Go modules · proxy.golang.org
github.com/replicate/cog
Remote Payload: matched "curl "
Why PkgRadar flagged v0.0.0-20260608190801-e3064125abc7
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "curl " · github.com/replicate/[email protected]/pkg/cli/serve.go |
| medium | Remote Payload | matched "github.com/replicate/cog/releases/download" · github.com/replicate/[email protected]/tools/test-harness/internal/resolver/resolver.go |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v0.0.0-20260608190801-e3064125abc7 | Review | 24 | 2026-06-11 |
v0.21.0-rc.3 | Review | 24 | 2026-06-06 |
v0.0.0-20260529161546-bba08daa1494 | Review | 24 | 2026-05-31 |
v0.21.0-rc.1 | Review | 24 | 2026-05-30 |
Block this in CI
pkgradar gate --ecosystem go github.com/replicate/[email protected]