Havunen
commented
2 months ago The dependency chain seems to be following:
"koa-better-body": "^3.3.9",
Loads "koa-body-parsers": "tunnckocore/body-parsers#patch-1"
which seems to be hosted here:
https://github.com/tunnckoCore/body-parsers/tree/patch-1
and it contains a test file shipped in the npm package.
tunnckoCore
F-Secure WithSecure security scanner does not like the test file and is reporting false positive about it. Never the less, including the test file is waste of network traffic.
https://github.com/koajs/body-parsers/blob/master/test/test.js