Composer · packagist.org
frosh/tools
Remote Payload: matched "raw.githubusercontent.com"
Why PkgRadar flagged 3.8.1
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "raw.githubusercontent.com" · FriendsOfShopware-FroshTools-2b38467/src/Components/Health/Checker/HealthChecker/SwagSecurityChecker.php |
| medium | Remote Payload | matched "raw.githubusercontent.com" · FriendsOfShopware-FroshTools-2b38467/src/Components/Security/Checker/ShopwareEolChecker.php |
| medium | Remote Payload | matched "raw.githubusercontent.com" · FriendsOfShopware-FroshTools-2b38467/src/Components/Security/ShopwareReleaseService.php |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
3.8.1 | High risk | 18 | 2026-06-11 |
3.8.0 | High risk | 18 | 2026-06-10 |
Block this in CI
pkgradar gate --ecosystem composer frosh/[email protected]