Negligent Pachinko Machine
botbait

Tracking Module

Severity: low

Overview

The module botbait is a tool to be used to track bot and automated tools usage with-in the npm ecosystem.

botbait is known to record and track user information.

The module tracks the following information.

  • Source IP
  • process.versions
  • process.platform
  • How the module was invoked (test, require, pre-install)

Remediation

This package has no functional value, and should be removed from your environment if discovered.

Vulnerable versions

1.0.0
3 years ago
1.0.1
3 years ago
2.0.0
2 years ago

Unaffected versions

Advisory timeline

  1. Published

    Advisory published
    Sep 26th, 2017
  2. Reported

    Initial report by Adam Baldwin
    Aug 8th, 2017