PkgRadar

Go modules · proxy.golang.org

github.com/chronosphereio/chronoctl-core

Tls Verification Disabled: matched "InsecureSkipVerify: true"

Why PkgRadar flagged v0.0.0-20260615224209-420fe8d85c6a

SeveritySignalEvidence
mediumTls Verification Disabledmatched "InsecureSkipVerify: true" · github.com/chronosphereio/[email protected]/src/cmd/pkg/transport/transport.go

Scanned versions

VersionVerdictScoreScanned (UTC)
v0.0.0-20260615224209-420fe8d85c6aReview122026-06-20
v1.29.0Low risk02026-06-16
v1.28.1-0.20260612174045-e972c2d991bbLow risk02026-06-14
v0.0.0-20260612174045-e972c2d991bbLow risk02026-06-14
v0.0.0-20260608144546-38d404ce04c6Low risk02026-06-13
v1.28.0Low risk02026-06-09
v1.27.1-0.20260604184946-284d9d365b3fLow risk02026-06-06
v0.0.0-20260604184946-284d9d365b3fLow risk02026-06-06

Block this in CI

PkgRadar gates github.com/chronosphereio/chronoctl-core (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/chronosphereio/[email protected]
Start free — 25 scans / moView full evidence