Closed lnbc1QWFyb24 closed 2 years ago
Dependency issues detected. If you merge this pull request, you will not be alerted to the instances of these issues again.
A dependency change in this PR is introducing new install scripts to your install step.
binding.gyp
package.json
install
postinstall
Contains native code which could be a vector to obscure malicious code, and generally decrease the likelihood of reproducible or reliable installs.
To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@2.4.2
@SocketSecurity ignore
package-name@version
@SocketSecurity ignore foo@1.0.0 bar@2.4.2
@SocketSecurity ignore secp256k1@4.0.3
@SocketSecurity ignore core-js@3.25.5
Powered by socket.dev
Socket Security Report
Dependency issues detected. If you merge this pull request, you will not be alerted to the instances of these issues again.
📜 New install scripts detected
A dependency change in this PR is introducing new install scripts to your install step.
binding.gyppackage.jsonvia lnmessage@0.0.5installpackage.jsonvia lnmessage@0.0.5postinstallpackage.jsonvia vconsole@3.14.7🫣 Native code
Contains native code which could be a vector to obscure malicious code, and generally decrease the likelihood of reproducible or reliable installs.
package.jsonvia lnmessage@0.0.5Socket.dev scan summary
Bot Commands
To ignore an alert, reply with a comment starting with
@SocketSecurity ignorefollowed by a space separated list ofpackage-name@versionspecifiers. e.g.@SocketSecurity ignore foo@1.0.0 bar@2.4.2@SocketSecurity ignore secp256k1@4.0.3@SocketSecurity ignore core-js@3.25.5Powered by socket.dev