Go modules · proxy.golang.org

github.com/itrs-group/cordial

Credential file access: matched ".azure\\"

Why PkgRadar flagged v1.27.2-0.20260608214001-3f7be339deb3

Severity	Signal	Evidence
high	Credential file access	matched ".azure\\" · github.com/itrs-group/[email protected]/libraries/libemail/libemail.go

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`v1.27.2-0.20260608214001-3f7be339deb3`	High risk	40	2026-06-10
`v1.27.2-0.20260605093300-942647813198`	High risk	40	2026-06-07
`v1.27.1`	High risk	40	2026-06-05
`v1.27.0`	High risk	40	2026-05-30

Block this in CI

PkgRadar gates github.com/itrs-group/cordial (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/itrs-group/[email protected]