TH15101
Detected presence of files with behaviors that were marked to issue a warning.
| priority | CI/CD status | severity | effort | SAFE level | SAFE assessment |
|---|---|---|---|---|---|
 | pass | medium | high | None | tampering: warning Reason: restricted application behaviors |
About the issueโ
Software components contain executable code that performs actions implemented during its development. These actions are called behaviors. In the analysis report, behaviors are presented as human-readable descriptions that best match the underlying code intent. While most behaviors are commonly found in software, some can be intentionally declared as undesirable through the organization policy. This issue is reported for files exhibiting behaviors that were explicitly marked to issue a warning.
How to resolve the issueโ
- Review the audit section to better understand the organization security policy.
- You should delay the software release until the investigation is completed, or until the issue is risk accepted.
- Consider rewriting the flagged code without using the marked behaviors.
Incidence statisticsโ
ReversingLabs periodically collects and analyzes the contents of popular software package repositories for threat research purposes. Analysis results are used to calculate incidence statistics for issues (policy violations) that Spectra Assure can detect in software packages.
This section is updated when new data becomes available.
Total amount of packages analyzed
- RubyGems: 183K
- Nuget: 644K
- PyPi: 628K
- NPM: 3.72M