PkgRadar

Go modules · proxy.golang.org

github.com/akuity/kargo

Remote Payload: matched "api.github.com/graphql"

Why PkgRadar flagged v1.10.0-rc.1.0.20260615213932-a3bbf6782545

SeveritySignalEvidence
mediumRemote Payloadmatched "api.github.com/graphql" · github.com/akuity/[email protected]/pkg/governance/github_client.go
mediumCredential file accessmatched "id_rsa" · github.com/akuity/[email protected]/pkg/controller/git/base_repo.go

Scanned versions

VersionVerdictScoreScanned (UTC)
v1.10.0-rc.1.0.20260615213932-a3bbf6782545Review222026-06-16
v0.0.0-20260615213932-a3bbf6782545Review222026-06-16
v1.10.0-rc.1.0.20260615182444-aed8355c2422Review222026-06-16
v0.0.0-20260615182444-aed8355c2422Review222026-06-16
v0.0.0-20260615182407-586173e47870Review222026-06-16
v1.10.0-rc.1.0.20260615171207-b09184a02eeaReview222026-06-16
v0.0.0-20260615155634-5b34dc840461Review222026-06-16
v1.10.0-rc.1.0.20260615145704-430e78dc09afReview222026-06-16
v0.0.0-20260612003012-17077e406ed3Review222026-06-13
v1.10.7-0.20260612003012-17077e406ed3Review222026-06-13
v1.10.0-rc.1.0.20260611224217-e68672c99dabReview222026-06-12
v0.0.0-20260610113719-f7641c1cb6c5Review222026-06-12
v1.10.0-rc.1.0.20260610200447-8296b8e78cb7Review222026-06-11
v0.0.0-20260610200447-8296b8e78cb7Review222026-06-11
v0.0.0-20260610011729-c4b016c096e5Review222026-06-11
v1.10.0-rc.1.0.20260609221924-5e02f7e7a9cdReview222026-06-10
v0.0.0-20260609221924-5e02f7e7a9cdReview222026-06-10
v0.0.0-20260609121709-1ec8d6094bdbReview222026-06-10
v1.10.6Review222026-06-10
v1.10.0-rc.1.0.20260609113237-d3441730ed8dReview222026-06-10
v0.0.0-20260609113237-d3441730ed8dReview222026-06-10
v1.10.0-rc.1.0.20260609094521-5cf7b7627797Review222026-06-10
v0.0.0-20260609094521-5cf7b7627797Review222026-06-10
v0.0.0-20260609012302-7644c76d72aeReview222026-06-10
v1.10.6-0.20260609012302-7644c76d72aeReview222026-06-10
v1.10.0-rc.1.0.20260609003217-76229a86fa26Review222026-06-10
v0.0.0-20260609003217-76229a86fa26Review222026-06-10
v1.10.0-rc.1.0.20260608183710-66dd292c31c3Review222026-06-09
v0.0.0-20260608183710-66dd292c31c3Review222026-06-09
v0.0.0-20260605214408-f791a1f64b6eReview222026-06-06
v1.10.0-rc.1.0.20260605162839-c3615015e1daReview222026-06-06
v0.0.0-20260605162839-c3615015e1daReview222026-06-06
v0.0.0-20260603201039-0b8f14570e56Review222026-06-04
v1.10.0-rc.1.0.20260603201039-0b8f14570e56Review222026-06-04
v0.0.0-20260603194653-d2ea74bee102Review222026-06-04
v0.0.0-20260603164941-a32dea29e163Review222026-06-04
v1.10.0-rc.1.0.20260603164941-a32dea29e163Review222026-06-04
v0.0.0-20260603163203-f4f5f37a2bafReview222026-06-04
v0.0.0-20260602112956-9efd756796b7Review222026-06-04
v1.10.6-0.20260602112956-9efd756796b7Review222026-06-04
v1.10.0-rc.1.0.20260602094756-4afa5659ec24Review222026-06-03
v0.0.0-20260602094756-4afa5659ec24Review222026-06-03
v1.10.0-rc.1.0.20260602043400-9dddb3e8dc5bReview222026-06-03
v0.0.0-20260602043400-9dddb3e8dc5bReview222026-06-03
v1.10.5Review222026-06-02
v0.0.0-20260529191801-b2a335a22f3cReview222026-06-02
v1.10.5-0.20260529191801-b2a335a22f3cReview222026-06-02
v1.10.0-rc.1.0.20260529183739-edc4a3ccc052Review222026-05-30
v0.0.0-20260529183739-edc4a3ccc052Review222026-05-30
v0.0.0-20260529055752-18cb9bde2210Review222026-05-30
v1.10.0-rc.1.0.20260529055752-18cb9bde2210Review222026-05-30
v0.0.0-20260528212640-e7c176affa43Review222026-05-30
v1.10.5-0.20260528212640-e7c176affa43Review222026-05-30
v1.10.0-rc.1.0.20260528185551-b7d653eb62e6Review222026-05-29
v0.0.0-20260528185551-b7d653eb62e6Review222026-05-29
v0.0.0-20260528182055-3cf6a8630d80Review222026-05-29
v0.0.0-20260528171629-67e25fe24df7Review222026-05-29
v0.0.0-20260528164557-6fec89646262Review222026-05-29
v1.10.0-rc.1.0.20260528161026-52a7512392b5Review222026-05-29
v0.0.0-20260528161026-52a7512392b5Review222026-05-29

Block this in CI

PkgRadar gates github.com/akuity/kargo (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/akuity/[email protected]
Start free — 25 scans / moView full evidence