registry  /  @targetprocess/logs-list  /  1.12.4

@targetprocess/logs-list@1.12.4

List component for displaying customer facing logs

Static Scan Results

scanned 3h ago · by rust-scanner

Static analysis flagged 15 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsEvalFilesystemNetworkShell
Supply chain
HighEntropyStringsMinifiedObfuscatedTelemetryUrlStrings
ManifestNo manifest risk signals triggered.
scanned 120 file(s), 6.33 MB of source, external domains: bugzilla.mozilla.org, cdn.jsdelivr.net, code.google.com, code.visualstudio.com, developer.mozilla.org, developers.google.com, drafts.csswg.org, en.wikipedia.org, fb.me, github.com, googlechrome.github.io, hacks.mozilla.org, help.yahoo.com, html.spec.whatwg.org, json-schema.org, r12a.github.io, sass-lang.com, schema.org, stackoverflow.com, support.google.com, tools.ietf.org, wiki.whatwg.org, www.apache.org, www.bing.com, www.dmoz.org, www.iana.org, www.ietf.org, www.w3.org, www.whatwg.org
Oversized source lightweight scan
dist/monaco-editor/vs/assets/ts.worker-CMbG-7ft.js6.69 MB file, sampled 256 KB
FilesystemNetworkChildProcessEnvironmentVarsShell
dist/monaco-editor/vs/editor.api-CalNCsUg.js3.50 MB file, sampled 256 KB
ChildProcessEnvironmentVarsShellObfuscatedHighEntropyStringsMinified

Source & flagged code

5 flagged · loading source
dist/index.es.jsView file
5701patternName = generic_password severity = medium line = 5701 matchedText = password...rd',
Medium
Secret Pattern

Package contains a possible secret pattern.

dist/index.es.jsView on unpkg · L5701
dist/index.jsView file
2L3: var React = require('react'); L4: var ReactDOM = require('react-dom');
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/index.jsView on unpkg · L2
5721patternName = generic_password severity = medium line = 5721 matchedText = password...rd',
Medium
Secret Pattern

Hardcoded password in dist/index.js

dist/index.jsView on unpkg · L5721
6540try { L6541: render = new Function(argument, '_', source); L6542: } catch (e) {
Low
Eval

Package source references a known benign dynamic code generation pattern.

dist/index.jsView on unpkg · L6540
dist/monaco-editor/vs/assets/ts.worker-CMbG-7ft.jsView file
path = dist/monaco-editor/vs/assets/ts.worker-CMbG-7ft.js kind = oversized_source_file sizeBytes = 7011550 magicHex = [redacted]
High
Oversized Source File

Package contains source files above the static scanner size ceiling.

dist/monaco-editor/vs/assets/ts.worker-CMbG-7ft.jsView on unpkg

Findings

1 High6 Medium8 Low
HighOversized Source Filedist/monaco-editor/vs/assets/ts.worker-CMbG-7ft.js
MediumSecret Patterndist/index.es.js
MediumDynamic Requiredist/index.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
MediumSecret Patterndist/index.js
LowNon Install Lifecycle Scripts
LowScripts Present
LowEvaldist/index.js
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowTelemetry
LowUrl Strings