Go modules · proxy.golang.org
github.com/hoophq/hoop/client
Remote Payload: matched "cURL\n\t\t\t"
Why PkgRadar flagged v0.0.0-20260610214214-e6e7f0577bfe
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "cURL\n\t\t\t" · github.com/hoophq/hoop/[email protected]/cmd/config/config.go |
| medium | Remote Payload | matched "cURL " · github.com/hoophq/hoop/[email protected]/cmd/login.go |
| medium | Remote Payload | matched "cURL " · github.com/hoophq/hoop/[email protected]/config/config.go |
| medium | Go Mod Replace Local | go.mod replace directive redirects to a local filesystem path — non-portable / dev-time only. · github.com/hoophq/hoop/[email protected]/go.mod |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v0.0.0-20260610214214-e6e7f0577bfe | High risk | 46 | 2026-06-11 |
v0.0.0-20260609123312-4f61b57d31e3 | High risk | 46 | 2026-06-10 |
v0.0.0-20260608201551-91e6f4fba4ef | High risk | 46 | 2026-06-09 |
v0.0.0-20260603192510-5d02fdfd016f | High risk | 46 | 2026-06-04 |
v0.0.0-20260603141821-e485e6a07c61 | High risk | 46 | 2026-06-04 |
v0.0.0-20260603140113-7cb45e3d63a8 | High risk | 46 | 2026-06-04 |
v0.0.0-20260602155838-859490d878e0 | High risk | 46 | 2026-06-04 |
v0.0.0-20260601122200-17a94a2283f3 | High risk | 46 | 2026-06-02 |
v0.0.0-20260529191213-67aafcf14c41 | Review | 46 | 2026-05-30 |
v0.0.0-20260529171944-ddafa6470c0a | Review | 46 | 2026-05-30 |
v0.0.0-20260527190412-abdb9ad2861a | High risk | 46 | 2026-05-30 |
v0.0.0-20260528150208-7dc0cd56f73d | Review | 46 | 2026-05-30 |
Block this in CI
pkgradar gate --ecosystem go github.com/hoophq/hoop/[email protected]