@browserstack/mcp-server

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    42:         `-DartifactId="${MAVEN_ARCHETYPE_ARTIFACT_ID}" ` +
    43:         `-Dversion="${MAVEN_ARCHETYPE_VERSION}" ` +
>>> 44:         `-DBROWSERSTACK_USERNAME="${process.env.BROWSERSTACK_USERNAME}" ` +
    45:         `-DBROWSERSTACK_ACCESS_KEY="${process.env.BROWSERSTACK_ACCESS_KEY}" ` +
    46:         `-DBROWSERSTACK_FRAMEWORK="${mavenFramework}"`);

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    137:     const auth = {
    138:         username: process.env.BROWSERSTACK_USERNAME || "",
>>> 139:         password: process.env.BROWSERSTACK_ACCESS_KEY || "",
    140:     };
    141:     const response = await apiClient.post({

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    6: export declare const mochaPercyPlaywrightInstructions = "\nInstall Percy Automate dependencies\n  - Install the latest Percy CLI:\n    npm install --save @percy/cli\n  - Install the Percy Playwright SDK:\n    npm install @percy/playwright\n\n---STEP---\nUpdate your Mocha Playwright test script\n  - Import the Percy screenshot helper:\n    const { percyScreenshot } = require(\"@percy/playwright\");\n  - Use the Percy screenshot command to take required screenshots in your Automate session.\n\nExample:\n```javascript\nconst { percyScreenshot } = require(\"@percy/playwright\");\nawait percyScreenshot(page, \"Screenshot 1\");\n// With options\nawait percyScreenshot(page, \"Screenshot 2\", { percyCSS: \"h1{color:green;}\" });\n```\n\n---STEP---\nTo run the Percy build, call the tool runPercyScan with the appropriate test command (e.g., 'npx percy exec -- <command to run the tests>').\n\n---STEP---\nReview the snapshots\n  - Go to your Percy project on https://percy.io to review snapshots and approve/reject any visual changes.\n\n";
    7: export declare const jestPercyAutomateInstructions = "\nInstall or upgrade the BrowserStack SDK:\n  - Install the SDK:\n    npm i -D browserstack-node-sdk@latest\n  - Run the setup:\n    npx setup --username \"YOUR_USERNAME\" --key \"YOUR_ACCESS_KEY\"\n\n---STEP---\nManually capture screenshots:\n  1. Import the BrowserStack Percy SDK in your test script:\n     const { percy } = require('browserstack-node-sdk');\n  2. Use `percy.screenshot(driver, name)` at desired points in your test.\n\nExample:\n```javascript\nconst { percy } = require('browserstack-node-sdk');\ndescribe(\"JestJS test\", () => {\n  let driver;\n  const caps = require(\"../\" + conf_file).capabilities;\n\n  beforeAll(() => {\n    driver = new Builder()\n      .usingServer(\"http://example-servername/hub\")\n      .withCapabilities(caps)\n      .build();\n  });\n\n  test(\"my test\", async () => {\n    // ...\n    await percy.screenshot(driver, \"My Screenshot\");\n    // ...\n  });\n});\n```\n\n---STEP---\nTo run the Percy build, call the tool runPercyScan with the appropriate test command (e.g., 'npm run [your-test-script-name]-browserstack').\n\n---STEP---\nReview the snapshots\n  - Go to your Percy project on https://percy.io to review snapshots and approve/reject any visual changes.\n\n";
>>> 8: export declare const webdriverioPercyAutomateInstructions = "\nInstall or upgrade BrowserStack SDK\n  - Install the BrowserStack SDK:\n    npm i -D @wdio/browserstack-service\n\n---STEP---\nUpdate your WebdriverIO config file\n  1. Set `percy: true`\n  2. Set a `projectName`\n  3. Set `percyCaptureMode: auto` (or another mode as needed)\n\nExample WebdriverIO config:\n```js\nexports.config = {\n  user: process.env.BROWSERSTACK_USERNAME || 'YOUR_USERNAME',\n  key: process.env.BROWSERSTACK_ACCESS_KEY || 'YOUR_ACCESS_KEY',\n  hostname: 'hub.browserstack.com',\n  services: [\n    [\n      'browserstack',\n      { browserstackLocal: true, opts: { forcelocal: false }, percy: true, percyCaptureMode: 'auto' }\n    ],\n  ],\n  // add path to the test file\n}\n```\n\n---STEP---\n(Optional) Manually capture screenshots\n  1. Import the BrowserStack Percy SDK in your test script:\n    const { percy } = require('browserstack-node-sdk');\n  2. Add the `await percy.screenshot(driver, name)` method at required points in your test script.