Go modules · proxy.golang.org
github.com/gogits/gogs
Credential file access: matched "id_rsa"
Why PkgRadar flagged v0.11.92-0.20260607173642-93f966b030cb
| Severity | Signal | Evidence |
|---|---|---|
| high | Credential file access | matched "id_rsa" · github.com/gogits/[email protected]/internal/database/ssh_key.go |
| medium | Remote Payload | matched "cURL " · github.com/gogits/[email protected]/internal/context/api.go |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v0.11.92-0.20260607173642-93f966b030cb | High risk | 47 | 2026-06-08 |
v0.14.3 | High risk | 47 | 2026-06-08 |
v0.14.3-rc.1 | High risk | 47 | 2026-06-08 |
Block this in CI
pkgradar gate --ecosystem go github.com/gogits/[email protected]