registry  /  @dofe/infra-common  /  0.1.89

@dofe/infra-common@0.1.89

Cross-project NestJS runtime — decorators, guards, interceptors, filters, pipes, middleware, config

Static Scan Results

scanned 2h ago · by rust-scanner

Static analysis flagged 9 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystem
Supply chain
HighEntropyStringsUrlStrings
Manifest
NoLicense
scanned 93 file(s), 430 KB of source, external domains: ipinfo.io

Source & flagged code

3 flagged · loading source
dist/config/validation/keys.validation.jsView file
37patternName = private_key_rsa severity = critical line = 37 matchedText = .refine(...), {
Critical
Critical Secret

Package contains a critical-looking secret pattern.

dist/config/validation/keys.validation.jsView on unpkg · L37
37patternName = private_key_rsa severity = critical line = 37 matchedText = .refine(...), {
Critical
Secret Pattern

RSA private key in dist/config/validation/keys.validation.js

dist/config/validation/keys.validation.jsView on unpkg · L37
dist/decorators/cache/cache.decorator.jsView file
32* }) L33: * async updateUser(userId: string, data: any) { ... } L34: * ```
Low
Weak Crypto

Package source references weak cryptographic algorithms.

dist/decorators/cache/cache.decorator.jsView on unpkg · L32

Findings

2 Critical1 Medium6 Low
CriticalCritical Secretdist/config/validation/keys.validation.js
CriticalSecret Patterndist/config/validation/keys.validation.js
MediumEnvironment Vars
LowScripts Present
LowWeak Cryptodist/decorators/cache/cache.decorator.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License