registry  /  @lightdash/common  /  0.3290.0

@lightdash/common@0.3290.0

Static Scan Results

scanned 2d ago · by rust-scanner

Static analysis flagged 18 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessDynamicRequireEnvironmentVarsFilesystemShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 1,512 file(s), 10.5 MB of source, external domains: anything.bad-example.com, api.githubcopilot.com, app.example.com, app.lightdash.cloud, attacker.invalid, docs.lightdash.com, evil.example.com, example.com, github.com, google.com, json-schema.org, malicious.com, placehold.co, schemas.getdbt.com, schemas.lightdash.com, www.lightdash.com, www.w3.org

Source & flagged code

13 flagged · loading source
dist/types/index.jsView file
294patternName = generic_password severity = medium line = 294 matchedText = password...d!',
Medium
Secret Pattern

Package contains a possible secret pattern.

dist/types/index.jsView on unpkg · L294
311patternName = generic_password severity = medium line = 311 matchedText = password...d!',
Medium
Secret Pattern

Hardcoded password in dist/types/index.js

dist/types/index.jsView on unpkg · L311
328patternName = generic_password severity = medium line = 328 matchedText = password...d!',
Medium
Secret Pattern

Hardcoded password in dist/types/index.js

dist/types/index.jsView on unpkg · L328
350patternName = generic_password severity = medium line = 350 matchedText = password...d!',
Medium
Secret Pattern

Hardcoded password in dist/types/index.js

dist/types/index.jsView on unpkg · L350
dist/types/dbt/validation.csp.test.jsView file
28vi.resetModules(); L29: await import('./validation'); L30: expect(constructed).toEqual([]);
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/types/dbt/validation.csp.test.jsView on unpkg · L28
dist/esm/index.jsView file
294patternName = generic_password severity = medium line = 294 matchedText = password...d!',
Medium
Secret Pattern

Hardcoded password in dist/esm/index.js

dist/esm/index.jsView on unpkg · L294
311patternName = generic_password severity = medium line = 311 matchedText = password...d!',
Medium
Secret Pattern

Hardcoded password in dist/esm/index.js

dist/esm/index.jsView on unpkg · L311
328patternName = generic_password severity = medium line = 328 matchedText = password...d!',
Medium
Secret Pattern

Hardcoded password in dist/esm/index.js

dist/esm/index.jsView on unpkg · L328
350patternName = generic_password severity = medium line = 350 matchedText = password...d!',
Medium
Secret Pattern

Hardcoded password in dist/esm/index.js

dist/esm/index.jsView on unpkg · L350
dist/cjs/index.jsView file
357patternName = generic_password severity = medium line = 357 matchedText = password...d!',
Medium
Secret Pattern

Hardcoded password in dist/cjs/index.js

dist/cjs/index.jsView on unpkg · L357
374patternName = generic_password severity = medium line = 374 matchedText = password...d!',
Medium
Secret Pattern

Hardcoded password in dist/cjs/index.js

dist/cjs/index.jsView on unpkg · L374
391patternName = generic_password severity = medium line = 391 matchedText = password...d!',
Medium
Secret Pattern

Hardcoded password in dist/cjs/index.js

dist/cjs/index.jsView on unpkg · L391
413patternName = generic_password severity = medium line = 413 matchedText = password...d!',
Medium
Secret Pattern

Hardcoded password in dist/cjs/index.js

dist/cjs/index.jsView on unpkg · L413

Findings

14 Medium4 Low
MediumSecret Patterndist/types/index.js
MediumDynamic Requiredist/types/dbt/validation.csp.test.js
MediumEnvironment Vars
MediumSecret Patterndist/types/index.js
MediumSecret Patterndist/types/index.js
MediumSecret Patterndist/types/index.js
MediumSecret Patterndist/esm/index.js
MediumSecret Patterndist/esm/index.js
MediumSecret Patterndist/esm/index.js
MediumSecret Patterndist/esm/index.js
MediumSecret Patterndist/cjs/index.js
MediumSecret Patterndist/cjs/index.js
MediumSecret Patterndist/cjs/index.js
MediumSecret Patterndist/cjs/index.js
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings