Close Open Privacy Scan
App Privacy Score
Low risk · 113 finding(s)
Dependency score: 97 (Low risk)
bar_chart Score Breakdown
list Scan Summary
swap_horiz Application data flows
No high- or medium-confidence application data-flow findings in this scan.
</> First-Party Code
first-party (npm)
npm first-partyexpand_more 5 low-confidence finding(s)
if (process.env.NODE_ENV !== 'test') app.use(logger(':method :url'))Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
var silent = process.env.NODE_ENV === 'test'Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
fs.readFile(path, 'utf8', function(err, str){
if (err) return fn(err);
var html = marked.parse(str).replace(/\{([^}]+)\}/g, function(_, name){
return escapeHtml(options[name] || '');
});
fn(null, html);
});Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
var verbose = process.env.NODE_ENV !== 'test'Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
var env = process.env.NODE_ENV || 'development';Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
</> Dependencies
debug
npm dependencyexpand_more 5 low-confidence finding(s)
r = process.env.DEBUG;Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
let val = process.env[key];Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
process.env.DEBUG = namespaces;Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
delete process.env.DEBUG;Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
return process.env.DEBUG;Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
depd
npm dependencyexpand_more 2 low-confidence finding(s)
var str = process.env.NO_DEPRECATION || ''Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
var str = process.env.TRACE_DEPRECATION || ''Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
ejs
npm dependencyexpand_more 22 low-confidence finding(s)
let fs = require('fs');Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
let fs = require('fs');Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
let usage = fs.readFileSync(`${__dirname}/../usage.txt`).toString();Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
input = fs.readFileSync(pOpts.dataFile).toString();Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
let template = fs.readFileSync(opts.filename).toString();Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
fs.writeFileSync(pOpts.outputFile, output);Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
var fs_1 = __importDefault(require("fs"));Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
let fs = require('fs');Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
let fs = require('fs');Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
let source = fs.readFileSync('lib/cjs/ejs.js', 'utf8').toString();Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
fs.writeFileSync('lib/cjs/ejs.js', source);Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
let utilsSource = fs.readFileSync('lib/cjs/utils.js', 'utf8').toString();Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
fs.writeFileSync('lib/cjs/utils.js', utilsSource);Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
let parseargsSource = fs.readFileSync('lib/cjs/parseargs.js', 'utf8').toString();Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
fs.writeFileSync('lib/cjs/parseargs.js', parseargsSource);Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
fs.writeFileSync('lib/cjs/package.json', '{"type":"commonjs"}');Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
fs.writeFileSync('out/CNAME', 'api.ejs.co');Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
fs.writeFileSync(path.join(fixtureDir, 'package.json'), JSON.stringify({
private: true,
type: 'module'
}, null, 2));Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
fs.writeFileSync(path.join(fixtureDir, 'cjs-smoke.cjs'), [
'const assert = require("assert");',
'const ejs = require("ejs");',
'assert.equal(typeof ejs.render, "function");',
'assert.equal(ejs.render("<%= name %>", {name: "<>&"}), "<>&");',
''
].join('\n'));Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
fs.writeFileSync(path.join(fixtureDir, 'esm-smoke.mjs'), [
'import assert from "node:assert/strict";',
'import ejs from "ejs";',
'assert.equal(typeof ejs.render, "function");',
'assert.equal(ejs.render("<%= name %>", {name: "<>&"}), "<>&");',
''
].join('\n'));Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
fs.writeFileSync(path.join(fixtureDir, 'template.ejs'), 'Hello <%= name %>');Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
var fs_1 = __importDefault(require("fs"));Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
eslint
npm dependencyexpand_more 25 low-confidence finding(s)
const fs = require("fs");Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
const fs = require("fs");Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
fs.writeFileSync(result.filePath, result.output);Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
text: fs.readFileSync(filePath, "utf8"),Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
const fs = require("fs");Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
const fs = require("fs");Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
const fs = require("fs");Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
const fs = require("fs");Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
fileDescriptor.meta.results.source = fs.readFileSync(filePath, "utf-8");Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
const fs = require("fs"),Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
const fs = require("fs"),Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
const fs = require("fs"),Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
const fs = require("fs"),Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
const fs = require("fs");Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
const fs = require("fs");Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
const fs = require("fs");Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
const fs = require("fs");Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
const fs = require("fs").promises;Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
.map(r => fs.writeFile(r.filePath, r.output))Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
return fs.readFile(filePath, "utf8")Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
switch (process.env.ESLINT_USE_FLAT_CONFIG) {Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
const enabled = !!process.env.TIMING;Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
if (typeof process.env.TIMING !== "string") {Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
if (process.env.TIMING.toLowerCase() === "all") {Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
const TIMING_ENV_VAR_AS_INTEGER = Number.parseInt(process.env.TIMING, 10);Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
etag
npm dependencyexpand_more 1 low-confidence finding(s)
var Stats = require('fs').StatsReads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
express-session
npm dependencyexpand_more 1 low-confidence finding(s)
var env = process.env.NODE_ENV;Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
finalhandler
npm dependencyexpand_more 1 low-confidence finding(s)
var env = opts.env || process.env.NODE_ENV || 'development'Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
hbs
npm dependencyexpand_more 5 low-confidence finding(s)
var fs = require('fs');Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
var fs = require('fs');Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
fs.readFile(filename, 'utf8', function(err, str){
if (err) {
return cb(err);
}
var template = handlebars.compile(str);
if (locals.cache) {
cache[filename] = template;
}
try {
var res = template(locals, handlebarsOpts);
self.async.done(function(values) {
Object.keys(values).forEach(function(id) {
res = res.replace(id, values[id]);
});
cb(null, res);
});
} catch (err) {
cb(prependFilenameToError(filename, err))
}
});Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
fs.readFile(template, 'utf8', function(err, str) {
if (err) {
if (layout && templates.length === 0) {
// Only return error if user explicitly asked for layout.
