PkgRadar

Composer · packagist.org

barefootjs/blade

Suspicious Publish Context

Why PkgRadar flagged v0.18.4

SeveritySignalEvidence
mediumSuspicious Publish Context

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

VersionVerdictScoreScanned (UTC)
v0.18.4Review102026-07-08
v0.18.3Low risk02026-07-08

Block this in CI

PkgRadar gates barefootjs/blade (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem composer barefootjs/[email protected]
barefootjs/blade — Composer security scan | PkgRadar