Composer · packagist.org

topoff/laravel-messenger

Credential file access: matched "AWS_ACCESS_KEY"

Why PkgRadar flagged v8.4.0

Severity	Signal	Evidence
high	Credential file access	matched "AWS_ACCESS_KEY" · topoff-laravel-messenger-98bf6bc/config/messenger.php

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`v8.4.0`	High risk	40	2026-06-11
`v8.2.10`	High risk	40	2026-06-05
`v8.2.7`	High risk	40	2026-06-05
`v8.2.8`	High risk	40	2026-06-05
`v8.2.9`	High risk	40	2026-06-05
`v8.2.6`	High risk	40	2026-06-04
`v8.2.5`	High risk	40	2026-06-03

Block this in CI

PkgRadar gates topoff/laravel-messenger (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem composer topoff/[email protected]