registry  /  stacktora  /  0.6.0

stacktora@0.6.0

Keep your project's dev-environment files in sync with its stack recipe (stacktora.json).

Static Scan Results

scanned 11d ago · by rust-scanner

Static analysis completed at 65.0% confidence. No malicious behavior was detected; 7 low-signal pattern(s) were surfaced and cleared.

Static reason
No blocking static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessDynamicRequireEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 321 KB of source, external domains: 0.0.0.0, 192.168.1.20, api.github.com, asdf-vm.com, containers.dev, direnv.net, docs.docker.com, editorconfig.org, github.com, gitpod.io, maven.apache.org, pre-commit.com, reactnative.dev, taskfile.dev, www.npmjs.com

Source & flagged code

1 flagged · loading source
bin/stacktora.jsView file
3'use strict'; L4: const fs = require('fs'), path = require('path'); L5:
Medium
Dynamic Require

Package source references dynamic require/import behavior.

bin/stacktora.jsView on unpkg · L3

Findings

3 Medium4 Low
MediumDynamic Requirebin/stacktora.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings