Go modules · proxy.golang.org
github.com/rClone/rclone
Go Generate Shell: //go:generate directive shells out to curl/wget/bash — runs during `go generate`.
Why PkgRadar flagged v1.74.1-0.20260530165849-74436281edab
| Severity | Signal | Evidence |
|---|---|---|
| medium | Go Generate Shell | //go:generate directive shells out to curl/wget/bash — runs during `go generate`. · github.com/rclone/[email protected]/vfs/vfs.go |
| medium | Remote Payload | matched "cURL " · github.com/rclone/[email protected]/backend/azurefiles/azurefiles.go |
| medium | Remote Payload | matched "cURL " · github.com/rclone/[email protected]/backend/ulozto/api/types.go |
| medium | Remote Payload | matched "cURL " · github.com/rclone/[email protected]/backend/yandex/api/types.go |
| medium | Remote Payload | matched "cURL " · github.com/rclone/[email protected]/backend/yandex/yandex.go |
| medium | Remote Payload | matched "cURL " · github.com/rclone/[email protected]/cmd/gui/gui.go |
| medium | Remote Payload | matched "Curl\n" · github.com/rclone/[email protected]/fs/dump.go |
| medium | Remote Payload | matched "cURL\n\t" · github.com/rclone/[email protected]/lib/http/context.go |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v1.74.1-0.20260530165849-74436281edab | High risk | 119 | 2026-05-31 |
v1.74.1 | High risk | 119 | 2026-05-31 |
v1.74.2 | High risk | 119 | 2026-05-31 |
Block this in CI
pkgradar gate --ecosystem go github.com/rClone/[email protected]