID */ UID: number = 0 /** * 企业编号 */ GID: number = 0

yanpengquan
 published 0.0.2 •
Socket

Product

NPM Packages

About

Subscribe to our newsletter

Get open source security insights delivered straight into your inbox. Be the first to learn about new features and product updates.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc