@cyberhub/trust-faker 1.0.7 → 1.0.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +2 -2
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -27,7 +27,7 @@ Community: █████████░░░░░░░░░░░
|
|
|
27
27
|
|
|
28
28
|
- Maintainer Trust is 38 because: single maintainer (bus factor risk), maintainer changes detected
|
|
29
29
|
- Supply Chain is 47 because: 1 known CVEs, in breach database
|
|
30
|
-
- Community is 43 because: no GitHub repo
|
|
30
|
+
- Community is 43 because: no public GitHub repo linked (may be private or on another platform)
|
|
31
31
|
|
|
32
32
|
## Vulnerabilities (1 vulnerability)
|
|
33
33
|
|
|
@@ -42,7 +42,7 @@ Community: █████████░░░░░░░░░░░
|
|
|
42
42
|
- 🔴 **CRITICAL**: HISTORICAL BREACH: Maintainer sabotaged — deleted all code (2022)
|
|
43
43
|
- 🔴 **CRITICAL**: Maintainer "marak" has history of package sabotage
|
|
44
44
|
- 🟠 **HIGH**: Maintainer(s) removed in v2.1.4: fotoverite
|
|
45
|
-
- 🟠 **HIGH**: 1 HIGH
|
|
45
|
+
- 🟠 **HIGH**: 1 HIGH vulnerability detected
|
|
46
46
|
|
|
47
47
|
## 🛠️ What Should You Do?
|
|
48
48
|
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@cyberhub/trust-faker",
|
|
3
|
-
"version": "1.0.
|
|
3
|
+
"version": "1.0.9",
|
|
4
4
|
"description": "Security Trust Report: faker@6.6.6 — 54/100 (C, standard). 1 vulnerability found. Maintainer risk, supply chain analysis from 8 security databases.",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"faker",
|