Go modules · proxy.golang.org
github.com/tmc/cove
Remote Payload, Go Mod Replace Local, Credential file access
Why PkgRadar flagged v0.0.0-20260419213138-eebc8096b46e
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | — |
| medium | Remote Payload | — |
| medium | