Cargo · crates.io
is-it-slop
Rs Build Time Network: HTTP / TCP network call inside build.rs — downloads at compile time.
Why PkgRadar flagged 0.6.3
| Severity | Signal | Evidence |
|---|---|---|
| high | Rs Build Time Network | HTTP / TCP network call inside build.rs — downloads at compile time. · is-it-slop-0.6.3/build.rs |
| medium | Remote Payload | matched "curl " · is-it-slop-0.6.3/build.rs |
| medium | Remote Payload | matched "raw.githubusercontent.com" · is-it-slop-0.6.3/src/cli/self_update.rs |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
0.6.3 | High risk | 51 | 2026-06-02 |
0.6.2 | High risk | 51 | 2026-06-02 |
0.6.1 | High risk | 51 | 2026-06-02 |
0.6.0 | High risk | 74 | 2026-06-01 |
0.6.0-beta.1 | High risk | 74 | 2026-06-01 |
0.6.0-beta.0 | High risk | 74 | 2026-06-01 |
0.6.0-alpha.5 | High risk | 74 | 2026-06-01 |
Block this in CI
pkgradar gate --ecosystem cargo [email protected]