Go modules · proxy.golang.org
github.com/darpanzope/compliancekit
DNS / OAST exfiltration: matched "dig +short TXT _dmarc.%s`, d),\n\t}, nil\n}\n\nfunc renderBashDMARCSubdomain(f compliancekit.Finding) (remediate.Snippet, error) {\n\treturn renderBashDMARCPolicy(f)\n}\nfunc renderBashDMARCPct(f compliancekit.Finding) (remediate.Snippet, error) {\n\treturn renderBashDMARCPolicy(f)\n}\nfunc renderBashDMARCRUA(f compliancekit.Finding) (remediate.Snippet, error) {\n\treturn renderBashDMARCPolicy(f)\n}\nfunc renderBashDMARCRUF(f compliancekit.Finding) (remediate.Snippet, error) {\n\treturn renderBashDMARCPolicy(f)\n}\n\nfunc renderBashSPFStrict(f compliancekit.Finding) (remediate.Snippet, error) {\n\td := bashDomain(f)\n\tbody := fmt.Sprintf(`# Find + update the root SPF TXT record terminator from ~all/?all to -all.\ndomain=%q\nrec_id=\"$("
Why PkgRadar flagged v1.19.2-0.20260529164013-88f9112c3d3f
| Severity | Signal | Evidence |
|---|---|---|
| high | DNS / OAST exfiltration | matched "dig +short TXT _dmarc.%s`, d),\n\t}, nil\n}\n\nfunc renderBashDMARCSubdomain(f compliancekit.Finding) (remediate.Snippet, error) {\n\treturn renderBashDMARCPolicy(f)\n}\nfunc renderBashDMARCPct(f compliancekit.Finding) (remediate.Snippet, error) {\n\treturn renderBashDMARCPolicy(f)\n}\nfunc renderBashDMARCRUA(f compliancekit.Finding) (remediate.Snippet, error) {\n\treturn renderBashDMARCPolicy(f)\n}\nfunc renderBashDMARCRUF(f compliancekit.Finding) (remediate.Snippet, error) {\n\treturn renderBashDMARCPolicy(f)\n}\n\nfunc renderBashSPFStrict(f compliancekit.Finding) (remediate.Snippet, error) {\n\td := bashDomain(f)\n\tbody := fmt.Sprintf(`# Find + update the root SPF TXT record terminator from ~all/?all to -all.\ndomain=%q\nrec_id=\"$(" · github.com/darpanzope/[email protected]/internal/remediate/bash/do_domains.go |
| medium | Remote Payload | matched "curl " · github.com/darpanzope/[email protected]/internal/checks/digitalocean/functions_extra.go |
| medium | Remote Payload | matched "curl " · github.com/darpanzope/[email protected]/internal/checks/digitalocean/network_extra.go |
| medium | Remote Payload | matched "curl " · github.com/darpanzope/[email protected]/internal/checks/k8s/admission_extra.go |
| medium | Remote Payload | matched "cURL " · github.com/darpanzope/[email protected]/internal/ingest/ocsf/types.go |
| medium | Remote Payload | matched "curl " · github.com/darpanzope/[email protected]/internal/remediate/bash/do_account.go |
| medium | Remote Payload | matched "curl " · github.com/darpanzope/[email protected]/internal/remediate/bash/do_functions.go |
| medium | Remote Payload | matched "curl " · github.com/darpanzope/[email protected]/internal/remediate/bash/do_network.go |
| medium | Remote Payload | matched "curl " · github.com/darpanzope/[email protected]/internal/remediate/doctl/do_functions.go |
| medium | Remote Payload | matched "curl " · github.com/darpanzope/[email protected]/internal/remediate/doctl/do_network.go |
| medium | Remote Payload | matched "curl " · github.com/darpanzope/[email protected]/internal/remediate/kubectl/admission_extra.go |
| medium | Remote Payload | matched "curl " · github.com/darpanzope/[email protected]/internal/remediate/kubectl/managed_extra.go |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v1.19.2-0.20260529164013-88f9112c3d3f | High risk | 156 | 2026-05-30 |
v1.19.1 | High risk | 156 | 2026-05-30 |
v1.19.0 | High risk | 156 | 2026-05-30 |
v1.18.0 | High risk | 156 | 2026-05-30 |
v1.19.2-0.20260529171505-c88d4f513542 | High risk | 156 | 2026-05-30 |
Block this in CI
pkgradar gate --ecosystem go github.com/darpanzope/[email protected]