registry  /  @youtyan/code-viewer  /  0.6.6

@youtyan/code-viewer@0.6.6

Local browser-based code and git diff viewer

Static Scan Results

scanned 7d ago · by rust-scanner

Static analysis completed at 93.0% confidence. No malicious behavior was detected; 12 low-signal pattern(s) were surfaced and cleared.

Static reason
No blocking static signals were detected.; previous stored version diff introduced dangerous source

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsEvalFilesystemNetworkShell
Supply chain
HighEntropyStringsMinifiedTelemetryUrlStrings
ManifestNo manifest risk signals triggered.
scanned 4 file(s), 5.12 MB of source, external domains: 127.0.0.1, github.com, www.w3.org
Oversized source lightweight scan
web/mermaid.js5.75 MB file, sampled 256 KB
NetworkChildProcessHighEntropyStringsTelemetryUrlStringsgithub.comwww.w3.org
web/shiki.js9.27 MB file, sampled 256 KB
HighEntropyStrings

Source & flagged code

3 flagged · loading source
web/vendor/diff2html/diff2html-ui.min.jsView file
1!function(e,t){if("object"==typeof exports&&"object"==typeof module)module.exports=t();else if("function"==typeof define&&define.amd)define([],t);else{var n=t();for(var a in n)("ob...
Low
Eval

Package source references a known benign dynamic code generation pattern.

web/vendor/diff2html/diff2html-ui.min.jsView on unpkg · L1
web/mermaid.jsView file
path = web/mermaid.js kind = oversized_source_file sizeBytes = 6029629 magicHex = [redacted]
High
Oversized Source File

Package contains source files above the static scanner size ceiling.

web/mermaid.jsView on unpkg
web/vendor/highlight.js/highlight.min.jsView file
matchType = previous_version_dangerous_delta matchedPackage = @youtyan/code-viewer@0.6.4 matchedIdentity = npm:QHlvdXR5YW4vY29kZS12aWV3ZXI:0.6.4 similarity = 0.750 summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

web/vendor/highlight.js/highlight.min.jsView on unpkg

Findings

2 High3 Medium7 Low
HighOversized Source Fileweb/mermaid.js
HighPrevious Version Dangerous Deltaweb/vendor/highlight.js/highlight.min.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowEvalweb/vendor/diff2html/diff2html-ui.min.js
LowFilesystem
LowHigh Entropy Strings
LowTelemetry
LowUrl Strings