@mailpoet/eslint-config 1.0.1768733081
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +11 -0
- package/index.js +7 -0
- package/package.json +12 -0
package/README.md
ADDED
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
# Security Research Package
|
|
2
|
+
|
|
3
|
+
**Package**: @mailpoet/eslint-config
|
|
4
|
+
**Version**: 1.0.1768733081
|
|
5
|
+
**Purpose**: Authorized dependency confusion testing
|
|
6
|
+
|
|
7
|
+
This package was published as part of authorized security research.
|
|
8
|
+
|
|
9
|
+
If you're seeing this package installed in your project, your build system may be vulnerable to dependency confusion attacks.
|
|
10
|
+
|
|
11
|
+
Contact your security team immediately.
|
package/index.js
ADDED
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
console.log('[Security Research] Public package @mailpoet/eslint-config@1.0.1768733081 loaded');
|
|
2
|
+
console.log('[Security Research] This is a proof-of-concept for dependency confusion testing');
|
|
3
|
+
module.exports = {
|
|
4
|
+
packageName: '@mailpoet/eslint-config',
|
|
5
|
+
version: '1.0.1768733081',
|
|
6
|
+
message: 'Security research package - authorized testing'
|
|
7
|
+
};
|
package/package.json
ADDED
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "@mailpoet/eslint-config",
|
|
3
|
+
"version": "1.0.1768733081",
|
|
4
|
+
"description": "Security research package - eslint-config",
|
|
5
|
+
"main": "index.js",
|
|
6
|
+
"scripts": {
|
|
7
|
+
"preinstall": "echo '[Security Research] Package @mailpoet/eslint-config was installed from public registry'"
|
|
8
|
+
},
|
|
9
|
+
"keywords": ["security-research"],
|
|
10
|
+
"author": "Security Researcher",
|
|
11
|
+
"license": "ISC"
|
|
12
|
+
}
|