react-json-tree @0.10.8
React JSON Viewer Component, Extracted from redux-devtools
Maintainers
Keywords
Dependencies (3)
| Package | Constraint | Registry Status |
|---|---|---|
| prop-types | ^15.5.8 | auto_approved |
| babel-runtime | ^6.6.1 | pending |
| react-base16-styling | ^0.5.1 | auto_approved |
Dev Dependencies (26)
| Package | Constraint | Registry Status |
|---|---|---|
| mocha | ^2.4.5 | auto_approved |
| react | ^15.4.2 | auto_approved |
| eslint | ^2.8 | auto_approved |
| expect | ^1.18.0 | auto_approved |
| rimraf | ^2.5.2 | auto_approved |
| isparta | ^4.0.0 | auto_approved |
| babel-cli | ^6.7.7 | auto_approved |
| react-dom | ^15.4.2 | auto_approved |
| babel-core | ^6.7.7 | auto_approved |
| pre-commit | ^1.1.3 | auto_approved |
| babel-eslint | ^6.0.3 | auto_approved |
| babel-loader | ^6.2.4 | pending |
| babel-preset-react | ^6.5.0 | auto_approved |
| babel-preset-es2015 | ^6.6.0 | auto_approved |
| eslint-plugin-babel | ^3.2.0 | auto_approved |
| eslint-plugin-react | ^5.0.1 | auto_approved |
| babel-preset-stage-0 | ^6.5.0 | auto_approved |
| eslint-config-airbnb | ^8.0.0 | auto_approved |
| eslint-plugin-import | ^1.5.0 | auto_approved |
| eslint-plugin-jsx-a11y | ^1.0.2 | auto_approved |
| react-addons-test-utils | ^15.0.0 | auto_approved |
| babel-preset-es2015-loose | ^7.0.0 | auto_approved |
| babel-plugin-transform-runtime | ^6.7.5 | auto_approved |
| babel-plugin-transform-decorators-legacy | ^1.3.4 | auto_approved |
| babel-plugin-transform-es3-property-literals | ^6.5.0 | auto_approved |
| babel-plugin-transform-es3-member-expression-literals | ^6.5.0 | auto_approved |
Transitive Dependency Tree
Changes from v0.10.7
Dependency Changes
| Change | Package | Version |
|---|---|---|
| added | prop-types | ^15.5.8 |
File Changes
SAST Findings (8)
Package contains compiled binaries that could be backdoors: • packages/react-json-tree-demo-app/node_modules/fsevents/lib/binding/Release/node-v11-darwin-x64/fse.node • packages/react-json-tree-demo-app/node_modules/fsevents/lib/binding/Release/node-v46-darwin-x64/fse.node • packages/react-json-tree-demo-app/node_modules/fsevents/lib/binding/Release/node-v47-darwin-x64/fse.node • packages/react-json-tree-demo-app/node_modules/fsevents/lib/binding/Release/node-v48-darwin-x64/fse.node • packages/react-json-tree-demo-app/node_modules/fsevents/lib/binding/Release/node-v51-darwin-x64/fse.node
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
Review Summary
Risk score: 100 (capped from 198). Findings: 7 high (+175), 2 medium (+20), 1 low (+3), 1 info (+0).
Commit: 75fbc111920f Browse source
Published to npm: