PkgRadar

Composer · packagist.org

joby/smol-sentry

Remote Payload: matched "raw.githubusercontent.com"

Why PkgRadar flagged v2.0.0

SeveritySignalEvidence
mediumRemote Payloadmatched "raw.githubusercontent.com" · joby-lol-smol-sentry-ef392b5/src/InspectionRules/OwaspCrsUpdater.php

Scanned versions

VersionVerdictScoreScanned (UTC)
v2.0.0Review122026-06-02
v1.4.0Review122026-05-29

Block this in CI

PkgRadar gates joby/smol-sentry (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem composer joby/[email protected]
Start free — 25 scans / moView full evidence