build-with-celo-hackathon
build-with-celo-hackathon copied to clipboard
Published
20 hours ago •
celo-org
celo-org
Guessing It!
Socket Security Report
Dependency issues detected. If you merge this pull request, you will not be alerted to the instances of these issues again.
📜 New install scripts detected
A dependency change in this PR is introducing new install scripts to your install step.
| Package | Script field | Location |
|---|---|---|
| [email protected] (added) | binding.gyp |
contract/package.json via [email protected], @nomicfoundation/[email protected], [email protected] |
| [email protected] (added) | binding.gyp |
contract/package.json |
| [email protected] (added) | binding.gyp |
contract/package.json via [email protected] |
| [email protected] (added) | install |
contract/package.json |
| [email protected] (added) | install |
contract/package.json via [email protected] |
| [email protected] (added) | postinstall |
frontend/package.json via [email protected], [email protected] |
| [email protected] (added) | postinstall |
frontend/package.json via [email protected], @pmmmwh/[email protected] |
| [email protected] (added) | install |
contract/package.json via [email protected], @nomicfoundation/[email protected], [email protected] |
🫣 Native code
Contains native code which could be a vector to obscure malicious code, and generally decrease the likelihood of reproducible or reliable installs.
| Package | Location |
|---|---|
| [email protected] (added) | contract/package.json via [email protected], @nomicfoundation/[email protected], [email protected] |
| [email protected] (added) | contract/package.json |
| [email protected] (added) | contract/package.json via [email protected] |
Socket.dev scan summary
| Issue | Status |
|---|---|
| Did you mean? | ✅ no new possible package typos |
| Install scripts | ⚠️ 8 new install scripts detected |
| Telemetry | ✅ no new telemetry |
| Troll package | ✅ no new troll packages |
| Malware | ✅ no new malware |
| Native code | ⚠️ 3 new native modules detected |
Bot Commands
To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore [email protected] [email protected]
@SocketSecurity ignore [email protected]@SocketSecurity ignore [email protected]@SocketSecurity ignore [email protected]@SocketSecurity ignore [email protected]@SocketSecurity ignore [email protected]
Powered by socket.dev
![socket-security[bot] avatar](https://avatars.githubusercontent.com/in/156372?v=4 "Published by a pub.dev verified publisher"){kind=small}