Go modules · proxy.golang.org

github.com/crossplane/provider-aws

Remote Payload: matched "CURL "

Why PkgRadar flagged v0.58.1-0.20260528150703-14a5420af1d1

Severity	Signal	Evidence
medium	Remote Payload	matched "CURL " · github.com/crossplane/[email protected]/apis/firehose/v1alpha1/zz_generated.deepcopy.go
medium	Remote Payload	matched "CURL " · github.com/crossplane/[email protected]/apis/firehose/v1alpha1/zz_types.go
medium	Remote Payload	matched "CURL " · github.com/crossplane/[email protected]/pkg/controller/firehose/deliverystream/zz_conversions.go

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`v0.58.1-0.20260528150703-14a5420af1d1`	High risk	36	2026-05-31

Block this in CI

PkgRadar gates github.com/crossplane/provider-aws (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/crossplane/[email protected]