registry  /  spark-ssr  /  0.1.0

spark-ssr@0.1.0

Zero-config SSR for spark-html on Bun. The HTML template infers everything: filesystem routing, <spark-ssr> declarative queries, auto CRUD APIs, sessions, uploads, middleware. No build step.

Static Scan Results

scanned 10d ago · by rust-scanner

Static analysis completed at 65.0% confidence. No malicious behavior was detected; 7 low-signal pattern(s) were surfaced and cleared.

Static reason
No blocking static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsEvalFilesystemNetwork
Supply chain
HighEntropyStrings
ManifestNo manifest risk signals triggered.
scanned 8 file(s), 59.8 KB of source

Source & flagged code

2 flagged · loading source
src/render.jsView file
13if (!fn) { L14: try { fn = new Function('__scope__', 'with (__scope__) { return (' + expr + '); }'); } L15: catch { fn = () => undefined; }
Low
Eval

Package source references a known benign dynamic code generation pattern.

src/render.jsView on unpkg · L13
src/server.jsView file
306if (config.auth && config.auth.plugin) { L307: authPlugin = (await import(resolve(root, config.auth.plugin))).default; L308: on('POST', 'api/auth', async (req) => {
Medium
Dynamic Require

Package source references dynamic require/import behavior.

src/server.jsView on unpkg · L306

Findings

3 Medium4 Low
MediumDynamic Requiresrc/server.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowEvalsrc/render.js
LowFilesystem
LowHigh Entropy Strings