Cargo · crates.io
grit-git
Rs Build Time Command: Process spawn (std::process::Command) at build time.
Why PkgRadar flagged 0.5.0
| Severity | Signal | Evidence |
|---|---|---|
| medium | Rs Build Time Command | Process spawn (std::process::Command) at build time. · grit-git-0.5.0/build.rs |
| medium | Remote Payload | matched "curl " · grit-git-0.5.0/src/commands/imap_send.rs |
| medium | Tls Verification Disabled | matched "verify = false" · grit-git-0.5.0/src/commands/rev_parse.rs |
| medium | Remote Payload | matched "Curl " · grit-git-0.5.0/src/http_client.rs |
| medium | Suspicious Publish Context | {"package_age_days":0,"publisher":"Scott Chacon","burst_same_day":2,"burst_week":4,"lure":null,"version_anomaly":false,"new_account":false} |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
0.5.0 | Review | 76 | 2026-06-20 |
Block this in CI
pkgradar gate --ecosystem cargo [email protected]