PkgRadar

Go modules · proxy.golang.org

github.com/silverbulletmd/silverbullet

Remote Payload: matched "github.com/silverbulletmd/silverbullet/releases/download"

Why PkgRadar flagged v0.0.0-20260611204953-970000f440f4

SeveritySignalEvidence
mediumRemote Payloadmatched "github.com/silverbulletmd/silverbullet/releases/download" · github.com/silverbulletmd/[email protected]/cli/upgrade.go
mediumRemote Payloadmatched "github.com/silverbulletmd/silverbullet/releases/download" · github.com/silverbulletmd/[email protected]/server/cmd/upgrade.go

Scanned versions

VersionVerdictScoreScanned (UTC)
v0.0.0-20260611204953-970000f440f4Review242026-06-12
v0.0.0-20260609151016-b7d690905e42Review242026-06-10
v0.0.0-20260602081331-d23b75174a46Review242026-06-03
v0.0.0-20260601142406-0a1e1354cdd4Review242026-06-02
v0.0.0-20260531194851-f58a7053f0e0Review242026-06-02
v0.0.0-20260531091610-7316c1bdd2fcReview242026-06-01
v0.0.0-20260528072758-00f5133cb3e1Review242026-05-30
v0.0.0-20260528063541-d2a0e8252aafReview242026-05-30
v0.0.0-20260529132423-5b5e2b0af30bReview242026-05-30
v0.0.0-20260528143438-595c569246f0Review242026-05-29

Block this in CI

PkgRadar gates github.com/silverbulletmd/silverbullet (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/silverbulletmd/[email protected]
Start free — 25 scans / moView full evidence
github.com/silverbulletmd/silverbullet — Go modules security scan | PkgRadar