Go modules · proxy.golang.org
github.com/hasura/graphql-engine/cli/v2
Remote Payload: matched "curl "
Why PkgRadar flagged v2.49.1
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "curl " · github.com/hasura/graphql-engine/cli/[email protected]/go.mod |
| medium | Remote Payload | matched "curl " · github.com/hasura/graphql-engine/cli/[email protected]/go.sum |
| medium | Remote Payload | matched "raw.githubusercontent.com" · github.com/hasura/graphql-engine/cli/[email protected]/internal/metadataobject/actions/actions.go |
| medium | Remote Payload | matched "github.com/hasura/graphql-engine/releases/download" · github.com/hasura/graphql-engine/cli/[email protected]/update/update.go |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v2.49.1 | High risk | 48 | 2026-06-06 |
Block this in CI
pkgradar gate --ecosystem go github.com/hasura/graphql-engine/cli/[email protected]