TH18202
Detected presence of software components authored by accounts in regions with EU export restrictions.
priority | CI/CD status | severity | effort | SAFE level | SAFE assessment |
---|---|---|---|---|---|
pass | high | high | None | None |
About the issueโ
Export restrictions (or a restriction on exportation) are limitations on the quantity of goods exported to a specific country or countries by a Government. The European Union has imposed export restrictions on a number of countries and regions. These restrictions may or may not apply to digital goods such as software and other related intellectual property. It is advised that the reported findings are put in the usage context so that they can be audited and reviewed by the legal department before the software package is deployed. Current list of countries with export restrictions includes: Belarus (.by), Iran (.ir), Iraq (.iq), Libya (.ly), Myanmar (.mm), North Korea (.nk), Syria (.sy), Venezuela (.ve) and Zimbabwe (.zw).
How to resolve the issueโ
- Investigate reported detections.
- You should delay the software release until the legal review is completed.
Incidence statisticsโ
ReversingLabs periodically collects and analyzes the contents of popular software package repositories for threat research purposes. Analysis results are used to calculate incidence statistics for issues (policy violations) that Spectra Assure can detect in software packages.
This section is updated when new data becomes available.
Total amount of packages analyzed
- RubyGems: 183K
- Nuget: 644K
- PyPi: 628K
- NPM: 3.72M
Recommended readingโ
- Export restriction (External resource - Wikipedia)
- EU export controls: Exporting dual-use items (External resource)