muaddib-scanner 2.11.161 → 2.11.162

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "muaddib-scanner",
3
- "version": "2.11.161",
3
+ "version": "2.11.162",
4
4
  "description": "Supply-chain threat detection & response for npm & PyPI/Python",
5
5
  "main": "src/index.js",
6
6
  "bin": {
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "target": "node_modules",
3
- "timestamp": "2026-07-09T09:23:51.701Z",
3
+ "timestamp": "2026-07-10T07:45:05.079Z",
4
4
  "threats": [
5
5
  {
6
6
  "type": "string_mutation_obfuscation",
package/stats.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "_comment": "GENERATED by scripts/collect-stats.js — do not edit by hand. Run `npm run docs:stats`.",
3
- "version": "2.11.161",
3
+ "version": "2.11.162",
4
4
  "scanners": 21,
5
5
  "rulesTotal": 275,
6
6
  "rulesCore": 270,
package/zizmor.yml ADDED
@@ -0,0 +1,18 @@
1
+ # zizmor configuration — https://docs.zizmor.sh/configuration/
2
+ #
3
+ # Suppress a finding ONLY when it is a confirmed false positive, and keep the
4
+ # rationale on the same line. Schema:
5
+ #
6
+ # rules:
7
+ # <audit-id>: # e.g. template-injection, artipacked, cache-poisoning
8
+ # ignore:
9
+ # - <workflow>.yml # ignore the whole file
10
+ # - <workflow>.yml:LINE # ignore one line
11
+ # - <workflow>.yml:LINE:COL# ignore one exact finding
12
+ #
13
+ # Policy for this repo: prefer FIXING findings over ignoring them. As of the first
14
+ # run every finding is real (template-injection in publish.yml, artipacked on the
15
+ # checkout steps, cache-poisoning, adhoc-packages), so nothing is suppressed here.
16
+ # Add an entry below only after confirming a genuine false positive.
17
+
18
+ rules: {}