-= Per source details. Do not edit below this line.=-
The OpenSSF Package Analysis project identified 'http-req-lite' @ 1.0.0 (npm) as malicious.
It is considered malicious because:
The package communicates with a domain associated with malicious activity.
The package executes one or more commands associated with malicious behavior.
{
"malicious-packages-origins": [
{
"sha256": "6fcf8bb9984d83b39b69d2dbe9e0e928c5eeab345a2fb05446ab0f6e5eb1a11d",
"versions": [
"1.0.0"
],
"source": "ossf-package-analysis",
"modified_time": "2026-07-16T13:11:00Z",
"import_time": "2026-07-16T13:35:54.06902228Z"
}
]
}