Go modules · proxy.golang.org
github.com/discourse/dv
Credential file access: matched "AWS_ACCESS_KEY"
Why PkgRadar flagged v1.0.94-0.20260605073702-0841c83077d9
| Severity | Signal | Evidence |
|---|---|---|
| high | Credential file access | matched "AWS_ACCESS_KEY" · github.com/discourse/[email protected]/internal/ai/providers/bedrock.go |
| medium | Remote Payload | matched "curl " · github.com/discourse/[email protected]/internal/assets/localproxy/main.go |
| medium | Remote Payload | matched "curl " · github.com/discourse/[email protected]/internal/cli/new.go |
| medium | Remote Payload | matched "curl " · github.com/discourse/[email protected]/internal/cli/update.go |
| medium | Remote Payload | matched "github.com/%s/%s/releases/download" · github.com/discourse/[email protected]/internal/cli/upgrade.go |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v1.0.94-0.20260605073702-0841c83077d9 | High risk | 98 | 2026-06-07 |
v1.0.93 | High risk | 98 | 2026-06-07 |
v1.0.91 | High risk | 98 | 2026-06-05 |
v1.0.89 | High risk | 98 | 2026-06-05 |
v1.0.93-0.20260604143506-ac4cfb7e4885 | High risk | 98 | 2026-06-05 |
v1.0.92 | High risk | 98 | 2026-06-05 |
v1.0.91-0.20260601144147-e56cb4e3040e | High risk | 98 | 2026-06-03 |
v1.0.90 | High risk | 98 | 2026-06-03 |
v1.0.88 | High risk | 110 | 2026-05-31 |
Block this in CI
pkgradar gate --ecosystem go github.com/discourse/[email protected]