Go modules · proxy.golang.org
github.com/SemRels/semrel
Remote Payload: matched "github.com/SemRels/semrel/releases/download"
Why PkgRadar flagged v0.10.1
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "github.com/SemRels/semrel/releases/download" · github.com/semrels/[email protected]/internal/cli/update.go |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v0.10.1 | Review | 12 | 2026-06-11 |
v0.10.0 | Review | 12 | 2026-06-11 |
v0.9.0 | Review | 12 | 2026-06-11 |
v0.8.1 | Low risk | 0 | 2026-06-11 |
v0.8.1-0.20260610162426-c860a7962027 | Low risk | 0 | 2026-06-11 |
v0.8.0 | Low risk | 0 | 2026-06-11 |
v0.5.0 | Low risk | 0 | 2026-06-11 |
v0.1.3 | Low risk | 0 | 2026-06-11 |
v0.3.0 | Low risk | 0 | 2026-06-11 |
v0.3.3 | Low risk | 0 | 2026-06-11 |
v0.6.0 | Low risk | 0 | 2026-06-11 |
v0.1.2 | Low risk | 0 | 2026-06-11 |
Block this in CI
pkgradar gate --ecosystem go github.com/SemRels/[email protected]