Go modules · proxy.golang.org
github.com/meigma/yacd
Remote Payload: matched "github.com/k3d-io/k3d/releases/download"
Why PkgRadar flagged v0.2.1
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "github.com/k3d-io/k3d/releases/download" · github.com/meigma/[email protected]/cli/internal/toolbin/ghrelease/pin.go |
| medium | Remote Payload | matched "raw.githubusercontent.com" · github.com/meigma/[email protected]/internal/cardano/publicpins/publicpins.go |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v0.2.1 | Review | 24 | 2026-06-06 |
v0.2.0 | Review | 24 | 2026-06-05 |
v0.1.1 | Review | 12 | 2026-06-03 |
v0.1.0 | Review | 12 | 2026-06-03 |
v0.0.0-20260531053708-dbaa88683660 | Review | 12 | 2026-06-01 |
Block this in CI
pkgradar gate --ecosystem go github.com/meigma/[email protected]