Проверить свой проект на уязвимости

Проверить свой проект на уязвимости

https://t.me/frontend_lead_mentor

Проверка на использование пакетов по атаке на npm от 16 сентября 2025 года. Сейчас все пакеты уже удалены из репозитория, но провериться не помешает.

Вот команда, которую нужно ввести в консоль, если вы используете yarn. Мне ее помог сгенерить qwen.

grep -E '@ahmedhfarag/ngx-perfect-scrollbar@20\.0\.20|@ahmedhfarag/ngx-virtual-scroller@4\.0\.4|@art-ws/common@2\.0\.28|@art-ws/config-eslint@2\.0\.4|@art-ws/config-eslint@2\.0\.5|@art-ws/config-ts@2\.0\.7|@art-ws/config-ts@2\.0\.8|@art-ws/db-context@2\.0\.24|@art-ws/di@2\.0\.28|@art-ws/di@2\.0\.32|@art-ws/di-node@2\.0\.13|@art-ws/eslint@1\.0\.5|@art-ws/eslint@1\.0\.6|@art-ws/fastify-http-server@2\.0\.24|@art-ws/fastify-http-server@2\.0\.27|@art-ws/http-server@2\.0\.21|@art-ws/http-server@2\.0\.25|@art-ws/openapi@0\.1\.9|@art-ws/openapi@0\.1\.12|@art-ws/package-base@1\.0\.5|@art-ws/package-base@1\.0\.6|@art-ws/prettier@1\.0\.5|@art-ws/prettier@1\.0\.6|@art-ws/slf@2\.0\.15|@art-ws/slf@2\.0\.22|@art-ws/ssl-info@1\.0\.9|@art-ws/ssl-info@1\.0\.10|@art-ws/web-app@1\.0\.3|@art-ws/web-app@1\.0\.4|@crowdstrike/commitlint@8\.1\.1|@crowdstrike/commitlint@8\.1\.2|@crowdstrike/falcon-shoelace@0\.4\.1|@crowdstrike/falcon-shoelace@0\.4\.2|@crowdstrike/foundry-js@0\.19\.1|@crowdstrike/foundry-js@0\.19\.2|@crowdstrike/glide-core@0\.34\.2|@crowdstrike/glide-core@0\.34\.3|@crowdstrike/logscale-dashboard@1\.205\.1|@crowdstrike/logscale-dashboard@1\.205\.2|@crowdstrike/logscale-file-editor@1\.205\.1|@crowdstrike/logscale-file-editor@1\.205\.2|@crowdstrike/logscale-parser-edit@1\.205\.1|@crowdstrike/logscale-parser-edit@1\.205\.2|@crowdstrike/logscale-search@1\.205\.1|@crowdstrike/logscale-search@1\.205\.2|@crowdstrike/tailwind-toucan-base@5\.0\.1|@crowdstrike/tailwind-toucan-base@5\.0\.2|@ctrl/deluge@7\.2\.1|@ctrl/deluge@7\.2\.2|@ctrl/golang-template@1\.4\.2|@ctrl/golang-template@1\.4\.3|@ctrl/magnet-link@4\.0\.3|@ctrl/magnet-link@4\.0\.4|@ctrl/ngx-codemirror@7\.0\.1|@ctrl/ngx-codemirror@7\.0\.2|@ctrl/ngx-csv@6\.0\.1|@ctrl/ngx-csv@6\.0\.2|@ctrl/ngx-emoji-mart@9\.2\.1|@ctrl/ngx-emoji-mart@9\.2\.2|@ctrl/ngx-rightclick@4\.0\.1|@ctrl/ngx-rightclick@4\.0\.2|@ctrl/qbittorrent@9\.7\.1|@ctrl/qbittorrent@9\.7\.2|@ctrl/react-adsense@2\.0\.1|@ctrl/react-adsense@2\.0\.2|@ctrl/shared-torrent@6\.3\.1|@ctrl/shared-torrent@6\.3\.2|@ctrl/tinycolor@4\.1\.1|@ctrl/tinycolor@4\.1\.2|@ctrl/torrent-file@4\.1\.1|@ctrl/torrent-file@4\.1\.2|@ctrl/transmission@7\.3\.1|@ctrl/ts-base32@4\.0\.1|@ctrl/ts-base32@4\.0\.2|@hestjs/core@0\.2\.1|@hestjs/cqrs@0\.1\.6|@hestjs/demo@0\.1\.2|@hestjs/eslint-config@0\.1\.2|@hestjs/logger@0\.1\.6|@hestjs/scalar@0\.1\.7|@hestjs/validation@0\.1\.6|@nativescript-community/arraybuffers@1\.1\.6|@nativescript-community/arraybuffers@1\.1\.7|@nativescript-community/arraybuffers@1\.1\.8|@nativescript-community/gesturehandler@2\.0\.35|@nativescript-community/perms@3\.0\.5|@nativescript-community/perms@3\.0\.6|@nativescript-community/perms@3\.0\.7|@nativescript-community/perms@3\.0\.8|@nativescript-community/perms@3\.0\.9|@nativescript-community/sqlite@3\.5\.2|@nativescript-community/sqlite@3\.5\.3|@nativescript-community/sqlite@3\.5\.4|@nativescript-community/sqlite@3\.5\.5|@nativescript-community/text@1\.6\.9|@nativescript-community/text@1\.6\.10|@nativescript-community/text@1\.6\.11|@nativescript-community/text@1\.6\.12|@nativescript-community/text@1\.6\.13|@nativescript-community/typeorm@0\.2\.30|@nativescript-community/typeorm@0\.2\.31|@nativescript-community/typeorm@0\.2\.32|@nativescript-community/typeorm@0\.2\.33|@nativescript-community/ui-collectionview@6\.0\.6|@nativescript-community/ui-document-picker@1\.1\.27|@nativescript-community/ui-document-picker@1\.1\.28|@nativescript-community/ui-drawer@0\.1\.30|@nativescript-community/ui-image@4\.5\.6|@nativescript-community/ui-label@1\.3\.35|@nativescript-community/ui-label@1\.3\.36|@nativescript-community/ui-label@1\.3\.37|@nativescript-community/ui-material-bottom-navigation@7\.2\.72|@nativescript-community/ui-material-bottom-navigation@7\.2\.73|@nativescript-community/ui-material-bottom-navigation@7\.2\.74|@nativescript-community/ui-material-bottom-navigation@7\.2\.75|@nativescript-community/ui-material-bottomsheet@7\.2\.72|@nativescript-community/ui-material-core@7\.2\.72|@nativescript-community/ui-material-core@7\.2\.73|@nativescript-community/ui-material-core@7\.2\.74|@nativescript-community/ui-material-core@7\.2\.75|@nativescript-community/ui-material-core@7\.2\.76|@nativescript-community/ui-material-core-tabs@7\.2\.72|@nativescript-community/ui-material-core-tabs@7\.2\.73|@nativescript-community/ui-material-core-tabs@7\.2\.74|@nativescript-community/ui-material-core-tabs@7\.2\.75|@nativescript-community/ui-material-core-tabs@7\.2\.76|@nativescript-community/ui-material-ripple@7\.2\.72|@nativescript-community/ui-material-ripple@7\.2\.73|@nativescript-community/ui-material-ripple@7\.2\.74|@nativescript-community/ui-material-ripple@7\.2\.75|@nativescript-community/ui-material-tabs@7\.2\.72|@nativescript-community/ui-material-tabs@7\.2\.73|@nativescript-community/ui-material-tabs@7\.2\.74|@nativescript-community/ui-material-tabs@7\.2\.75|@nativescript-community/ui-pager@14\.1\.36|@nativescript-community/ui-pager@14\.1\.37|@nativescript-community/ui-pager@14\.1\.38|@nativescript-community/ui-pager@14\.1\.35|@nativescript-community/ui-pulltorefresh@2\.5\.4|@nativescript-community/ui-pulltorefresh@2\.5\.5|@nativescript-community/ui-pulltorefresh@2\.5\.6|@nativescript-community/ui-pulltorefresh@2\.5\.7|@nexe/config-manager@0\.1\.1|@nexe/eslint-config@0\.1\.1|@nexe/logger@0\.1\.3|@nstudio/angular@20\.0\.4|@nstudio/angular@20\.0\.5|@nstudio/angular@20\.0\.6|@nstudio/focus@20\.0\.4|@nstudio/focus@20\.0\.5|@nstudio/focus@20\.0\.6|@nstudio/nativescript-checkbox@2\.0\.6|@nstudio/nativescript-checkbox@2\.0\.7|@nstudio/nativescript-checkbox@2\.0\.8|@nstudio/nativescript-checkbox@2\.0\.9|@nstudio/nativescript-loading-indicator@5\.0\.1|@nstudio/nativescript-loading-indicator@5\.0\.2|@nstudio/nativescript-loading-indicator@5\.0\.3|@nstudio/nativescript-loading-indicator@5\.0\.4|@nstudio/ui-collectionview@5\.1\.11|@nstudio/ui-collectionview@5\.1\.12|@nstudio/ui-collectionview@5\.1\.13|@nstudio/ui-collectionview@5\.1\.14|@nstudio/web@20\.0\.4|@nstudio/web-angular@20\.0\.4|@nstudio/xplat@20\.0\.5|@nstudio/xplat@20\.0\.6|@nstudio/xplat@20\.0\.7|@nstudio/xplat@20\.0\.4|@nstudio/xplat-utils@20\.0\.5|@nstudio/xplat-utils@20\.0\.6|@nstudio/xplat-utils@20\.0\.7|@nstudio/xplat-utils@20\.0\.4|@operato/board@9\.0\.36|@operato/board@9\.0\.37|@operato/board@9\.0\.38|@operato/board@9\.0\.39|@operato/board@9\.0\.40|@operato/board@9\.0\.41|@operato/board@9\.0\.42|@operato/board@9\.0\.43|@operato/board@9\.0\.44|@operato/board@9\.0\.45|@operato/board@9\.0\.46|@operato/data-grist@9\.0\.29|@operato/data-grist@9\.0\.35|@operato/data-grist@9\.0\.36|@operato/data-grist@9\.0\.37|@operato/graphql@9\.0\.22|@operato/graphql@9\.0\.35|@operato/graphql@9\.0\.36|@operato/graphql@9\.0\.37|@operato/graphql@9\.0\.38|@operato/graphql@9\.0\.39|@operato/graphql@9\.0\.40|@operato/graphql@9\.0\.41|@operato/graphql@9\.0\.42|@operato/graphql@9\.0\.43|@operato/graphql@9\.0\.44|@operato/graphql@9\.0\.45|@operato/graphql@9\.0\.46|@operato/headroom@9\.0\.2|@operato/headroom@9\.0\.35|@operato/headroom@9\.0\.36|@operato/headroom@9\.0\.37|@operato/help@9\.0\.35|@operato/help@9\.0\.36|@operato/help@9\.0\.37|@operato/help@9\.0\.38|@operato/help@9\.0\.39|@operato/help@9\.0\.40|@operato/help@9\.0\.41|@operato/help@9\.0\.42|@operato/help@9\.0\.43|@operato/help@9\.0\.44|@operato/help@9\.0\.45|@operato/help@9\.0\.46|@operato/i18n@9\.0\.35|@operato/i18n@9\.0\.36|@operato/i18n@9\.0\.37|@operato/input@9\.0\.27|@operato/input@9\.0\.35|@operato/input@9\.0\.36|@operato/input@9\.0\.37|@operato/input@9\.0\.38|@operato/input@9\.0\.39|@operato/input@9\.0\.40|@operato/input@9\.0\.41|@operato/input@9\.0\.42|@operato/input@9\.0\.43|@operato/input@9\.0\.44|@operato/input@9\.0\.45|@operato/input@9\.0\.46|@operato/layout@9\.0\.35|@operato/layout@9\.0\.36|@operato/layout@9\.0\.37|@operato/popup@9\.0\.22|@operato/popup@9\.0\.35|@operato/popup@9\.0\.36|@operato/popup@9\.0\.37|@operato/popup@9\.0\.38|@operato/popup@9\.0\.39|@operato/popup@9\.0\.40|@operato/popup@9\.0\.41|@operato/popup@9\.0\.42|@operato/popup@9\.0\.43|@operato/popup@9\.0\.44|@operato/popup@9\.0\.45|@operato/popup@9\.0\.46|@operato/pull-to-refresh@9\.0\.36|@operato/pull-to-refresh@9\.0\.37|@operato/pull-to-refresh@9\.0\.38|@operato/pull-to-refresh@9\.0\.39|@operato/pull-to-refresh@9\.0\.40|@operato/pull-to-refresh@9\.0\.41|@operato/pull-to-refresh@9\.0\.42|@operato/shell@9\.0\.22|@operato/shell@9\.0\.35|@operato/shell@9\.0\.36|@operato/shell@9\.0\.37|@operato/shell@9\.0\.38|@operato/shell@9\.0\.39|@operato/styles@9\.0\.2|@operato/styles@9\.0\.35|@operato/styles@9\.0\.36|@operato/styles@9\.0\.37|@operato/utils@9\.0\.22|@operato/utils@9\.0\.35|@operato/utils@9\.0\.36|@operato/utils@9\.0\.37|@operato/utils@9\.0\.38|@operato/utils@9\.0\.39|@operato/utils@9\.0\.40|@operato/utils@9\.0\.41|@operato/utils@9\.0\.42|@operato/utils@9\.0\.43|@operato/utils@9\.0\.44|@operato/utils@9\.0\.45|@operato/utils@9\.0\.46|@teselagen/bounce-loader@0\.3\.16|@teselagen/bounce-loader@0\.3\.17|@teselagen/liquibase-tools@0\.4\.1|@teselagen/range-utils@0\.3\.14|@teselagen/range-utils@0\.3\.15|@teselagen/react-list@0\.8\.19|@teselagen/react-list@0\.8\.20|@teselagen/react-table@6\.10\.19|@teselagen/react-table@6\.10\.21|@thangved/callback-window@1\.1\.4|@things-factory/attachment-base@9\.0\.43|@things-factory/attachment-base@9\.0\.44|@things-factory/attachment-base@9\.0\.45|@things-factory/attachment-base@9\.0\.46|@things-factory/attachment-base@9\.0\.47|@things-factory/attachment-base@9\.0\.48|@things-factory/attachment-base@9\.0\.49|@things-factory/attachment-base@9\.0\.50|@things-factory/auth-base@9\.0\.43|@things-factory/auth-base@9\.0\.44|@things-factory/auth-base@9\.0\.45|@things-factory/email-base@9\.0\.42|@things-factory/email-base@9\.0\.43|@things-factory/email-base@9\.0\.44|@things-factory/email-base@9\.0\.45|@things-factory/email-base@9\.0\.46|@things-factory/email-base@9\.0\.47|@things-factory/email-base@9\.0\.48|@things-factory/email-base@9\.0\.49|@things-factory/email-base@9\.0\.50|@things-factory/email-base@9\.0\.51|@things-factory/email-base@9\.0\.52|@things-factory/email-base@9\.0\.53|@things-factory/email-base@9\.0\.54|@things-factory/env@9\.0\.42|@things-factory/env@9\.0\.43|@things-factory/env@9\.0\.44|@things-factory/env@9\.0\.45|@things-factory/integration-base@9\.0\.43|@things-factory/integration-base@9\.0\.44|@things-factory/integration-base@9\.0\.45|@things-factory/integration-marketplace@9\.0\.43|@things-factory/integration-marketplace@9\.0\.44|@things-factory/integration-marketplace@9\.0\.45|@things-factory/shell@9\.0\.43|@things-factory/shell@9\.0\.44|@things-factory/shell@9\.0\.45|@tnf-dev/api@1\.0\.8|@tnf-dev/core@1\.0\.8|@tnf-dev/js@1\.0\.8|@tnf-dev/mui@1\.0\.8|@tnf-dev/react@1\.0\.8|@ui-ux-gang/devextreme-angular-rpk@24\.1\.7|@yoobic/design-system@6\.5\.17|@yoobic/jpeg-camera-es6@1\.0\.13|@yoobic/yobi@8\.7\.53|airchief@0\.3\.1|airpilot@0\.8\.8|angulartics2@14\.1\.1|angulartics2@14\.1\.2|browser-webdriver-downloader@3\.0\.8|capacitor-notificationhandler@0\.0\.2|capacitor-notificationhandler@0\.0\.3|capacitor-plugin-healthapp@0\.0\.2|capacitor-plugin-healthapp@0\.0\.3|capacitor-plugin-ihealth@1\.1\.8|capacitor-plugin-ihealth@1\.1\.9|capacitor-plugin-vonage@1\.0\.2|capacitor-plugin-vonage@1\.0\.3|capacitorandroidpermissions@0\.0\.4|capacitorandroidpermissions@0\.0\.5|config-cordova@0\.8\.5|cordova-plugin-voxeet2@1\.0\.24|cordova-voxeet@1\.0\.32|create-hest-app@0\.1\.9|db-evo@1\.1\.4|db-evo@1\.1\.5|devextreme-angular-rpk@21\.2\.8|ember-browser-services@5\.0\.2|ember-browser-services@5\.0\.3|ember-headless-form@1\.1\.2|ember-headless-form@1\.1\.3|ember-headless-form-yup@1\.0\.1|ember-headless-table@2\.1\.5|ember-headless-table@2\.1\.6|ember-url-hash-polyfill@1\.0\.12|ember-url-hash-polyfill@1\.0\.13|ember-velcro@2\.2\.1|ember-velcro@2\.2\.2|encounter-playground@0\.0\.2|encounter-playground@0\.0\.3|encounter-playground@0\.0\.4|encounter-playground@0\.0\.5|eslint-config-crowdstrike@11\.0\.2|eslint-config-crowdstrike@11\.0\.3|eslint-config-crowdstrike-node@4\.0\.3|eslint-config-crowdstrike-node@4\.0\.4|eslint-config-teselagen@6\.1\.7|globalize-rpk@1\.7\.4|graphql-sequelize-teselagen@5\.3\.8|html-to-base64-image@1\.0\.2|json-rules-engine-simplified@0\.2\.1|json-rules-engine-simplified@0\.2\.4|json-rules-engine-simplified@0\.2\.3|json-rules-engine-simplified@0\.2\.2|jumpgate@0\.0\.2|koa2-swagger-ui@5\.11\.1|koa2-swagger-ui@5\.11\.2|mcfly-semantic-release@1\.3\.1|mcp-knowledge-base@0\.0\.2|mcp-knowledge-graph@1\.2\.1|mobioffice-cli@1\.0\.3|monorepo-next@13\.0\.1|monorepo-next@13\.0\.2|mstate-angular@0\.4\.4|mstate-cli@0\.4\.7|mstate-dev-react@1\.1\.1|mstate-react@1\.6\.5|ng2-file-upload@7\.0\.2|ng2-file-upload@7\.0\.3|ng2-file-upload@8\.0\.1|ng2-file-upload@8\.0\.2|ng2-file-upload@8\.0\.3|ng2-file-upload@9\.0\.1|ngx-bootstrap@18\.1\.4|ngx-bootstrap@19\.0\.3|ngx-bootstrap@19\.0\.4|ngx-bootstrap@20\.0\.3|ngx-bootstrap@20\.0\.4|ngx-bootstrap@20\.0\.5|ngx-bootstrap@20\.0\.6|ngx-color@10\.0\.1|ngx-color@10\.0\.2|ngx-toastr@19\.0\.1|ngx-toastr@19\.0\.2|ngx-trend@8\.0\.1|ngx-ws@1\.1\.5|ngx-ws@1\.1\.6|oradm-to-gql@35\.0\.14|oradm-to-gql@35\.0\.15|oradm-to-sqlz@1\.1\.2|oradm-to-sqlz@1\.1\.3|oradm-to-sqlz@1\.1\.4|ove-auto-annotate@0\.0\.9|pm2-gelf-json@1\.0\.4|pm2-gelf-json@1\.0\.5|printjs-rpk@1\.6\.1|react-complaint-image@0\.0\.32|react-complaint-image@0\.0\.33|react-complaint-image@0\.0\.34|react-complaint-image@0\.0\.35|react-jsonschema-form-conditionals@0\.3\.18|react-jsonschema-form-conditionals@0\.3\.19|react-jsonschema-form-conditionals@0\.3\.20|react-jsonschema-form-conditionals@0\.3\.21|remark-preset-lint-crowdstrike@4\.0\.1|remark-preset-lint-crowdstrike@4\.0\.2|rxnt-authentication@0\.0\.3|rxnt-authentication@0\.0\.4|rxnt-authentication@0\.0\.5|rxnt-authentication@0\.0\.6|rxnt-healthchecks-nestjs@1\.0\.2|rxnt-healthchecks-nestjs@1\.0\.3|rxnt-healthchecks-nestjs@1\.0\.4|rxnt-healthchecks-nestjs@1\.0\.5|rxnt-kue@1\.0\.4|rxnt-kue@1\.0\.5|rxnt-kue@1\.0\.6|rxnt-kue@1\.0\.7|swc-plugin-component-annotate@1\.9\.1|swc-plugin-component-annotate@1\.9\.2|tbssnch@1\.0\.2|teselagen-interval-tree@1\.1\.2|tg-client-query-builder@2\.14\.4|tg-client-query-builder@2\.14\.5|tg-redbird@1\.3\.1|tg-seq-gen@1\.0\.9|tg-seq-gen@1\.0\.10|thangved-react-grid@1\.0\.3|ts-gaussian@3\.0\.5|ts-gaussian@3\.0\.6|ts-imports@1\.0\.1|ts-imports@1\.0\.2|tvi-cli@0\.1\.5|ve-bamreader@0\.2\.6|ve-editor@1\.0\.1|verror-extra@6\.0\.1|voip-callkit@1\.0\.2|voip-callkit@1\.0\.3|wdio-web-reporter@0\.1\.3|yargs-help-output@5\.0\.3|yoo-styles@6\.0\.326'  yarn.lock 2>/dev/null


Подписывайтесь на ТГ канал https://t.me/frontend_lead_mentor. Я помогаю расти в профессии, пишу про фронтенд и управление командами.


Так же не помешает провериться на наличие пакетов из атаки от 9 сентября 2025 года

grep -E 'ansi-styles@6.2.2|debug@4.4.2|chalk@5.6.1|supports-color@10.2.1|strip-ansi@7.1.1|ansi-regex@6.2.1|wrap-ansi@9.0.1|color-convert@3.1.1|color-name@2.0.1|is-arrayish@0.3.3|slice-ansi@7.1.1|color@5.0.1|color-string@2.1.1|simple-swizzle@0.2.3|supports-hyperlinks@4.1.1|has-ansi@6.0.1|chalk-template@1.1.1|backslash@0.2.1|error-ex@1.3.3' yarn.lock 2>/dev/null


Если нашли, то нужно просто переустановить все зависимости.

rm -rf node_modules
rm yarn.lock
yarn
Report content on this page

Report Page

Please submit your DMCA takedown request to dmca@telegram.org