Cargo · crates.io
buf-toolchain
Remote Payload: matched "github.com/bufbuild/buf/releases/download"
Why PkgRadar flagged 1.70.0-hotfix.1
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "github.com/bufbuild/buf/releases/download" · buf-toolchain-1.70.0-hotfix.1/build.rs |
| medium | Remote Payload | matched "github.com/bufbuild/buf/releases/download" · buf-toolchain-1.70.0-hotfix.1/src/upstream.rs |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
1.70.0-hotfix.1 | Review | 24 | 2026-06-11 |
1.70.0 | Review | 24 | 2026-05-28 |
1.70.0-rc.3 | Review | 24 | 2026-05-28 |
1.70.0-rc.2 | Review | 24 | 2026-05-28 |
1.70.0-rc.1 | Review | 24 | 2026-05-28 |
Block this in CI
pkgradar gate --ecosystem cargo [email protected]