Go modules · proxy.golang.org
github.com/aaron70/decoy-cli
Go Mod Replace Local: go.mod replace directive redirects to a local filesystem path — non-portable / dev-time only.
Why PkgRadar flagged v0.0.0-20260614212944-10e8d6ccb336
| Severity | Signal | Evidence |
|---|---|---|
| medium | Go Mod Replace Local | go.mod replace directive redirects to a local filesystem path — non-portable / dev-time only. · github.com/aaron70/[email protected]/go.mod |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v0.0.0-20260614212944-10e8d6ccb336 | Review | 10 | 2026-06-16 |
v0.0.0-20260608050618-0564830cbcd0 | Low risk | 0 | 2026-06-14 |
v0.0.0-20260608034708-5d2234c93ea7 | Low risk | 0 | 2026-06-09 |
v0.0.0-20260529053511-61d22e7bc21f | Low risk | 0 | 2026-05-30 |
v0.0.0-20260529043944-965c373d06f0 | Low risk | 0 | 2026-05-30 |
v0.0.0-20260529032625-9e724bd9efad | Low risk | 0 | 2026-05-30 |
Block this in CI
pkgradar gate --ecosystem go github.com/aaron70/[email protected]