chore: update deps

[hieu-w]

Motivation and Context

Jira Link

https://consensyssoftware.atlassian.net/browse/W3APD-5248

Description

Stack upgrade:

• Remove umd build & webpack
• Upgrade all deps to latest
• Drop node 20 support. All repos .nvmrc min as node 22
• keep node 24 as active and all lock files to point to node 24
• eliptics replaced by @noble/curves
• Remove buffer

Summary

• Replaced legacy crypto libraries (elliptic, bn.js, Buffer) with modern alternatives (@noble/curves, native bigint, Uint8Array) across the entire codebase for improved security, bundle size, and ESM compatibility.
• Updated all dependencies to latest major versions including @toruslabs/constants v16, @toruslabs/eccrypto v7, @toruslabs/http-helpers v9, vitest v4, typescript v5.9, and more.
• Added source and authorizationServerUrl as new optional parameters to TorusCtorOptions.

Change Patterns

Crypto Library Migration

• new EC("secp256k1") / new EC("ed25519") → secp256k1 / ed25519 from @noble/curves
• ecCurve.keyFromPrivate(sk).getPublic() → ecCurve.Point.BASE.multiply(sk).toAffine()
• ecCurve.keyFromPublic({x, y}) → ecCurve.Point.fromAffine({x, y})
• ecCurve.genKeyPair().getPrivate() → ecCurve.utils.randomSecretKey()
• ecCurve.n → ecCurve.Point.CURVE().n
• ecCurve.sign(msg, key) → secp256k1.sign(msg, key, { prehash: false })

Data Type Replacements

• BN → bigint (all arithmetic uses native operators + mod()/invert() from @noble/curves/abstract/modular)
• new BN(x, "hex") → toBigIntBE(x)
• bn.toString("hex", 64) → bigintToHex(bn)
• bn.add/sub/mul/umod → + / - / * / mod()
• bn.invm(n) → invert(bn, n)
• bn.cmp(other) → native comparison operators (===, <, >)

Buffer → Uint8Array

• Buffer.from(hex, "hex") → hexToBytes(hex)
• buffer.toString("hex") → bytesToHex(bytes)
• Buffer.from(str, "utf8") → utf8ToBytes(str) (via TextEncoder)
• buffer.toString("base64") → bytesToBase64(bytes) (via btoa)
• Buffer.from(b64, "base64") → base64ToBytes(b64) (via atob)
• Buffer.concat([...]) → concatBytes(...)
• Buffer.from(keccakHash(...)) → bytesToHex(keccakHash(...))

Type Definitions

• EC type → Curve (typeof secp256k1 | typeof ed25519)
• BNString → BigIntString (string | bigint)
• curve.base.BasePoint → Point2D ({ x: bigint; y: bigint })

Edge Case Handling

• Guard against 0n scalar in Point.multiply() (noble-curves rejects zero scalar)
• Signature recovery byte appended after compact signature (not prepended)
• secp256k1.sign() called with { prehash: false } to avoid double-hashing

Breaking Changes

• BN → bigint in all public APIs (Point, Share, Polynomial, utility functions)
• Buffer → Uint8Array in all public APIs
• EC → Curve type for curve parameters
• Node.js >=22 required (previously >=18)
• elliptic and bn.js removed from dependencies

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)

Checklist

• My code follows the code style of this project. (run lint)
• My change requires a change to the documentation.
• I have updated the documentation accordingly.
• I have added tests to cover my changes.
• All new and existing tests passed.

---

Note

Low Risk
Small repo-maintenance changes (Node version pin, docs, lint ignores) with minimal runtime impact; main risk is CI/dev env mismatch if consumers aren’t on Node 24+.

Overview
Updates the repo’s Node version requirement by changing .nvmrc from >=18.x to >=24.x.

Removes the README mention of the umd build, aligning docs with the remaining esm/cjs outputs.

Adjusts eslint.config.mjs to ignore dist/** and babel.config.js, and relaxes import/no-extraneous-dependencies for test/** files.

