Run details

security: rename report.checks.mfa to mfaPolicy to reflect semantics The field stores the configured npm publish MFA *policy* (e.g. `none`, `automatic`), not a user authentication factor or secret. Logging it in the structured JSON report is safe, but the CodeQL heuristic `js/clear-text-logging` fired on the field name `mfa`. Rename clarifies intent and removes the false-positive signal. Resolves code-scanning alert #42 (js/clear-text-logging).

nx affected -t lint test build e2e-ci --verbose=false --parallel=3

Succeeded

CI Pipeline Execution

nx affected -t lint test build e2e-ci --verbose=false --parallel=3

Click to copy

4 CPU cores

read access token used

a8477a3c115

© 2026 - Nx Cloud

Terms of Service Privacy Policy Changelog Status Docs Contact Nx Cloud Pricing Company @NxDevTools