registry  /  cherry-markdown-next  /  0.1.2

cherry-markdown-next@0.1.2

Next-generation Markdown editor and renderer with GFM and Cherry extensions

Static Scan Results

scanned 7h ago · by rust-scanner

Static analysis completed at 93.0% confidence. No malicious behavior was detected; 8 low-signal pattern(s) were surfaced and cleared.

Static reason
No blocking static signals were detected.; previous stored version diff introduced dangerous source

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessEnvironmentVarsShell
Supply chain
HighEntropyStringsMinifiedObfuscatedUrlStrings
ManifestNo manifest risk signals triggered.
scanned 9 file(s), 3.24 MB of source, external domains: ankio.net, echarts-api.vercel.app, echarts.apache.org, example.com, github.com, img.shields.io, math-api-delta.vercel.app, mermaid.ink, mermaid.live, www.w3.org

Source & flagged code

1 flagged · loading source
dist/cherry.min.cjsView file
matchType = previous_version_dangerous_delta matchedPackage = cherry-markdown-next@0.1.1 matchedIdentity = npm:Y2hlcnJ5LW1hcmtkb3duLW5leHQ:0.1.1 similarity = 0.889 summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

dist/cherry.min.cjsView on unpkg

Findings

1 High2 Medium5 Low
HighPrevious Version Dangerous Deltadist/cherry.min.cjs
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings