PkgRadar

Cargo · crates.io

ngit

Remote Payload, Credential file access

Why PkgRadar flagged 2.6.0

SeveritySignalEvidence
mediumRemote Payload

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

VersionVerdictScoreScanned (UTC)
2.6.0Review112026-06-26

Block this in CI

PkgRadar gates ngit (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem cargo [email protected]
Start free — 25 scans / moView full evidence
ngit — Cargo security scan | PkgRadar