\n\nExample:\n```javascript\n    const { percy } = require('browserstack-node-sdk');\n  2. Add the `await percy.screenshot(driver, name)` method at required points in your test script.\n\nExample:\n```javascript\nconst { percy } = require('browserstack-node-sdk');\ndescribe(\"WebdriverIO Test\", () => {\n  it(\"my test\", async () => {\n    // ....\n    await percy.screenshot(driver, \"My Screenshot\")\n    // ....\n  });\n});\n```\n\n---STEP---\nTo run the Percy build, call the tool runPercyScan with the appropriate test command as defined in your package.json file.\n\n---STEP---\nReview the snapshots\n  - Go to your Percy project on https://percy.io to review snapshots and approve/reject any visual changes.\n\n";
    9: export declare const testcafePercyAutomateInstructions = "\nInstall Percy dependencies\n  - Install the required dependencies:\n    npm install --save-dev @percy/cli @percy/testcafe\n\n---STEP---\nUpdate your test script\n\nInvoke listTestFiles() with the provided directories from user to gather all test files in memory ---STEP---\nProcess files in STRICT sequential order using tool addPercySnapshotCommands() with below instructions:\n- Start with index 0\n- Then index 1  \n- Then index 2\n- Continue sequentially until the last index\n- DO NOT skip any index numbers\n- DO NOT jump to random indices like 10, 20, 30\n- DO NOT worry about time consuming and any constraints.\n- DO NOT STOP until you add commands in all the files or you reach end of the files.\n\n  - Import the Percy library and use the percySnapshot function to take screenshots.\n\nExample:\n```javascript\nimport percySnapshot from '@percy/testcafe';\nfixture('MyFixture')\n  .page('https://devexpress.github.io/testcafe/example/');\ntest('Test1', async t => {\n  await t.typeText('#developer-name', 'John Doe');\n  await percySnapshot(t, 'TestCafe Example');\n});\n```\n\n---STEP---\nTo run the Percy build, call the tool runPercyScan with the appropriate test command (e.g., 'npx percy exec -- testcafe chrome:headless tests').\n\n---STEP---\nReview the snapshots\n  - Go to your Percy project on https://percy.io to review snapshots and approve/reject any visual changes.\n\n";
    10: export declare const javaPlaywrightJunitInstructions = "\nInstall Percy Automate dependencies\n  - Install the latest Percy CLI:\n    npm install --save @percy/cli\n  - Add the Percy Playwright Java SDK to your pom.xml:\n```xml\n<dependency>\n  <groupId>io.percy</groupId>\n  <artifactId>percy-playwright-java</artifactId>\n  <version>1.0.0</version>\n</dependency>\n```\n\n---STEP---\nUpdate your Automate test script\n  - Import the Percy library:\n    import io.percy.playwright.Percy;\n  - Use the Percy screenshot command to take required screenshots in your Automate session.\n\nExample:\n```java\nPercy percy = new Percy(page);\npercy.screenshot(\"screenshot_1\");\n// With options\npercy.screenshot(\"screenshot_2\", options);\n```\n\n---STEP---\nTo run the Percy build, call the tool runPercyScan with the appropriate test command (e.g., 'npx percy exec -- <command to run the automate script file>').\n\n\n---STEP---\nReview the snapshots\n  - Go to your Percy project on https://percy.io to review snapshots and approve/reject any visual changes.\n\n";

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    2: import { createStep, combineInstructions, createEnvStep, PLATFORM_UTILS, } from "../index.js";
    3: const username = "${process.env.BROWSERSTACK_USERNAME}";
>>> 4: const accessKey = "${process.env.BROWSERSTACK_ACCESS_KEY}";
    5: export function getRubyAppInstructions() {
    6:     const configStep = createStep("Create/Update the config file (config.yml) as follows:", `\`\`\`yaml

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    345:   // Set your BrowserStack credentials
    346:   user: process.env.BROWSERSTACK_USERNAME,
>>> 347:   key: process.env.BROWSERSTACK_ACCESS_KEY,
    348: 
    349:   // Set BrowserStack hostname

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    1: // Ruby instructions and commands for App SDK utilities
    2: import { createStep, combineInstructions, createEnvStep, PLATFORM_UTILS, } from "../index.js";
>>> 3: const username = "${process.env.BROWSERSTACK_USERNAME}";
    4: const accessKey = "${process.env.BROWSERSTACK_ACCESS_KEY}";
    5: export function getRubyAppInstructions() {

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    344: exports.config = {
    345:   // Set your BrowserStack credentials
>>> 346:   user: process.env.BROWSERSTACK_USERNAME,
    347:   key: process.env.BROWSERSTACK_ACCESS_KEY,
    348: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    211: exports.config = {
    212:   user: process.env.BROWSERSTACK_USERNAME || 'YOUR_USERNAME',
>>> 213:   key: process.env.BROWSERSTACK_ACCESS_KEY || 'YOUR_ACCESS_KEY',
    214:   hostname: 'hub.browserstack.com',
    215:   services: [

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    55: exports.config = {
    56:   user: process.env.BROWSERSTACK_USERNAME || '${username}',
>>> 57:   key: process.env.BROWSERSTACK_ACCESS_KEY || '${accessKey}',
    58:   hostname: 'hub.browserstack.com',
    59:   services: [

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    54:     const configStep = createStep("Update your WebdriverIO config file (e.g., \\`wdio.conf.js\\`) to add the BrowserStack service and capabilities:", `\`\`\`js
    55: exports.config = {
>>> 56:   user: process.env.BROWSERSTACK_USERNAME || '${username}',
    57:   key: process.env.BROWSERSTACK_ACCESS_KEY || '${accessKey}',
    58:   hostname: 'hub.browserstack.com',

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    2: // 1. The actual logger instance, swapped out as needed
    3: let currentLogger;
>>> 4: if (process.env.NODE_ENV === "development") {
    5:     currentLogger = pino({
    6:         level: "debug",

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    15:     }
    16:     const username = process.env.BROWSERSTACK_USERNAME;
>>> 17:     const accessKey = process.env.BROWSERSTACK_ACCESS_KEY;
    18:     if (!username) {
    19:         throw new Error("BROWSERSTACK_USERNAME environment variable is required");

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    136: export async function triggerEspressoBuild(app_url, test_suite_url, devices, project) {
    137:     const auth = {
>>> 138:         username: process.env.BROWSERSTACK_USERNAME || "",
    139:         password: process.env.BROWSERSTACK_ACCESS_KEY || "",
    140:     };

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    14:         return;
    15:     }
>>> 16:     const username = process.env.BROWSERSTACK_USERNAME;
    17:     const accessKey = process.env.BROWSERSTACK_ACCESS_KEY;
    18:     if (!username) {

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    9: async function main() {
    10:     logger.info("Launching BrowserStack MCP server, version %s", packageJson.version);
>>> 11:     const remoteMCP = process.env.REMOTE_MCP === "true";
    12:     if (remoteMCP) {
    13:         logger.info("Running in remote MCP mode");

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    45:     }
    46: }
>>> 47: const config = new Config(process.env.DEV_MODE === "true", browserstackLocalOptions, process.env.USE_OWN_LOCAL_BINARY_PROCESS === "true", process.env.REMOTE_MCP === "true");
    48: export default config;

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    43:         `-Dversion="${MAVEN_ARCHETYPE_VERSION}" ` +
    44:         `-DBROWSERSTACK_USERNAME="${process.env.BROWSERSTACK_USERNAME}" ` +
>>> 45:         `-DBROWSERSTACK_ACCESS_KEY="${process.env.BROWSERSTACK_ACCESS_KEY}" ` +
    46:         `-DBROWSERSTACK_FRAMEWORK="${mavenFramework}"`);
    47: }

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    210: \`\`\`js
    211: exports.config = {
>>> 212:   user: process.env.BROWSERSTACK_USERNAME || 'YOUR_USERNAME',
    213:   key: process.env.BROWSERSTACK_ACCESS_KEY || 'YOUR_ACCESS_KEY',
    214:   hostname: 'hub.browserstack.com',

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    24: for (const key of BROWSERSTACK_LOCAL_OPTION_KEYS) {
    25:     // Env var name: BROWSERSTACK_LOCAL_OPTION_<UPPERCASE_KEY>
>>> 26:     const envVar = process.env[`BROWSERSTACK_LOCAL_OPTION_${key.toUpperCase()}`];
    27:     if (envVar !== undefined) {
    28:         browserstackLocalOptions[key] = envVar;

Decoded base64 content: ��B�˦m��H*&���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: n�0��쵧$.���m���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: n�0��쵧$.���m���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: n�0��쵧$.���m���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: n�0��쵧$.���m���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: n�0��쵧$.���m���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: n�0��쵧$.���m���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: n�0��쵧$.���m���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: n�0��쵧$.���m���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: J�b�'���ӭ�즊�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: J�b�'���ӭ�즊�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �X��)춻�z{Z�*'

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Node.js child process spawning

Detected by automated pattern matching (rule SC-005) with medium confidence. May be a false positive.

    1: import logger from "../logger.js";
>>> 2: import { execSync } from "child_process";
    3: import { Local } from "browserstack-local";
    4: import config from "../config.js";

Decoded base64 content: n�0��쵧$.���m���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: }�\�Z���ǫJ֜��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��ڵ�+������N�j�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��M�m��\�*&���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��M�ף� i"{-��-���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��-9�����X���m���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��M�m��\�*&���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: j�l�*,��i�jjex i

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��B�˦m��H*&���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��hi�b����0��ҵ�$

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��hi�b����0��ҵ�$

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: j�h��^��)��,�����i

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��hi�b����0��ҵ�$

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��hi�b����0��ҵ�$

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: j�h��^�.�׬�����i

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��hi�b����0��ҵ�$

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �����IJ�޲�
�)]

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Node.js child process spawning

Detected by automated pattern matching (rule SC-005) with medium confidence. May be a false positive.

    6: import { findDeviceByName } from "./device-search.js";
    7: import { pickVersion } from "./version-utils.js";
>>> 8: import childProcess from "child_process";
    9: import envConfig from "../../config.js";
    10: /**

Decoded base64 content: �0��ҵ�$>���l

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �0��ҵ�$>���l

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Node.js child process spawning

Detected by automated pattern matching (rule SC-005) with medium confidence. May be a false positive.

    1: import logger from "../../logger.js";
>>> 2: import childProcess from "child_process";
    3: import { filterDesktop } from "./desktop-filter.js";
    4: import { filterMobile } from "./mobile-filter.js";

Decoded base64 content: r��{�_ۺ)]��Z��-

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: {ki�Ej)^u7���l

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: {ki�Ej)^u7���l

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: {ki�Ej)^u7���l

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��Oz�2Jv��-'�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��ڦ/���'j�!��?

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��Oz�2Jv��-'�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r�Z����j'"{-��-���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �܅�r��+�'�r�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �܅�r��+�'�r�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��Ij�����Š���j��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��Ij�����Š���j��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r�Z����j'"{-��-���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��ޞ+r"{-��-���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��ޞ+r"{-��-���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r�Z����j'"{-��-���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r�Z����j'"{-��-���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r�Z����j'"{-��-���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r�Z����j'"{-��-���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ������f�y�����l��lJש

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �+a�s��-I�^�+�"{-��-���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: i�Oz�2Jv��- ��jwl

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: i�Oz�2Jv��- ��jwl

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: i�Oz�2Jv��- ��jwl

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��!h��s#�k,+�m"{-��-���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��ݮ+ޮ*z�2�h��^"{-��-���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: i�Oz�2Jv��- ��jwl

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ���z�\i��{��W�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ������f�y�����l��lJש

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �+a�s��-I�^�+�"{-��-���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ������f�y�����l��lJש

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ������f�y�����l��lJש

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ������f�y�����l��lJש

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ������f�y�����l��lJש

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��!h��s#�k,+�m"{-��-���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ������f�y�����l��lJש

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ������f�y�����l��lJש

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��ݮ+ޮ*z�2�h��^"{-��-���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ������f�y�����l��lJש

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ���z�\i��{��W�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ������f�y�����l��lJש

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ������f�y�����l��lJש

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ������f�y�����l��lJש

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (5.0 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (5.1 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (5.0 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (5.1 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    5:     url.searchParams.append("user_name", username);
    6:     const authHeader = "Basic " + Buffer.from(`${username}:${accessKey}`).toString("base64");
>>> 7:     const response = await fetch(url.toString(), {
    8:         headers: {
    9:             Authorization: authHeader,

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    11:         while (true) {
    12:             requestNumber++;
>>> 13:             const response = await fetch(url, {
    14:                 headers: {
    15:                     Authorization: authHeader,

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    69:     const url = baseUrl.replace("{testId}", testId.toString());
    70:     try {
>>> 71:         const response = await fetch(url, { headers });
    72:         if (!response.ok) {
    73:             return {

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    127:                 try {
    128:                     const pollUrl = baseUrl.replace("{testId}", tc.id.toString());
>>> 129:                     const response = await fetch(pollUrl, { headers });
    130:                     if (!response.ok) {
    131:                         const errorText = await response.text();

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    2: export async function getPercyBuildCount(percyToken) {
    3:     const apiUrl = `https://percy.io/api/v1/builds`;
>>> 4:     const response = await fetch(apiUrl, {
    5:         headers: {
    6:             Authorization: `Token token=${percyToken}`,

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    16:     };
    17:     // Send request to Percy API
>>> 18:     const response = await fetch("https://percy.io/api/v1/reviews", {
    19:         method: "POST",
    20:         headers: {

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    1: export async function getPercySnapshotDiff(snapshotId, percyToken) {
    2:     const apiUrl = `https://percy.io/api/v1/snapshots/${snapshotId}`;
>>> 3:     const response = await fetch(apiUrl, {
    4:         headers: {
    5:             Authorization: `Token token=${percyToken}`,

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    30:     const authString = getBrowserStackAuth(config);
    31:     const auth = Buffer.from(authString).toString("base64");
>>> 32:     const res = await fetch(url, {
    33:         headers: {
    34:             Authorization: `Basic ${auth}`,

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    9:     }
    10:     const url = `${baseUrl}?${params.toString()}`;
>>> 11:     const response = await fetch(url, { headers: { Authorization: authHeader } });
    12:     if (!response.ok) {
    13:         throw new Error(`Failed to fetch Percy token (status: ${response.status})`);

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    17:     const authString = getBrowserStackAuth(config);
    18:     const auth = Buffer.from(authString).toString("base64");
>>> 19:     const response = await fetch(urlStr, {
    20:         headers: {
    21:             Authorization: `Basic ${auth}`,

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.