-= Per source details. Do not edit below this line.=-
The package baidu-oscp was found to contain malicious code.
The OpenSSF Package Analysis project identified 'baidu-oscp' @ 19.9.31 (npm) as malicious.
It is considered malicious because:
{
"malicious-packages-origins": [
{
"versions": [
"19.9.31"
],
"sha256": "2758b8fdfed8e0df61c234bf9c6956c5f9970adf98784ba56d0b222b1f8da1a8",
"modified_time": "2025-12-09T09:30:36Z",
"source": "ossf-package-analysis",
"import_time": "2025-12-10T06:10:37.582807781Z"
},
{
"versions": [
"19.9.30"
],
"sha256": "88d23e2210f2ea140f4a76edea228612231da650f80248eb3ea54f715c947f19",
"modified_time": "2025-12-09T09:25:51Z",
"source": "ossf-package-analysis",
"import_time": "2025-12-10T06:10:37.501569117Z"
},
{
"versions": [
"19.9.31",
"19.9.30"
],
"sha256": "1707ecb3311268a4753a44190db82280e80d16015e5474475863a3e1487aa5c0",
"modified_time": "2025-12-10T21:03:50Z",
"source": "amazon-inspector",
"import_time": "2025-12-10T21:07:51.31142818Z"
}
]
}