registry  /  mezon-js  /  2.15.65

mezon-js@2.15.65

⚠ Under review

JavaScript client for Mezon server written in TypeScript.

Static Scan Results

scanned 4h ago · by rust-scanner

Static analysis flagged 8 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
High-risk behavior combination matched malicious policy.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessEvalNetworkWebSocket
Supply chain
HighEntropyStringsMinifiedObfuscatedProtestwareTrivial
ManifestNo manifest risk signals triggered.
scanned 4 file(s), 1.66 MB of source

Source & flagged code

2 flagged · loading source
dist/mezon-js.umd.jsView file
1!function(e,n){"object"==typeof exports&&"undefined"!=typeof module?n(exports):"function"==typeof define&&define.amd?define(["exports"],n):n((e="undefined"!=typeof globalThis?globa... L2: //# sourceMappingURL=mezon-js.umd.js.map
Low
Eval

Package source references a known benign dynamic code generation pattern.

dist/mezon-js.umd.jsView on unpkg · L1
README.mdView file
51patternName = generic_password severity = medium line = 51 matchedText = var pass...al";
Medium
Secret Pattern

Hardcoded password in README.md

README.mdView on unpkg · L51

Findings

1 Critical1 High3 Medium3 Low
CriticalProtestware
HighObfuscated
MediumNetwork
MediumStructural Risk Force Deep Review
MediumSecret PatternREADME.md
LowScripts Present
LowEvaldist/mezon-js.umd.js
LowHigh Entropy Strings