registry  /  @cosmicdrift/kumiko-dev-server  /  0.119.0

@cosmicdrift/kumiko-dev-server@0.119.0

Development server bootstrap for Kumiko apps. Bundles the client, mints dev-JWTs, injects the resolved AppSchema, and seeds an admin. Not for production.

Static Scan Results

scanned 21h ago · by rust-scanner

Static analysis flagged 19 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 39 file(s), 347 KB of source, external domains: 0.0.0.0, biomejs.dev, docs.kumiko.rocks

Source & flagged code

14 flagged · loading source
src/scaffold-app.tsView file
472patternName = generic_password severity = medium line = 472 matchedText = writer.w...,`);
Medium
Secret Pattern

Package contains a possible secret pattern.

src/scaffold-app.tsView on unpkg · L472
551patternName = generic_password severity = medium line = 551 matchedText = writer.w...,`);
Medium
Secret Pattern

Hardcoded password in src/scaffold-app.ts

src/scaffold-app.tsView on unpkg · L551
bin/kumiko-schema-check.tsView file
67async function readMountedFeatures(runConfigPath: string): Promise<Set<string>> { L68: const mod = (await import(runConfigPath)) as { L69: APP_FEATURES?: ReadonlyArray<{ name: string }>;
Medium
Dynamic Require

Package source references dynamic require/import behavior.

bin/kumiko-schema-check.tsView on unpkg · L67
src/__tests__/resolve-auth-mail.test.tsView file
11patternName = generic_password severity = medium line = 11 matchedText = password...gh",
Medium
Secret Pattern

Hardcoded password in src/__tests__/resolve-auth-mail.test.ts

src/__tests__/resolve-auth-mail.test.tsView on unpkg · L11
src/__tests__/scaffold-app.test.tsView file
106patternName = generic_password severity = medium line = 106 matchedText = expect(d..."`);
Medium
Secret Pattern

Hardcoded password in src/__tests__/scaffold-app.test.ts

src/__tests__/scaffold-app.test.tsView on unpkg · L106
src/__tests__/run-prod-app.integration.test.tsView file
785patternName = generic_password severity = medium line = 785 matchedText = password...34",
Medium
Secret Pattern

Hardcoded password in src/__tests__/run-prod-app.integration.test.ts

src/__tests__/run-prod-app.integration.test.tsView on unpkg · L785
src/__tests__/run-dev-app.integration.test.tsView file
32patternName = generic_password severity = medium line = 32 matchedText = password...34",
Medium
Secret Pattern

Hardcoded password in src/__tests__/run-dev-app.integration.test.ts

src/__tests__/run-dev-app.integration.test.tsView on unpkg · L32
src/__tests__/welcome-banner.test.tsView file
8patternName = generic_password severity = medium line = 8 matchedText = admin: {..." },
Medium
Secret Pattern

Hardcoded password in src/__tests__/welcome-banner.test.ts

src/__tests__/welcome-banner.test.tsView on unpkg · L8
src/__tests__/compose-features-wiring.integration.test.tsView file
198patternName = generic_password severity = medium line = 198 matchedText = await se... });
Medium
Secret Pattern

Hardcoded password in src/__tests__/compose-features-wiring.integration.test.ts

src/__tests__/compose-features-wiring.integration.test.tsView on unpkg · L198
230patternName = generic_password severity = medium line = 230 matchedText = password...76",
Medium
Secret Pattern

Hardcoded password in src/__tests__/compose-features-wiring.integration.test.ts

src/__tests__/compose-features-wiring.integration.test.tsView on unpkg · L230
236patternName = generic_password severity = medium line = 236 matchedText = await se... });
Medium
Secret Pattern

Hardcoded password in src/__tests__/compose-features-wiring.integration.test.ts

src/__tests__/compose-features-wiring.integration.test.tsView on unpkg · L236
269patternName = generic_password severity = medium line = 269 matchedText = await se... });
Medium
Secret Pattern

Hardcoded password in src/__tests__/compose-features-wiring.integration.test.ts

src/__tests__/compose-features-wiring.integration.test.tsView on unpkg · L269
311patternName = generic_password severity = medium line = 311 matchedText = await se... });
Medium
Secret Pattern

Hardcoded password in src/__tests__/compose-features-wiring.integration.test.ts

src/__tests__/compose-features-wiring.integration.test.tsView on unpkg · L311
367patternName = generic_password severity = medium line = 367 matchedText = await se... });
Medium
Secret Pattern

Hardcoded password in src/__tests__/compose-features-wiring.integration.test.ts

src/__tests__/compose-features-wiring.integration.test.tsView on unpkg · L367

Findings

16 Medium3 Low
MediumSecret Patternsrc/scaffold-app.ts
MediumDynamic Requirebin/kumiko-schema-check.ts
MediumNetwork
MediumEnvironment Vars
MediumSecret Patternsrc/__tests__/resolve-auth-mail.test.ts
MediumSecret Patternsrc/__tests__/scaffold-app.test.ts
MediumSecret Patternsrc/__tests__/run-prod-app.integration.test.ts
MediumSecret Patternsrc/__tests__/run-dev-app.integration.test.ts
MediumSecret Patternsrc/__tests__/welcome-banner.test.ts
MediumSecret Patternsrc/__tests__/compose-features-wiring.integration.test.ts
MediumSecret Patternsrc/__tests__/compose-features-wiring.integration.test.ts
MediumSecret Patternsrc/__tests__/compose-features-wiring.integration.test.ts
MediumSecret Patternsrc/__tests__/compose-features-wiring.integration.test.ts
MediumSecret Patternsrc/__tests__/compose-features-wiring.integration.test.ts
MediumSecret Patternsrc/__tests__/compose-features-wiring.integration.test.ts
MediumSecret Patternsrc/scaffold-app.ts
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings