Interpreting results

This JSON schema represents the output of lstn commands. The output consists of an array of objects, each representing a package and its associated verdicts.

Each object in the array has the following properties:

• name: A string representing the name of the npm package.
• shasum: A string representing the SHA-1 checksum of the package.
• verdicts: An array of verdict objects, each representing a security or behavior concern related to the package.
• message: A string describing the security or behavior concern.

Each verdict object has the following properties:

• metadata: An object containing additional information about the concern, including:
  • commandline: A string representing the command line that triggered the concern.
  • executable_path: A string representing the path to the executable file that triggered the concern.
  • file_descriptor: A string representing the file descriptor associated with the concern.
  • npm_package_name: A string representing the name of the npm package that triggered the concern.
  • npm_package_version: A string representing the version of the npm package that triggered the concern.
  • parent_name: A string representing the name of the parent process that spawned the concern.
  • server_ip: A string representing the IP address of the server associated with the concern.
  • server_port: An integer representing the port number of the server associated with the concern.
• priority: A string indicating the severity of the concern, either "high", "medium", or "low".