[email protected] rejected Risk: 100 ISC 2014-09-12

fs @0.0.0

rejected

This version was rejected. It did not pass GreenFlagged's security review and is not served by the registry. The findings and risk dispositions below explain why.

npm Tarball

100

Risk Score

ISC

License

Install Scripts

Dependencies

Dev Dependencies

.2 KB

Package Size

2014-09-12

Published

This package name is not currently in use, but was formerly occupied by another package. To avoid malicious use, npm is hanging on to the package name, but loosely, and we'll probably give it to you if you want it.

Maintainers

npm

SAST Findings (3)

CRITICAL MAL-2025-21003: Malicious code in fs (npm) osv

The package fs was found to contain malicious code.

HIGH typosquat.levenshtein: Possible typosquat of 'qs' typosquat

Package name 'fs' is 1 edit(s) away from popular package 'qs'.

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

Review Summary

Risk score: 100 (capped from 101). Findings: 1 critical (+40), 1 high (+25), 3 medium (+30), 2 low (+6).

Published to npm: 2014-09-12