Go modules · proxy.golang.org
github.com/i2p/i2p.i2p
Remote Payload: matched "wget "
Why PkgRadar flagged v0.0.0-20260527233336-d22f04b2d5c4
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "wget " · github.com/i2p/[email protected]/core/c/jbigi/download_gmp.sh |
| medium | Remote Payload | matched "wget " · github.com/i2p/[email protected]/installer/lib/wrapper/copy.sh |
| medium | Remote Payload | matched "wget " · github.com/i2p/[email protected]/installer/resources/makegeoip.sh |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v0.0.0-20260612141457-aef56c9d9254 | Low risk | 0 | 2026-06-14 |
v0.0.0-20260607121140-eb8e417d9001 | Low risk | 0 | 2026-06-08 |
v0.0.0-20260530000007-c4b44795b1e6 | Low risk | 0 | 2026-06-01 |
v0.0.0-20260528160609-50954d5db40e | Low risk | 0 | 2026-05-29 |
v0.0.0-20260527233336-d22f04b2d5c4 | Review | 36 | 2026-05-29 |
Block this in CI
pkgradar gate --ecosystem go github.com/i2p/[email protected]