		@@ -185,2 +185,17 @@ import fs from 'fs';
		});
		}).route('post', '/percy/log', async (req, res) => {
		const log = logger('sdk');
		if (!req.body) {
		log.error('No request body for /percy/log endpoint');
		return res.json(400, {
		error: 'No body passed'
		});
		}
		const level = req.body.level;
		const message = req.body.message;
		const meta = req.body.meta \|\| {};
		log[level](message, meta);
		res.json(200, {
		success: true
		});
		})
		@@ -187,0 +202,0 @@ // stops percy at the end of the current event loop

+2

-2

dist/percy.js

		@@ -435,3 +435,3 @@ import PercyClient from '@percy/client';
		const logsObject = {
		clilogs: logger.query(() => true)
		clilogs: logger.query(log => !['ci'].includes(log.debug))
		};
		@@ -441,3 +441,3 @@ // Only add CI logs if not disabled voluntarily.
		if (sendCILogs) {
		const redactedContent = redactSecrets(logger.query(() => true, true));
		const redactedContent = redactSecrets(logger.query(log => ['ci'].includes(log.debug)));
		logsObject.cilogs = redactedContent;
		@@ -444,0 +444,0 @@ }

+7

-7

package.json

		{
		"name": "@percy/core",
		"version": "1.28.8-beta.3",
		"version": "1.28.8-beta.4",
		"license": "MIT",
		@@ -46,7 +46,7 @@ "repository": {
		"dependencies": {
		"@percy/client": "1.28.8-beta.3",
		"@percy/config": "1.28.8-beta.3",
		"@percy/dom": "1.28.8-beta.3",
		"@percy/logger": "1.28.8-beta.3",
		"@percy/webdriver-utils": "1.28.8-beta.3",
		"@percy/client": "1.28.8-beta.4",
		"@percy/config": "1.28.8-beta.4",
		"@percy/dom": "1.28.8-beta.4",
		"@percy/logger": "1.28.8-beta.4",
		"@percy/webdriver-utils": "1.28.8-beta.4",
		"content-disposition": "^0.5.4",
		@@ -64,3 +64,3 @@ "cross-spawn": "^7.0.3",
		},
		"gitHead": "60fcc0cc0e65b1dd9f81286a3a3cd7383f1f6220"
		"gitHead": "0ea30a56b97b5a5dab6ddc1282f71f1ecf07df2d"
		}

New alerts

Network access

Supply chain risk

This module accesses the network.

Found 3 instances in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 2 instances in 1 package

Debug access

Supply chain risk

Uses debug, reflection and dynamic code execution features.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 12 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Fixed alerts

Network access

Supply chain risk

This module accesses the network.

Found 3 instances in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Found 2 instances in 1 package

Debug access

Supply chain risk

Uses debug, reflection and dynamic code execution features.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 12 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

@percy/core - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Dependency changes