Go modules · proxy.golang.org

github.com/kgateway-dev/kgateway/v2

Go Generate Shell: //go:generate directive shells out to curl/wget/bash — runs during `go generate`.

Why PkgRadar flagged v2.4.0-alpha.1.0.20260615143756-aa26af9c19d4

Severity	Signal	Evidence
medium	Go Generate Shell	//go:generate directive shells out to curl/wget/bash — runs during `go generate`. · github.com/kgateway-dev/kgateway/[email protected]/pkg/utils/filter_types/filter_types.go
medium	Remote Payload	matched "curl\n\n" · github.com/kgateway-dev/kgateway/[email protected]/pkg/utils/requestutils/curl/native_request.go
medium	Remote Payload	matched "curl\n\n" · github.com/kgateway-dev/kgateway/[email protected]/pkg/utils/requestutils/curl/option.go
medium	Remote Payload	matched "curl\n\n" · github.com/kgateway-dev/kgateway/[email protected]/pkg/utils/requestutils/curl/request.go
medium	Remote Payload	matched "curl\n\n" · github.com/kgateway-dev/kgateway/[email protected]/pkg/utils/requestutils/grpcurl/options.go

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`v2.4.0-alpha.1.0.20260615143756-aa26af9c19d4`	High risk	66	2026-06-16
`v2.4.0-alpha.1.0.20260615141334-2cb4d02dcb17`	High risk	66	2026-06-16
`v2.2.6`	High risk	66	2026-06-13
`v2.3.3`	High risk	66	2026-06-13
`v2.3.3-0.20260612175222-96e1330f72b7`	High risk	66	2026-06-13
`v2.3.3-0.20260609220137-5ba104c12e2e`	High risk	66	2026-06-13
`v2.4.0-alpha.1.0.20260612011525-febc045a6d8c`	High risk	66	2026-06-13
`v2.4.0-alpha.1.0.20260612010412-28661f922f9f`	High risk	66	2026-06-13
`v2.4.0-alpha.1.0.20260611200448-15605735b8c1`	High risk	66	2026-06-12
`v2.4.0-alpha.1.0.20260611232705-aecb36470502`	High risk	66	2026-06-12
`v2.4.0-alpha.1.0.20260609015558-eeef0fb5e18d`	High risk	66	2026-06-12
`v2.4.0-alpha.1.0.20260611175610-e79b67c1d91a`	High risk	66	2026-06-12
`v2.4.0-alpha.1.0.20260611011926-04f708fbf909`	High risk	66	2026-06-12
`v2.4.0-alpha.1.0.20260609185639-d43d508d7f82`	High risk	66	2026-06-11
`v2.2.6-0.20260605185637-c44f6b6512d3`	High risk	66	2026-06-06
`v2.3.0-rc.1.0.20260605200842-6517af711610`	High risk	66	2026-06-06
`v2.3.0-rc.1.0.20260605190420-2e12323a918b`	High risk	66	2026-06-06
`v2.3.0-rc.1.0.20260605153317-b50b0084fbbd`	High risk	66	2026-06-06
`v2.2.5`	High risk	66	2026-06-05
`v2.3.0-rc.1.0.20260604204709-db7e3a917920`	High risk	66	2026-06-05
`v2.3.0-rc.1.0.20260604201820-3a8e6c8e03c0`	High risk	66	2026-06-05
`v2.3.0-rc.1.0.20260604190842-b5f8df370fa2`	High risk	66	2026-06-05
`v2.3.0-rc.1.0.20260604184650-34937344a29f`	High risk	66	2026-06-05
`v2.3.0-rc.1.0.20260604173345-5c74aba18285`	High risk	66	2026-06-05
`v2.3.0-rc.1.0.20260604183304-a57215ab6cbf`	High risk	66	2026-06-05
`v2.3.2`	High risk	66	2026-06-05
`v2.3.2-0.20260604154200-3dd44612a967`	High risk	66	2026-06-05
`v2.3.0-rc.1.0.20260604142359-57324af0a2fa`	High risk	66	2026-06-05
`v2.3.0-rc.1.0.20260604140232-96403169afb6`	High risk	66	2026-06-05
`v2.3.0-rc.1.0.20260604113419-caf10aa05a0c`	High risk	66	2026-06-05
`v2.3.0-rc.1.0.20260604133003-e48a44e50a71`	High risk	66	2026-06-05
`v2.3.0-rc.1.0.20260603171924-71625f9a0890`	High risk	66	2026-06-05
`v2.3.0-rc.1.0.20260604012950-7aef62c832c5`	High risk	66	2026-06-05
`v2.3.0-rc.1.0.20260601161505-6b047a776610`	High risk	66	2026-06-02

Block this in CI

PkgRadar gates github.com/kgateway-dev/kgateway/v2 (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/kgateway-dev/kgateway/[email protected]

Start free — 25 scans / mo View full evidence