PkgRadar

Go modules · proxy.golang.org

github.com/fluent/fluent-bit

Tls Verification Disabled

Why PkgRadar flagged v0.0.0-20260619165514-9bf9c1ba6f7c

SeveritySignalEvidence
mediumTls Verification Disabledgithub.com/fluent/[email protected]/lib/nghttp2-1.65.0/integration-tests/server_tester_http3.go

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

VersionVerdictScoreScanned (UTC)
v0.0.0-20260619165514-9bf9c1ba6f7cReview122026-06-21
v0.0.0-20260615163608-4ddcb11e2689Low risk02026-06-17
v0.0.0-20260612124511-47db630cbfc5Low risk02026-06-14
v0.0.0-20260611131652-e539731f86b7Low risk02026-06-13
v0.0.0-20260610234517-b7f4f8925067Low risk02026-06-12
v0.0.0-20260605214551-5880717dd881Low risk02026-06-08
v5.0.7+incompatibleLow risk02026-06-07
v0.0.0-20260604170543-f4f95cd7946eLow risk02026-06-05
v0.0.0-20260603185010-f617ed137ab4Low risk02026-06-05

Block this in CI

PkgRadar gates github.com/fluent/fluent-bit (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/fluent/[email protected]
Start free — 25 scans / moView full evidence