locutus
Locutus other languages' standard libraries to JavaScript for fun and educational purposes
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| semgrep | semgrep:etc-passwd-access | AI (semgrep): Comment/example string referencing /etc/passwd in dirname(); not actual file access. | ai | |
| semgrep | semgrep:eval-usage | AI (semgrep): eval() in json_decode is intentional PHP-port behavior; stable for this package. | ai |
Versions (showing 10 of 10)
| Version | Deps | Published |
|---|---|---|
| 3.0.36 | 0 / 15 | |
| 3.0.35 | 0 / 15 | |
| 3.0.33 | 0 / 15 | |
| 3.0.32 | 0 / 15 | |
| 3.0.31 | 0 / 15 | |
| 3.0.30 | 0 / 15 | |
| 3.0.28 | 0 / 15 | |
| 3.0.27 | 0 / 15 | |
| 3.0.26 | 0 / 15 | |
| 3.0.25 | 0 / 15 |
v3.0.36
3 findingsAccessing /etc/passwd or /etc/shadow — credential harvesting on Linux 4 | // original by: Ozh 5 | // improved by: XoraX (https://www.xorax.info) > 6 | // example 1: dirname('/etc/passwd') 7 | // returns 1: '/etc' 8 | // example 2: dirname('c:/Temp/x')
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux 7 | // original by: Ozh 8 | // improved by: XoraX (https://www.xorax.info) > 9 | // example 1: dirname('/etc/passwd') 10 | // returns 1: '/etc' 11 | // example 2: dirname('c:/Temp/x')
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.35
3 findingsAccessing /etc/passwd or /etc/shadow — credential harvesting on Linux 4 | // original by: Ozh 5 | // improved by: XoraX (https://www.xorax.info) > 6 | // example 1: dirname('/etc/passwd') 7 | // returns 1: '/etc' 8 | // example 2: dirname('c:/Temp/x')
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux 7 | // original by: Ozh 8 | // improved by: XoraX (https://www.xorax.info) > 9 | // example 1: dirname('/etc/passwd') 10 | // returns 1: '/etc' 11 | // example 2: dirname('c:/Temp/x')
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.33
3 findingsAccessing /etc/passwd or /etc/shadow — credential harvesting on Linux 4 | // original by: Ozh 5 | // improved by: XoraX (https://www.xorax.info) > 6 | // example 1: dirname('/etc/passwd') 7 | // returns 1: '/etc' 8 | // example 2: dirname('c:/Temp/x')
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux 7 | // original by: Ozh 8 | // improved by: XoraX (https://www.xorax.info) > 9 | // example 1: dirname('/etc/passwd') 10 | // returns 1: '/etc' 11 | // example 2: dirname('c:/Temp/x')
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.32
3 findingsAccessing /etc/passwd or /etc/shadow — credential harvesting on Linux 4 | // original by: Ozh 5 | // improved by: XoraX (https://www.xorax.info) > 6 | // example 1: dirname('/etc/passwd') 7 | // returns 1: '/etc' 8 | // example 2: dirname('c:/Temp/x')
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux 7 | // original by: Ozh 8 | // improved by: XoraX (https://www.xorax.info) > 9 | // example 1: dirname('/etc/passwd') 10 | // returns 1: '/etc' 11 | // example 2: dirname('c:/Temp/x')
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.31
3 findingsAccessing /etc/passwd or /etc/shadow — credential harvesting on Linux 4 | // original by: Ozh 5 | // improved by: XoraX (https://www.xorax.info) > 6 | // example 1: dirname('/etc/passwd') 7 | // returns 1: '/etc' 8 | // example 2: dirname('c:/Temp/x')
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux 7 | // original by: Ozh 8 | // improved by: XoraX (https://www.xorax.info) > 9 | // example 1: dirname('/etc/passwd') 10 | // returns 1: '/etc' 11 | // example 2: dirname('c:/Temp/x')
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.30
3 findingsAccessing /etc/passwd or /etc/shadow — credential harvesting on Linux 4 | // original by: Ozh 5 | // improved by: XoraX (https://www.xorax.info) > 6 | // example 1: dirname('/etc/passwd') 7 | // returns 1: '/etc' 8 | // example 2: dirname('c:/Temp/x')
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux 7 | // original by: Ozh 8 | // improved by: XoraX (https://www.xorax.info) > 9 | // example 1: dirname('/etc/passwd') 10 | // returns 1: '/etc' 11 | // example 2: dirname('c:/Temp/x')
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.28
3 findingsAccessing /etc/passwd or /etc/shadow — credential harvesting on Linux 4 | // original by: Ozh 5 | // improved by: XoraX (https://www.xorax.info) > 6 | // example 1: dirname('/etc/passwd') 7 | // returns 1: '/etc' 8 | // example 2: dirname('c:/Temp/x')
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux 7 | // original by: Ozh 8 | // improved by: XoraX (https://www.xorax.info) > 9 | // example 1: dirname('/etc/passwd') 10 | // returns 1: '/etc' 11 | // example 2: dirname('c:/Temp/x')
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.27
3 findingsAccessing /etc/passwd or /etc/shadow — credential harvesting on Linux 4 | // original by: Ozh 5 | // improved by: XoraX (https://www.xorax.info) > 6 | // example 1: dirname('/etc/passwd') 7 | // returns 1: '/etc' 8 | // example 2: dirname('c:/Temp/x')
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux 7 | // original by: Ozh 8 | // improved by: XoraX (https://www.xorax.info) > 9 | // example 1: dirname('/etc/passwd') 10 | // returns 1: '/etc' 11 | // example 2: dirname('c:/Temp/x')
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.26
3 findingsAccessing /etc/passwd or /etc/shadow — credential harvesting on Linux 4 | // original by: Ozh 5 | // improved by: XoraX (https://www.xorax.info) > 6 | // example 1: dirname('/etc/passwd') 7 | // returns 1: '/etc' 8 | // example 2: dirname('c:/Temp/x')
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux 7 | // original by: Ozh 8 | // improved by: XoraX (https://www.xorax.info) > 9 | // example 1: dirname('/etc/passwd') 10 | // returns 1: '/etc' 11 | // example 2: dirname('c:/Temp/x')
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.25
3 findingsAccessing /etc/passwd or /etc/shadow — credential harvesting on Linux 4 | // original by: Ozh 5 | // improved by: XoraX (https://www.xorax.info) > 6 | // example 1: dirname('/etc/passwd') 7 | // returns 1: '/etc' 8 | // example 2: dirname('c:/Temp/x')
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux 7 | // original by: Ozh 8 | // improved by: XoraX (https://www.xorax.info) > 9 | // example 1: dirname('/etc/passwd') 10 | // returns 1: '/etc' 11 | // example 2: dirname('c:/Temp/x')
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.