PkgRadar

Go modules · proxy.golang.org

github.com/hopeio/mix

Remote Payload, Tls Verification Disabled, Go Init Exec In Body

Why PkgRadar flagged v1.10.17

SeveritySignalEvidence
mediumRemote Payloadgithub.com/hopeio/[email protected]/go.sum
mediumRemote Payloadgithub.com/hopeio/[email protected]/utils/datastructure/list/skiplist/skiplist.go
mediumTls Verification Disabledgithub.com/hopeio/[email protected]/utils/net/http/grpc/client.go
mediumTls Verification Disabledgithub.com/hopeio/[email protected]/utils/net/http/grpc/web/wrapper.go
mediumRemote Payloadgithub.com/hopeio/[email protected]/utils/sdk/dingding/msg_type.go

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

VersionVerdictScoreScanned (UTC)
v1.21.2-0.20260624144649-0507ff5921b2Low risk02026-06-25
v1.10.17Review482026-06-25
v1.16.21Review122026-06-25
v1.12.7Review482026-06-25
v1.16.22Review122026-06-25
v1.20.17Low risk02026-06-25
v1.16.5Review122026-06-25
v1.7.6Review482026-06-25
v1.16.23Review122026-06-25
v1.6.7Review482026-06-25
v1.13.5Review482026-06-25
v1.11.1Review482026-06-25
v1.19.15Low risk02026-06-25
v1.0.7Review482026-06-25
v1.1.0Review482026-06-25
v1.17.12Low risk02026-06-25
v1.20.22Low risk02026-06-25
v1.2.11Review482026-06-25
v1.15.0Review482026-06-25
v1.20.29Low risk02026-06-25
v1.16.0Review482026-06-25
v1.18.16Low risk02026-06-25
v1.0.1Review482026-06-25
v1.20.30Low risk02026-06-25
v1.16.17Review122026-06-25
v1.14.2Review482026-06-25
v1.20.3Low risk02026-06-25
v1.20.37Low risk02026-06-25
v1.15.8Review482026-06-25
v1.19.13Low risk02026-06-25
v1.13.0Review482026-06-25
v1.19.19Low risk02026-06-25
v1.7.10Review482026-06-25
v1.10.6Review482026-06-25
v1.20.38Low risk02026-06-25
v1.20.11Low risk02026-06-25
v1.12.9Review482026-06-25
v1.6.6Review482026-06-25
v1.13.4Review482026-06-25
v1.10.13Review482026-06-25
v1.16.6Review122026-06-25
v1.20.24Low risk02026-06-25
v1.10.5Review482026-06-25
v1.20.12Low risk02026-06-25
v1.12.8Review482026-06-25
v1.6.13Review482026-06-25
v1.16.12Review122026-06-25
v1.16.25Review122026-06-25
v1.10.9Review482026-06-25
v1.17.21Low risk02026-06-25
v1.18.7Low risk02026-06-25
v1.21.2-0.20260624143258-1b0a2666d0b5Low risk02026-06-25
v1.21.1Low risk02026-06-25
v1.20.39Low risk02026-06-25

Block this in CI

PkgRadar gates github.com/hopeio/mix (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/hopeio/[email protected]
Start free — 25 scans / moView full evidence