PkgRadar

Go modules · proxy.golang.org

github.com/kfet/harb

Remote Payload: matched "github.com/%s/releases/download"

Why PkgRadar flagged v0.12.1

SeveritySignalEvidence
mediumRemote Payloadmatched "github.com/%s/releases/download" · github.com/kfet/[email protected]/internal/selfupdate/selfupdate.go

Scanned versions

VersionVerdictScoreScanned (UTC)
v0.12.1Review122026-06-11
v0.12.2Review122026-06-11
v0.12.3Review122026-06-11
v0.12.1-0.20260609072238-3f19d7a52ffbReview122026-06-10
v0.11.0Review122026-06-10
v0.8.2Review122026-06-10
v0.12.0Review122026-06-10
v0.9.0Review122026-06-10
v0.8.3Review122026-06-10
v0.10.0Review122026-06-10
v0.9.1Review122026-06-10
v0.7.11Review122026-06-09
v0.8.2-0.20260608170754-7bcd8cc202d1Review122026-06-09
v0.8.0Review122026-06-09
v0.7.10Review122026-06-09
v0.8.1Review122026-06-09
v0.7.9Review122026-06-09
v0.7.1Review122026-06-07
v0.7.7Review122026-06-07
v0.7.4Review122026-06-07
v0.7.3Review122026-06-07
v0.7.2Review122026-06-07
v0.7.5Review122026-06-07
v0.6.1Review122026-06-06
v0.6.0Review122026-06-04
v0.5.2Review122026-06-03
v0.5.1Review122026-06-03
v0.4.20Review122026-06-03
v0.2.0Review122026-06-03
v0.4.10Review122026-06-03
v0.4.21Review122026-06-03
v0.4.22Review122026-06-03
v0.4.15Review122026-06-03
v0.4.14Review122026-06-03
v0.4.0Review122026-06-03
v0.3.0Review122026-06-03
v0.4.2Review122026-06-03
v0.4.8Review122026-06-03
v0.4.9Review122026-06-03
v0.4.6Review122026-06-03
v0.1.0Low risk02026-06-03
v0.4.5Review122026-06-03
v0.4.16Review122026-06-03
v0.4.13Review122026-06-03
v0.4.3Review122026-06-03
v0.3.1Review122026-06-03
v0.4.7Review122026-06-03
v0.5.0Review122026-06-03

Block this in CI

PkgRadar gates github.com/kfet/harb (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/kfet/[email protected]
Start free — 25 scans / moView full evidence