@cyberhub/trust-flatmap-stream 1.0.59 → 1.0.60

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/README.md +5 -9
  2. package/package.json +2 -3
package/README.md CHANGED
@@ -1,12 +1,12 @@
1
1
  # Security Trust Report: flatmap-stream
2
2
 
3
- **flatmap-stream@0.0.1-security: 50/100 | Grade: C | Tier: STANDARD** (confidence: ±3)
3
+ **flatmap-stream@0.0.1-security: 61/100 | Grade: C+ | Tier: STANDARD** (confidence: ±3)
4
4
 
5
5
  > Data verified on 2026-04-02 from 8 security databases.
6
6
 
7
7
  ## TL;DR
8
8
 
9
- - **2 vulnerabilities found** (2 critical, 0 high)
9
+ - **2 vulnerabilities found** (0 critical, 0 high)
10
10
  - Pin your version and monitor for changes
11
11
 
12
12
  ## Score Breakdown
@@ -14,31 +14,27 @@
14
14
  ```
15
15
  Maintainer Trust: ███████████░░░░░░░░░ 55/100
16
16
  Package Health: ████████████████░░░░ 80/100
17
- Supply Chain: ███░░░░░░░░░░░░░░░░░ 14/100
18
- Community: █████████░░░░░░░░░░░ 47/100
17
+ Supply Chain: █████████████░░░░░░░ 64/100
18
+ Community: ████████░░░░░░░░░░░░ 40/100
19
19
  ```
20
20
 
21
21
  ### Why this score?
22
22
 
23
23
  - Maintainer Trust is 55 because: single maintainer (bus factor risk)
24
- - Supply Chain is 14 because: 2 known CVEs, in breach database
25
- - Community is 47 because: GitHub repo inactive
24
+ - Community is 40 because: no public GitHub repo linked (may be private or on another platform)
26
25
 
27
26
  ## Vulnerabilities (2 vulnerabilities)
28
27
 
29
28
  | Severity | Count |
30
29
  |----------|-------|
31
- | 🔴 Critical | 2 |
32
30
  | ⚪ Low | 2 |
33
31
 
34
- - [GHSA-9x64-5r7x-2q53](https://github.com/advisories/GHSA-9x64-5r7x-2q53)
35
32
  - [GHSA-mh6f-8j2x-4483](https://github.com/advisories/GHSA-mh6f-8j2x-4483)
36
33
  - MAL-2025-20690
37
34
 
38
35
  ## Key Risk Flags
39
36
 
40
37
  - 🔴 **CRITICAL**: HISTORICAL BREACH: Cryptocurrency stealing payload (2018)
41
- - 🔴 **CRITICAL**: 2 CRITICAL vulnerabilities from live CVE databases
42
38
  - 🟠 **HIGH**: Primary maintainer account is less than 6 months old (0 days)
43
39
  - 🟠 **HIGH**: No license declared
44
40
 
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@cyberhub/trust-flatmap-stream",
3
- "version": "1.0.59",
4
- "description": "Security Trust Report: flatmap-stream@0.0.1-security — 50/100 (C, standard). 2 vulnerabilities found. Maintainer risk, supply chain analysis from 8 security databases.",
3
+ "version": "1.0.60",
4
+ "description": "Security Trust Report: flatmap-stream@0.0.1-security — 61/100 (C+, standard). 2 vulnerabilities found. Maintainer risk, supply chain analysis from 8 security databases.",
5
5
  "keywords": [
6
6
  "flatmap-stream",
7
7
  "flatmap-stream",
@@ -17,7 +17,6 @@
17
17
  "scan",
18
18
  "risk",
19
19
  "risk-assessment",
20
- "GHSA-9x64-5r7x-2q53",
21
20
  "GHSA-mh6f-8j2x-4483",
22
21
  "MAL-2025-20690",
23
22
  "standard"