Go modules · proxy.golang.org
github.com/molior-dbs/aptly
Go Generate Shell: //go:generate directive shells out to curl/wget/bash — runs during `go generate`.
Why PkgRadar flagged v1.6.2-molior6
| Severity | Signal | Evidence |
|---|---|---|
| medium | Go Generate Shell | //go:generate directive shells out to curl/wget/bash — runs during `go generate`. · github.com/molior-dbs/[email protected]/main.go |
| medium | Remote Payload | matched "wget " · github.com/molior-dbs/[email protected]/pgp/gnupg.go |
| medium | Remote Payload | matched "wget " · github.com/molior-dbs/[email protected]/pgp/internal.go |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v1.6.2-molior6 | Review | 39 | 2026-06-15 |
v1.6.2-molior7 | Review | 39 | 2026-06-15 |
v1.6.2-molior8 | Review | 39 | 2026-06-15 |
v1.6.2-molior4 | Review | 39 | 2026-06-15 |
v1.6.2-molior5 | Review | 39 | 2026-06-15 |
v1.6.2-molior9 | Review | 39 | 2026-06-15 |
v1.6.2-molior2 | Review | 39 | 2026-06-15 |
v1.6.2-molior3 | Review | 39 | 2026-06-15 |
v1.6.2-molior1 | Review | 39 | 2026-06-15 |
Block this in CI
pkgradar gate --ecosystem go github.com/molior-dbs/[email protected]