registry  /  spark-ssr  /  0.3.2

spark-ssr@0.3.2

Zero-config SSR for spark-html on Bun. The HTML template infers everything: filesystem routing, layouts, <spark-ssr> declarative data (SQL, URLs, globs, modules), auto CRUD with validation, guards, no-JS forms, schema + seeds, live updates, SEO. No build

Static Scan Results

scanned 9d ago · by rust-scanner

Static analysis completed at 65.0% confidence. No malicious behavior was detected; 8 low-signal pattern(s) were surfaced and cleared.

Static reason
No blocking static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsEvalFilesystemNetwork
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 10 file(s), 131 KB of source, external domains: www.sitemaps.org

Source & flagged code

2 flagged · loading source
src/render.jsView file
14if (!fn) { L15: try { fn = new Function('__scope__', 'with (__scope__) { return (' + expr + '); }'); } L16: catch { fn = () => undefined; }
Low
Eval

Package source references a known benign dynamic code generation pattern.

src/render.jsView on unpkg · L14
src/server.jsView file
356try { L357: const { themeInitScript } = await import('spark-html-theme/init'); L358: themeInit = `<script>${themeInitScript()}</script>`;
Medium
Dynamic Require

Package source references dynamic require/import behavior.

src/server.jsView on unpkg · L356

Findings

3 Medium5 Low
MediumDynamic Requiresrc/server.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowEvalsrc/render.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings