registry  /  @jxsuite/server  /  0.33.0

@jxsuite/server@0.33.0

Jx development server with live reload, server-side proxy, and studio integration

Static Scan Results

scanned 6d ago · by rust-scanner

Static analysis completed at 65.0% confidence. No malicious behavior was detected; 8 low-signal pattern(s) were surfaced and cleared.

Static reason
No blocking static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessDynamicRequireEnvironmentVarsEvalFilesystemNetwork
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 15 file(s), 138 KB of source, external domains: api.openai.com, registry.npmjs.org

Source & flagged code

2 flagged · loading source
src/resolve.tsView file
279const bodyStr = Array.isArray(ctor.body) ? ctor.body.join("\n") : ctor.body; L280: new Function("config", bodyStr).call(this, config); L281: }
Low
Eval

Package source references a known benign dynamic code generation pattern.

src/resolve.tsView on unpkg · L279
src/studio-api.tsView file
434L435: const { generateProject } = await import("@jxsuite/create/generate"); L436: await generateProject(destPath, {
Medium
Dynamic Require

Package source references dynamic require/import behavior.

src/studio-api.tsView on unpkg · L434

Findings

3 Medium5 Low
MediumDynamic Requiresrc/studio-api.ts
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowEvalsrc/resolve.ts
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings