Cargo · crates.io
opensymphony
Credential File Packaged: opensymphony-1.9.2/.npmrc
Why PkgRadar flagged 1.9.2
| Severity | Signal | Evidence |
|---|---|---|
| high | Credential File Packaged | opensymphony-1.9.2/.npmrc · opensymphony-1.9.2/.npmrc |
| medium | Remote Payload | matched "raw.githubusercontent.com" · opensymphony-1.9.2/crates/opensymphony-cli/src/init_repo.rs |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
1.9.2 | High risk | 47 | 2026-06-15 |
1.9.1 | High risk | 47 | 2026-06-14 |
1.9.0 | High risk | 47 | 2026-06-14 |
1.8.0 | High risk | 47 | 2026-06-08 |
1.7.3 | High risk | 47 | 2026-06-03 |
1.7.2 | High risk | 47 | 2026-06-01 |
1.7.1 | High risk | 47 | 2026-05-31 |
1.7.0 | High risk | 47 | 2026-05-31 |
Block this in CI
pkgradar gate --ecosystem cargo [email protected]