return cb(err);
}
if (templates.length > 0) {
return tryReadFileAndCache(templates);
}
return render_file(options, cb);
}
cacheAndCompile(template, str);
});Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
fs.readFile(filepath, 'utf8', function(err, data) {
if (!err) {
var extname = path.extname(filepath)
var name = path.relative(directory, filepath)
.slice(0, -(extname.length))
.replace(/\\/g, '/')
handlebars.registerPartial(rename(name).replace(/ /g, '_'), data)
}
done(err);
});Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
mocha
npm dependencyexpand_more 13 low-confidence finding(s)
require("js-yaml").load(fs.readFileSync(filepath, "utf8")),Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
require("strip-json-comments")(fs.readFileSync(filepath, "utf8")),Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
const css = fs.readFileSync(path.join(srcdir, "mocha.css"));Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
const js = fs.readFileSync(path.join(srcdir, "mocha.js"));Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
const tmpl = fs.readFileSync(
path.join(srcdir, "lib", "browser", "template.html"),
);Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
fs.writeFileSync(path.join(destdir, "mocha.css"), css);Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
fs.writeFileSync(path.join(destdir, "mocha.js"), js);Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
fs.writeFileSync(path.join(destdir, "tests.spec.js"), "");Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
fs.writeFileSync(path.join(destdir, "index.html"), tmpl);Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
configData = fs.readFileSync(filepath, "utf8");Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
const envConfig = parse(process.env.MOCHA_OPTIONS || "");Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
(supportsColor.stdout || process.env.MOCHA_COLORS !== undefined);Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
fs.writeFileSync(output, json);Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
nyc
npm dependencyexpand_more 31 low-confidence finding(s)
const fs = require('fs')Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
const fs = require('fs')Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
env.BABEL_DISABLE_CACHE = process.env.BABEL_DISABLE_CACHE = '1'Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
env.SPAWN_WRAP_SHIM_ROOT = process.env.SPAWN_WRAP_SHIM_ROOT || process.env.XDG_CACHE_HOME || require('os').homedir()Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
env.SPAWN_WRAP_SHIM_ROOT = process.env.SPAWN_WRAP_SHIM_ROOT || process.env.XDG_CACHE_HOME || require('os').homedir()Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
const source = await fs.readFile(filename, 'utf8')Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
const inCode = await fs.readFile(inFile, 'utf-8')Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
await fs.writeFile(outFile, outCode)Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
if (!process.env.NYC_CWD) {Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
process.env.NYC_PROCESS_ID = this.processInfo.uuidReads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
fs.writeFileSync(
coverageFilename,
JSON.stringify(coverage),
'utf-8'
)Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
const report = JSON.parse(await fs.readFile(path.resolve(baseDirectory, filename)), 'utf8')Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
process.env.NYC_CWD = process.cwd()Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
process.env.NYC_CWD = process.cwd()Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
await fs.writeFile(argv.outputFile, JSON.stringify(map), 'utf8')Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
process.env.NYC_CWD = process.cwd()Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
cwd = cwd || process.env.NYC_CWD || process.cwd()Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
const fs = require('fs')Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
const fs = require('fs')Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
envToCopy[env] = process.env[env]Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
envToCopy[envName] = process.env[envName]Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
fs.writeFileSync(mapPath, JSON.stringify(sourceMap))Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
this.loadedMaps[hash] = JSON.parse(await fs.readFile(mapPath, 'utf8'))Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
process.env.NYC_CONFIG ||Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
parent: process.env.NYC_PROCESS_ID || nullReads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
if (process.env.NYC_PROCESSINFO_EXTERNAL_ID) {Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
config._processInfo.externalId = process.env.NYC_PROCESSINFO_EXTERNAL_IDReads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
delete process.env.NYC_PROCESSINFO_EXTERNAL_IDReads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
if (process.env.NYC_CONFIG_OVERRIDE) {Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
Object.assign(config, JSON.parse(process.env.NYC_CONFIG_OVERRIDE))Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
process.env.NYC_CONFIG = JSON.stringify(config)Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
send
npm dependencyexpand_more 2 low-confidence finding(s)
var fs = require('fs')Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
var fs = require('fs')Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.
Fix: Usually benign; confirm any secret read here is not later sent externally.
Skipped dependencies
Production
- content-disposition prod — dist-only: no readable source
- content-type prod — dist-only: no readable source
- cookie prod — dist-only: no readable source