^{Written by Cursor Bugbot for commit 32e9a61. This will update automatically on new commits. Configure here.}

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	@​toruslabs/​config@​3.1.0 ⏵ 4.0.0	-1		+2	+7
	@​toruslabs/​constants@​15.0.0 ⏵ 16.0.0				+6
	@​toruslabs/​eslint-config-typescript@​4.1.0 ⏵ 5.0.0	-1		+2	-2
	@​vitest/​coverage-istanbul@​3.0.8 ⏵ 4.0.18	+1		+5
	@​types/​jsonwebtoken@​9.0.9 ⏵ 9.0.10
	@​toruslabs/​torus-scripts@​7.1.2 ⏵ 8.0.0	+2		+1	-3
	@​babel/​register@​7.25.9 ⏵ 7.28.6	+1		+1
	vitest@​3.0.8 ⏵ 4.0.18	+1
	@​babel/​runtime@​7.26.9 ⏵ 7.28.6	+1	+2
	json-stable-stringify@​1.2.1 ⏵ 1.3.0	+1
	tsx@​4.19.3 ⏵ 4.21.0			+1
	cross-env@​7.0.3 ⏵ 10.1.0
	rimraf@​6.0.1 ⏵ 6.1.2	+1
	ethereum-cryptography@​3.1.0 ⏵ 3.2.0
	jsonwebtoken@​9.0.2 ⏵ 9.0.3	+1
	@​noble/​curves@​1.8.1 ⏵ 2.0.1
	@​toruslabs/​http-helpers@​8.1.1 ⏵ 9.0.0				+2
	lint-staged@​15.4.3 ⏵ 16.2.7	+1		+1	+1
	@​faker-js/​faker@​9.6.0 ⏵ 10.3.0	+5		+12	-1
	typescript@​5.8.2 ⏵ 5.9.3	+1		+1
	prettier@​3.5.3 ⏵ 3.8.1	-7		+1
	@​toruslabs/​fetch-node-details@​15.0.0 ⏵ 16.0.0	+1			+6
	@​toruslabs/​eccrypto@​6.0.2 ⏵ 7.0.0				+7
	dotenv@​16.4.7 ⏵ 17.2.4			+1
	eslint@​9.22.0 ⏵ 9.39.2	+5

View full report

[socket-security]

Warning

MetaMask internal reviewing guidelines:

• Do not ignore-all
• Each alert has instructions on how to review if you don't know what it means. If lost, ask your Security Liaison or the supply-chain group
• Copy-paste ignore lines for specific packages or a group of one kind with a note on what research you did to deem it safe.
  @SocketSecurity ignore npm/PACKAGE@VERSION

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		Potential code anomaly (AI signal): npm @babel/core is 100.0% likely to have a medium risk anomaly Notes: The examined code is a standard, benign helper for constructing and wrapping configuration items from descriptors within Babel’s tooling. There is no evidence of data leakage, exfiltration, backdoors, or other malicious activity in this fragment. The combination of immutability, brand-based identity, and non-enumerable descriptor storage indicates a well-scoped internal utility rather than anything suspicious. Confidence: 1.00 Severity: 0.60 From: package-lock.json → npm/@babel/register@7.28.6 → npm/@vitest/coverage-istanbul@4.0.18 → npm/@toruslabs/torus-scripts@8.0.0 → npm/@babel/core@7.29.0 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@babel/core@7.29.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Potential code anomaly (AI signal): npm @napi-rs/wasm-runtime is 100.0% likely to have a medium risk anomaly Notes: The fragment appears to implement a substantial WASI/N-API bridge with comprehensive memory and filesystem interfacing. There is no concrete evidence of malicious payloads such as data exfiltration, backdoors, or remote command execution in this snippet. The primary concerns relate to the unusual in-browser input path (readStdin) and the large surface area for data flows across threads and FFI boundaries. A targeted, broader audit of the complete module and any wasm payloads loaded through these bindings is recommended to ensure rights enforcement and memory safety. Overall risk is moderate but current evidence does not indicate active malware. Confidence: 1.00 Severity: 0.60 From: package-lock.json → npm/@toruslabs/eslint-config-typescript@5.0.0 → npm/@napi-rs/wasm-runtime@0.2.12 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@napi-rs/wasm-runtime@0.2.12. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Potential code anomaly (AI signal): npm acorn is 100.0% likely to have a medium risk anomaly Notes: Overall, the analyzed code is a legitimate, well-structured Acorn 8.x parser fragment with robust handling for ES2020+ features. There is no direct malicious payload, backdoor, or exfiltration mechanism within this fragment. The primary security considerations relate to safe handling of untrusted input to avoid DoS via complex/ pathological RegExp usage or verbose error reporting. In a typical extension usage, isolate parsing to a sandbox and limit resource usage to mitigate potential abuse. Confidence: 1.00 Severity: 0.60 From: package-lock.json → npm/eslint@9.39.2 → npm/acorn@8.15.0 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/acorn@8.15.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Potential code anomaly (AI signal): npm consola is 100.0% likely to have a medium risk anomaly Notes: The analyzed code fragment is a feature-rich, standard Consola logging utility responsible for redirecting and managing log output with throttling, pausing, and reporter integration. There is no direct evidence of malicious activity, hardcoded secrets, or exfiltration within this snippet. However, the powerful I/O overrides pose privacy and data flow risks if reporters or downstream sinks are untrusted. The security posture hinges on trusted reporters and proper governance of the overall supply chain. Confidence: 1.00 Severity: 0.60 From: package-lock.json → npm/@toruslabs/torus-scripts@8.0.0 → npm/consola@3.4.2 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/consola@3.4.2. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Potential code anomaly (AI signal): npm es-module-lexer is 100.0% likely to have a medium risk anomaly Notes: This es-module-lexer component appears legitimate in its intended role but contains a significant risk surface: (a) an eval-based sink that can execute code derived from untrusted module input, and (b) an embedded wasm blob loaded at runtime that could be manipulated via supply chain compromise. The combination means using this parser with untrusted code or in an unsafe host environment could enable arbitrary code execution or behavior modification. The code shows no obvious exfiltration or persistence mechanisms, but the eval path is unacceptable in many security models and requires strict sandboxing or replacement with safer parsing patterns. Recommend using only trusted inputs, hardening the eval path (remove or heavily restrict), and validating the wasm blob integrity via checksums/signatures in the build/publish process. Confidence: 1.00 Severity: 0.60 From: package-lock.json → npm/vitest@4.0.18 → npm/es-module-lexer@1.7.0 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/es-module-lexer@1.7.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Potential code anomaly (AI signal): npm esbuild is 100.0% likely to have a medium risk anomaly Notes: On its face this package.json looks like the legitimate esbuild package layout: it runs a local install.js during postinstall and defines many optional platform-specific packages. The main risk is that the uninspected install.js may perform arbitrary, privileged actions (download remote binaries, execute code, add hooks, exfiltrate data, etc.). You should audit the contents of install.js (and any code it downloads or executes) before trusting installation in sensitive environments. The package.json itself does not contain obvious malicious indicators (no http:// deps, no non-registry dependency URLs, no overrides), but the postinstall hook makes it potentially risky. Confidence: 1.00 Severity: 0.60 From: package-lock.json → npm/vitest@4.0.18 → npm/tsx@4.21.0 → npm/esbuild@0.27.2 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/esbuild@0.27.2. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Potential code anomaly (AI signal): npm get-intrinsic is 100.0% likely to have a medium risk anomaly Notes: The GetIntrinsic module is a conventional intrinsic resolver designed for sandboxed JavaScript environments. It includes careful validation, alias handling, and selective dynamic evaluation for specific intrinsics. While there is a real potential risk from Function-based evaluation if exposed to untrusted input, in this isolated code path there is no evidence of data leakage, backdoors, or external communications. The component is acceptable with proper sandbox boundaries; the most important mitigations are ensuring inputs are trusted and that dynamic evaluation cannot be triggered by untrusted sources. Confidence: 1.00 Severity: 0.60 From: package-lock.json → npm/@toruslabs/eslint-config-typescript@5.0.0 → npm/json-stable-stringify@1.3.0 → npm/get-intrinsic@1.3.0 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/get-intrinsic@1.3.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Potential code anomaly (AI signal): npm ignore is 100.0% likely to have a medium risk anomaly Notes: The code fragment represents a conventional, well-structured path-ignore utility with caching and recursive parent-directory evaluation. Windows path normalization is present for compatibility but does not indicate malicious intent. No indicators of data leakage, external communication, or covert backdoors were found. Security impact primarily revolves around correct ignore semantics rather than intrinsic vulnerabilities. The component remains appropriate for use in a broader security-conscious pipeline if used with careful awareness of what is being ignored. Confidence: 1.00 Severity: 0.60 From: package-lock.json → npm/@toruslabs/eslint-config-typescript@5.0.0 → npm/ignore@7.0.5 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/ignore@7.0.5. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Potential code anomaly (AI signal): npm jiti is 100.0% likely to have a medium risk anomaly Notes: The fragment implements a sophisticated on-the-fly loader using JITI for transpilation and execution, with careful handling of JSON interop based on nearby package.json type. There is no explicit malicious behavior identified (no external network activity, no hardcoded secrets). However, the dynamic code execution path introduced by _wrapSource and the synthetic module environment represents a potential risk vector if untrusted inputs are loaded, or if jiti/mjs execution context could be manipulated. This warrants strict review of the loader environment, the version and security of JITI, and checks on the sources being loaded to mitigate potential code execution or supply chain concerns. Confidence: 1.00 Severity: 0.60 From: package-lock.json → npm/eslint@9.39.2 → npm/vitest@4.0.18 → npm/@toruslabs/torus-scripts@8.0.0 → npm/jiti@2.6.1 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/jiti@2.6.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Potential code anomaly (AI signal): npm open is 100.0% likely to have a medium risk anomaly Notes: The code is a legitimate cross-platform URL/application launcher with broad compatibility. There is no clear malicious behavior, but the use of external process invocations and encoded PowerShell commands warrants careful input validation and least-privilege deployment in sensitive environments. Emphasize input sanitization (target URLs, app names/arguments) and ensure secure handling of platform-specific commands to minimize potential abuse. Overall security risk remains moderate due to command execution surfaces, but no malicious activity identified in this fragment. Confidence: 1.00 Severity: 0.60 From: package-lock.json → npm/@toruslabs/torus-scripts@8.0.0 → npm/open@10.2.0 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/open@10.2.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Potential code anomaly (AI signal): npm tsx is 100.0% likely to have a medium risk anomaly Notes: This module installs signal handlers and actively hides them from inspection by monkeypatching listener inspection APIs. In the main thread it can forward SIGINT/SIGTERM events to a remote client (via client.connectingToServer) and may exit the process after forwarding. The concealment is a noteworthy red flag: it makes detection and auditing harder and may be used to implement covert telemetry or control. The file alone is not conclusively malicious, but the combination of hiding handlers and forwarding signals to an external component warrants careful review of the client module (client-D6NvIMSC.cjs) and any network destinations it uses before trusting this package in sensitive environments. Confidence: 1.00 Severity: 0.60 From: package-lock.json → npm/tsx@4.21.0 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/tsx@4.21.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Potential code anomaly (AI signal): npm tsx is 100.0% likely to have a medium risk anomaly Notes: This fragment appears to be a bundler-generated bootstrap/initialization piece that imports many modules and executes an initialization function (r). No explicit malicious activity is evident within this fragment itself, but the risk stems from side effects of the imported modules on load. A careful review of the implementations of the imported modules (especially those exporting r and those performing initialization, build-time, or network/file operations) is recommended to rule out hidden telemetry, backdoors, or undesired side effects. Confidence: 1.00 Severity: 0.60 From: package-lock.json → npm/tsx@4.21.0 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/tsx@4.21.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Potential code anomaly (AI signal): npm tsx is 100.0% likely to have a medium risk anomaly Notes: No clear indicators of classic malware (no reverse shell, no network connections, no child_process usage, no hard-coded credentials). The primary risk is information leakage: the loader posts module load events and dependency paths to external consumers via p.port and O.send. In contexts where those channels are controlled by an untrusted or remote party, this could leak local file paths or project structure. The module otherwise performs expected loader duties (file reads, tsconfig handling, transforming CJS to ESM, returning data: URLs). Review runtime consumers of O and any provided p.port to ensure they are trusted before using this loader in a sensitive environment. Confidence: 1.00 Severity: 0.60 From: package-lock.json → npm/tsx@4.21.0 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/tsx@4.21.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Potential code anomaly (AI signal): npm tsx is 100.0% likely to have a medium risk anomaly Notes: The module installs hidden signal handlers for SIGINT and SIGTERM, hides them from other code by monkey-patching process.listenerCount and process.listeners, forwards signals to an external client callback, and may force exit. That stealthy interception of process signals is suspicious from a supply-chain/security perspective because it can be used to intercept or suppress normal shutdown behavior and to forward events to another module which may perform network I/O or exfiltration. There is no direct evidence in this file of data exfiltration, reverse shell, or explicit malicious payload, but the hiding behavior and delegation to an external client warrant caution and further inspection of the imported client and cjs modules. Recommend auditing the client callback and cjs/index.cjs for network operations or data-leaking behavior before trusting this package. Confidence: 1.00 Severity: 0.60 From: package-lock.json → npm/tsx@4.21.0 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/tsx@4.21.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Potential code anomaly (AI signal): npm undici is 100.0% likely to have a medium risk anomaly Notes: The script performs an in-place, lossy re-encoding of a local file from UTF-8 to Latin-1 and rewrites it without backups or validation. This is unsafe due to potential data loss and code corruption, and could be exploited to tamper with source files in a supply chain. It does not exhibit active malware behavior, but its destructive nature warrants removal or strict safeguards (backups, explicit intent, error handling). Confidence: 1.00 Severity: 0.60 From: package-lock.json → npm/@toruslabs/torus-scripts@8.0.0 → npm/undici@6.23.0 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/undici@6.23.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Potential code anomaly (AI signal): npm yaml is 100.0% likely to have a medium risk anomaly Notes: The analyzed code is a standard YAML stringify module with robust tag resolution, anchor handling, and formatting controls. It correctly delegates to appropriate stringify logic and handles edge cases like circular aliases and unresolved tags with explicit errors. Overall security posture is conservative and typical for a serialization library; no malicious activity detected. Confidence: 1.00 Severity: 0.60 From: package-lock.json → npm/vitest@4.0.18 → npm/lint-staged@16.2.7 → npm/yaml@2.8.2 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/yaml@2.8.2. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Ignoring alerts on:

• @emnapi/core@1.8.1
• @inquirer/external-editor@1.0.3
• @isaacs/brace-expansion@5.0.0
• @tybys/wasm-util@0.10.1
• @unrs/resolver-binding-wasm32-wasi@1.11.1
• giget@2.0.0
• napi-postinstall@0.3.4
• node-fetch-native@1.6.7
• pkg-types@2.3.0
• undici-types@7.16.0
• unrs-resolver@1.11.1
• @noble/curves@2.0.1
• jwa@2.0.1
• prettier@3.8.1

View full report

[hieu-w]

@cursor review

[cursor]

Skipping Bugbot: Bugbot is disabled for this repository

[chaitanyapotti]

remove allowHost

[chaitanyapotti]

refactor /allow endpoint call to use post method and convert the headers to params + source param pointing to authorizationServerUrl's endpoint

[hieu-w]

Updated.

[hieu-w]

@cursor review

[cursor]

✅ Bugbot reviewed your changes and found no new issues!

Comment @cursor review or bugbot run to trigger another review on this PR

[hieu-w]

@SocketSecurity ignore npm/@isaacs/brace-expansion@5.0.0
@SocketSecurity ignore npm/@emnapi/core@1.8.1
@SocketSecurity ignore npm/@inquirer/external-editor@1.0.3
@SocketSecurity ignore npm/@noble/curves@2.0.1
@SocketSecurity ignore npm/@tybys/wasm-util@0.10.1
@SocketSecurity ignore npm/@unrs/resolver-binding-wasm32-wasi@1.11.1
@SocketSecurity ignore npm/giget@2.0.0
@SocketSecurity ignore npm/napi-postinstall@0.3.4
@SocketSecurity ignore npm/node-fetch-native@1.6.7
@SocketSecurity ignore npm/pkg-types@2.3.0
@SocketSecurity ignore npm/prettier@3.8.1
@SocketSecurity ignore npm/undici-types@7.16.0
@SocketSecurity ignore npm/unrs-resolver@1.11.1
@SocketSecurity ignore npm/jwa@2.0.1