Static Scan Results
scanned 3h ago · by rust-scannerStatic analysis flagged 3 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcess
Source & flagged code
1 flagged · loading sourcedist/connectionStateHandler.jsView file
7package = @fluidframework/container-loader; repositoryIdentity = fluidframework; dependency = @fluidframework/core-interfaces
L7: exports.ConnectionStateHandler = exports.ConnectionStateCatchup = exports.[redacted] = exports.createConnectionStateHandler = void 0;
L8: const core_interfaces_1 = require("@fluidframework/core-interfaces");
L9: const internal_1 = require("@fluidframework/core-utils/internal");
High
Copied Package Dependency Bridge
Package metadata claims a different repository identity while copied source loads a runtime dependency bridge.
dist/connectionStateHandler.jsView on unpkg · L7Findings
1 High1 Medium1 Low
HighCopied Package Dependency Bridgedist/connectionStateHandler.js
MediumStructural Risk Force Deep Review
LowScripts Present