socket-security[bot]
commented
2 years ago Socket Security Report
š New install scripts detected
A dependency change in this PR is introducing new install scripts to your install step.
š Package telemetry added
A dependency change in this PR includes telemetry.
| Package | Note | Location |
|---|---|---|
| next@12.2.2 (added) | Can be disabled by setting the environment variable NEXT_TELEMETRY_DISABLED=1 | packages/server/package.json |
š«£ Native code
Contains native code which could be a vector to obscure malicious code, and generally decrease the likelihood of reproducible or reliable installs.
Socket.dev scan summary
| Issue | Status |
|---|---|
| Did you mean? | ā no new possible package typos |
| Install scripts | ā ļø 11 new install scripts detected |
| Telemetry | ā ļø 1 new telemetry script detected |
| Troll package | ā no new troll packages |
| Malware | ā no new malware |
| Native code | ā ļø 5 new native modules detected |
Powered by socket.dev
Hey!
In this PR:
/src/actions/. It allows developers to use octane as a library, while keeping the web service mode. It also makes testing much easier.env.tsandconnection.ts) to/src/helpers. The idea is thatcoreshould be context-independent and configured only through argument. However, if an app uses octane as a library, they might choose to opt-in and use some of the helpers for configuration.Tests and library setup were commited separately, if you would like to review it subsequently.