ccxt
0
Versions
—
License
Yes
Install Scripts
Verified
Provenance
Supply chain provenance
Status for the latest visible version.
SLSA provenance attestation
npm registry signatures
gitHead linked
Maintainers
x84randomguy007
Keywords
algorithmicalgotradingaltcoinaltcoinsapiarbitragereal-timerealtimebacktestbacktestingbitcoinbotbtccnycoincoinscryptocryptocurrencycrypto currencycrypto marketcurrencycurrenciesdarkcoindashdigital currencydogedogecoine-commerceetcethetherethereumexchangeexchangeseurframeworkinvestinvestinginvestorlibrarylightlitecoinltcmarketmarket datamarketsmerchandisemerchantminimalohlcvorderorderbookorder bookpriceprice datapricefeedprivatepublicripplestrategytickertickerstoolkittradetradertradingusdvolumewebsocketwebsocketsweb socketweb socketswsxbtxrpzeczerocoin
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| typosquat | typosquat.levenshtein:next | AI (typosquat): ccxt is a well-known crypto library, not a typosquat of next; Levenshtein match is coincidental. | ai | |
| typosquat | typosquat.levenshtein:nuxt | AI (typosquat): ccxt is a well-known crypto library, not a typosquat of nuxt; Levenshtein match is coincidental. | ai | |
| semgrep | semgrep:shady-links-tlds | AI (semgrep): bitbank.cc is a legitimate Japanese crypto exchange; .cc TLD is expected in ccxt exchange integrations. | ai | |
| semgrep | semgrep:api-obfuscation-reflect | AI (semgrep): Reflect.get() in bundled ethers.js static dependency is standard ethers library code, not malicious. | ai | |
| semgrep | semgrep:base64-decode | AI (semgrep): Base64 decode in bundled ethers.js utils is standard cryptographic utility, not payload hiding. | ai | |
| semgrep | semgrep:new-function-constructor | AI (semgrep): new Function() in zklink WASM glue code is standard WebAssembly JS binding pattern. | ai |
Versions (showing 0 of 0)
| Version | Deps | Published |
|---|