PkgRadar

Go modules · proxy.golang.org

github.com/microsoft/go-infra

Remote Payload: matched "github.com/brechtsanders/winlibs_mingw/releases/download"

Why PkgRadar flagged v0.0.15-0.20260612144113-838dee72b447

SeveritySignalEvidence
mediumRemote Payloadmatched "github.com/brechtsanders/winlibs_mingw/releases/download" · github.com/microsoft/[email protected]/cmd/getmingw/main.go
mediumRemote Payloadmatched "cURL " · github.com/microsoft/[email protected]/cmd/releasego/repo-release.go
mediumRemote Payloadmatched "cURL " · github.com/microsoft/[email protected]/cmd/releasego/update-azure-linux.go
mediumRemote Payloadmatched "api.github.com/graphql" · github.com/microsoft/[email protected]/gitpr/gitpr.go
mediumRemote Payloadmatched "github.com/microsoft/go/releases/download" · github.com/microsoft/[email protected]/internal/azurelinux/azurelinux.go

Scanned versions

VersionVerdictScoreScanned (UTC)
v0.0.15-0.20260612144113-838dee72b447High risk602026-06-13
v0.0.15-0.20260612140757-70acb19cde0aHigh risk602026-06-13
v0.0.15-0.20260612132752-81a6731f9e3bHigh risk602026-06-13
v0.0.15-0.20260612131723-8a69be69b6cbHigh risk602026-06-13
v0.0.15-0.20260612130139-6cff696e7f40High risk602026-06-13
v0.0.15-0.20260612113822-5930ff0b9943High risk602026-06-13
v0.0.0-20260612113822-5930ff0b9943High risk602026-06-13
v0.0.0-20260606063114-c59b6c979b5aHigh risk602026-06-07
v0.0.15-0.20260604045852-465a348f048aHigh risk602026-06-05
v0.0.15-0.20260602184722-bdf01f79fcd7High risk602026-06-04
v0.0.0-20260602184722-bdf01f79fcd7High risk602026-06-04
v0.0.0-20260602085253-dd76e59ca303High risk602026-06-03

Block this in CI

PkgRadar gates github.com/microsoft/go-infra (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/microsoft/[email protected]
Start free — 25 scans / moView full evidence