registry  /  @open-xchange/appsuite-codeceptjs  /  0.14.2

@open-xchange/appsuite-codeceptjs@0.14.2

OX App Suite CodeceptJS Configuration and Helpers

Static Scan Results

scanned 2d ago · by rust-scanner

Static analysis flagged 10 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
Manifest
CopyleftLicense
scanned 25 file(s), 137 KB of source, external domains: hindsight.dev.oxui.de, kc.dev.oxui.de

Source & flagged code

2 flagged · loading source
src/users.jsView file
31L32: const { default: factory } = await import(moduleToLoad) L33: export default factory
Medium
Dynamic Require

Package source references dynamic require/import behavior.

src/users.jsView on unpkg · L31
index.jsView file
15* You should have received a copy of the GNU Affero General Public License L16: * along with OX App Suite. If not, see <https://www.gnu.org/licenses/agpl-3.0.txt>. L17: * ... L42: // wants the literal macOS Home/End behaviour). L43: if (process.platform === 'darwin' && !process.env.OX_SKIP_MACOS_KEYMAP) { L44: // codeceptjs's exports map appends `.js` to subpaths under ./lib/*, so import
High
Sandbox Evasion Gated Capability

Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.

index.jsView on unpkg · L15

Findings

1 High4 Medium5 Low
HighSandbox Evasion Gated Capabilityindex.js
MediumDynamic Requiresrc/users.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowCopyleft License