PkgRadar

Go modules · proxy.golang.org

github.com/kukichalang/kukicha

Remote Payload: matched "github.com/%s/releases/download"

Why PkgRadar flagged v0.49.1-0.20260605225045-8015a2b8ed99

SeveritySignalEvidence
mediumRemote Payloadmatched "github.com/%s/releases/download" · github.com/kukichalang/[email protected]/cmd/genmanifest/main.go
mediumRemote Payloadmatched "github.com/kukichalang/kukicha/releases/download" · github.com/kukichalang/[email protected]/internal/toolchain/install.go

Scanned versions

VersionVerdictScoreScanned (UTC)
v0.49.1-0.20260605225045-8015a2b8ed99Review242026-06-06
v0.49.0Review242026-06-06
v0.48.5Review242026-06-06
v0.48.5-0.20260605015853-d7027ab3f6fbReview242026-06-06
v0.48.4Review242026-06-06
v0.48.4-0.20260604222439-71d55562e998Review242026-06-05
v0.48.3Review242026-06-05
v0.48.3-0.20260603190013-f25ee5bc94a3Review242026-06-04
v0.48.2Review242026-06-04
v0.48.2-0.20260603020556-3e27eb1fb76bReview242026-06-04
v0.48.1Review242026-06-04
v0.48.1-0.20260602011656-c1edb864a08eReview242026-06-03
v0.48.0Review242026-06-03
v0.26.3-0.20260601021911-df41aae801d8Review242026-06-02
v0.26.2Review242026-06-02
v0.26.1Review242026-06-02
v0.26.1-0.20260601005007-2ce3360eb2acReview242026-06-02
v0.26.0Review242026-06-02
v0.25.4-0.20260531014200-f4da11dbf3c6Review242026-06-01
v0.25.3Review242026-06-01
v0.25.3-0.20260530134226-103da9ee29baReview242026-05-31
v0.25.2Review242026-05-31
v0.23.1-0.20260528113528-d0d71e05fb74Review242026-05-30
v0.23.0Review242026-05-30
v0.25.0Review242026-05-29
v0.24.1-0.20260528171146-60fd55902aebReview242026-05-29
v0.24.0Review242026-05-29

Block this in CI

PkgRadar gates github.com/kukichalang/kukicha (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/kukichalang/[email protected]
Start free — 25 scans / moView full evidence