PkgRadar

Go modules · proxy.golang.org

github.com/realm/swiftlint

Remote Payload: matched "github.com/bazelbuild/rules_apple/releases/download"

Why PkgRadar flagged v0.0.0-20260527212056-5525b43e371e

SeveritySignalEvidence
mediumRemote Payloadmatched "github.com/bazelbuild/rules_apple/releases/download" · github.com/realm/[email protected]/tools/generate-release-notes.sh

Scanned versions

VersionVerdictScoreScanned (UTC)
v0.0.0-20260609093224-2b8db54e21eeLow risk02026-06-10
v0.0.0-20260608183902-16f6aed946d8Low risk02026-06-09
v0.0.0-20260606094613-307568d5646cLow risk02026-06-07
v0.0.0-20260605184206-affa4fb89557Low risk02026-06-06
v0.0.0-20260531165344-b9fb1e21287dLow risk02026-06-01
v0.0.0-20260528221229-8f5bcbf48512Low risk02026-05-30
v0.0.0-20260527212056-5525b43e371eReview122026-05-29

Block this in CI

PkgRadar gates github.com/realm/swiftlint (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/realm/[email protected]
Start free — 25 scans / moView full evidence