Composer · packagist.org

grandchef/dfe

Remote Payload: matched "Curl\n"

Why PkgRadar flagged 5.0.11

Severity	Signal	Evidence
medium	Remote Payload	matched "Curl\n" · grandchef-dfe-3035ea4/src/DFe/Common/CurlSoap.php
medium	Remote Payload	matched "curl " · grandchef-dfe-3035ea4/src/DFe/Database/IBPT.php
medium	Remote Payload	matched "curl " · grandchef-dfe-3035ea4/utils/atualiza_servicos.php

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`5.0.11`	High risk	25	2026-06-08
`5.0.10`	High risk	25	2026-06-08

Block this in CI

PkgRadar gates grandchef/dfe (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem composer grandchef/[email protected]