registry  /  @dev-dga/react  /  0.12.0

@dev-dga/react@0.12.0

⚠ Under review

React 19 components for the DGA (Digital Government Authority) design system , accessible, RTL-native, dark-mode ready.

Static Scan Results

scanned 4h ago · by rust-scanner

Static analysis flagged 6 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
High-risk behavior combination matched malicious policy.

Decision evidence

public snapshot
Behavioral surface
Source
EnvironmentVars
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 582 file(s), 1.04 MB of source, external domains: www.w3.org

Source & flagged code

1 flagged · loading source
dist/chunk-VYP5GX57.cjs#virtual:normalized:round1View file
96contains invisible/control Unicode U+200E (left-to-right mark) var BIDI_MARKS = new RegExp(`[${"<U+200E><U+200F>؜"}]`, "g");
Critical
Trojan Source Unicode

Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.

dist/chunk-VYP5GX57.cjs#virtual:normalized:round1View on unpkg · L96

Findings

1 Critical2 Medium3 Low
CriticalTrojan Source Unicodedist/chunk-VYP5GX57.cjs#virtual:normalized:round1
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowHigh Entropy Strings
LowUrl Strings