registry  /  check-package-dependencies  /  11.4.0

check-package-dependencies@11.4.0

Check package dependencies for duplicates, peer dependencies satisfaction and more early

Static Scan Results

scanned 1d ago · by rust-scanner

Static analysis flagged 8 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessEnvironmentVarsFilesystemShell
Supply chain
HighEntropyStrings
ManifestNo manifest risk signals triggered.
scanned 93 file(s), 451 KB of source

Source & flagged code

2 flagged · loading source
src/eslint/rules/satisfies-versions-between-dependencies.test.tsView file
1import { deepEqual } from "node:assert/strict"; L2: import { execSync } from "node:child_process"; L3: import path from "node:path";
High
Child Process

Package source references child process execution.

src/eslint/rules/satisfies-versions-between-dependencies.test.tsView on unpkg · L1
1import { deepEqual } from "node:assert/strict"; L2: import { execSync } from "node:child_process"; L3: import path from "node:path"; ... L8: execSync( L9: "yarn install --frozen-lockfile --cache-folder /tmp/yarn-cache-between-deps", L10: {
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

src/eslint/rules/satisfies-versions-between-dependencies.test.tsView on unpkg · L1

Findings

3 High2 Medium3 Low
HighChild Processsrc/eslint/rules/satisfies-versions-between-dependencies.test.ts
HighShell
HighRuntime Package Installsrc/eslint/rules/satisfies-versions-between-dependencies.test.ts
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings