← Legacy view v2 (rp.*)

reduxjs/redux-devtools

https://github.com/reduxjs/redux-devtools · lang: typescript · LOC: · source: user_submitted

Quality
66.3
Grade B-
Security
97.7
Findings
5
0 critical · 0 high
Status
completed
May 15, 2026 02:34
info: 4 low: 1
Top rules by occurrence
RuleSeverityCount
SEC015 Insecure Randomness for Security medium 4
SEC006 XSS Risk high 1
First 5 findings (severity-sorted)
low SEC006 XSS Risk
packages/redux-devtools-inspector-monitor-trace-tab/src/react-error-overlay/containers/StackFrameCodeBlock.tsx:72 · conf 0.40 
[SEC006] XSS Risk: Direct HTML injection without sanitization.
info SEC015 Insecure Randomness for Security
· conf 0.20 
[SEC015] Insecure Randomness for Security (and 1 more): Same pattern found in 1 additional files. Review if needed.
info SEC015 Insecure Randomness for Security
packages/redux-devtools-inspector-monitor/demo/src/reducers.ts:209 · conf 0.15 
[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable.
info SEC015 Insecure Randomness for Security
packages/redux-devtools-remote/src/devTools.ts:48 · conf 0.25 
[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable.
info SEC015 Insecure Randomness for Security
packages/redux-devtools-rtk-query-monitor/demo/src/features/pokemon/PokemonView.tsx:7 · conf 0.15 
[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable.

Reading from rp.scan + rp.finding + rp.rule (unified schema, R78 series). Legacy data path unchanged. Compare with /scan/6fc119e5-dff5-443f-8263-f5962ed81fe0/.