PkgRadar

Composer · packagist.org

saucebase/installer

Remote Payload: matched "raw.githubusercontent.com"

Why PkgRadar flagged v1.0.1

SeveritySignalEvidence
mediumRemote Payloadmatched "raw.githubusercontent.com" · saucebase-dev-installer-e990d8c/src/Console/Commands/InstallCommand.php
mediumRemote Payloadmatched "raw.githubusercontent.com" · saucebase-dev-installer-e990d8c/tests/Feature/InstallCommandTest.php

Scanned versions

VersionVerdictScoreScanned (UTC)
v1.0.1Review242026-06-17
v0.0.1Review242026-06-17
v0.0.2Review242026-06-17
v1.0.0Review242026-06-17

Block this in CI

PkgRadar gates saucebase/installer (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem composer saucebase/[email protected]
Start free — 25 scans / moView full evidence