Adding deps from stytch-node

[jadoonf]

No description provided.

[github-actions]

listen.dev ∙ Security Report

critical 🚨 7

medium ⚠️ 2

low 🔷 3

🔍 The following behaviors have been detected in the dependency tree during installation

🚨 Critical severity

📑🔎🔀	3 categories

• 📑 Metadata ∙ 2 packages

  
  

  • 📦 [email protected] ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗

    
    

    • This package has inconsistent scripts in the tarball's package.json ∙ 1 total occurrence

      
      

      Name	Version	Transitive Dependency	Occurrences	More
      react-dom	18.2.0		1	🔗

  • 📦 [email protected] ∙ 2 occurrences ∙ 2 kind of issues ∙ open 🔗

    
    

    • This package has inconsistent scripts in the tarball's package.json ∙ 1 total occurrence

      
      

      Name	Version	Transitive Dependency	Occurrences	More
      next	13.1.6		1	🔗

    • This package has inconsistent dependencies in the tarball's package.json ∙ 1 total occurrence

      
      

      Name	Version	Transitive Dependency	Occurrences	More
      next	13.1.6		1	🔗

• 🔎 Static analysis ∙ 1 package

  
  

  • 📦 [email protected] ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗

    
    

    • github dependency detected in package.json ∙ 1 total occurrence

      
      

      Name	Version	Transitive Dependency	Occurrences	More
      diff	3.4.0		1	🔗

• 🔀 Typosquatting ∙ 3 packages

  
  

  • 📦 [email protected] ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗

    
    

    • The name of this package closely resembles other package names ("ext") which are popular on NPM: it might be a typosquatting attempt ∙ 1 total occurrence

      
      

      Name	Version	Transitive Dependency	Occurrences	More
      next	13.1.6		1	🔗

  • 📦 [email protected] ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗

    
    

    • The name of this package closely resembles other package names ("cookie") which are popular on NPM: it might be a typosquatting attempt ∙ 1 total occurrence

      
      

      Name	Version	Transitive Dependency	Occurrences	More
      cookies	0.8.0		1	🔗

  • 📦 @types/[email protected] ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗

    
    

    • The name of this package closely resembles other package names ("@types/cookie") which are popular on NPM: it might be a typosquatting attempt ∙ 1 total occurrence

      
      

      Name	Version	Transitive Dependency	Occurrences	More
      @types/cookies	0.7.7		1	🔗

---

⚠️ Medium severity

📡🔎	2 categories

• 📡 Dynamic instrumentation ∙ 1 package

  
  

  • 📦 [email protected] ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗

    
    

    • npm install spawned a process ∙ 1 total occurrence

      
      

      Name	Version	Transitive Dependency	Occurrences	More
      core-js	3.9.0		1	🔗

• 🔎 Static analysis ∙ 1 package

  
  

  • 📦 [email protected] ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗

    
    

    • install script detected in package.json ∙ 1 total occurrence

      
      

      Name	Version	Transitive Dependency	Occurrences	More
      core-js	3.9.0		1	🔗

---

🔷 Low severity

🛡️📑🔎	3 categories

• 🛡️ Advisories ∙ 1 package

  
  

  • 📦 [email protected] ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗

    
    

    • Regular Expression Denial of Service (ReDoS) ∙ 1 total occurrence

      
      

      Name	Version	Transitive Dependency	Occurrences	More
      diff	3.4.0		1	🔗

• 📑 Metadata ∙ 1 package

  
  

  • 📦 [email protected] ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗

    
    

    • This package has inconsistent devDependencies in the tarball's package.json ∙ 1 total occurrence

      
      

      Name	Version	Transitive Dependency	Occurrences	More
      next	13.1.6		1	🔗

• 🔎 Static analysis ∙ 1 package

  
  

  • 📦 [email protected] ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗

    
    

    • shady link detected in package ∙ 1 total occurrence

      
      

      Name	Version	Transitive Dependency	Occurrences	More
      core-js	3.9.0		1	🔗

---

Powered by listen.dev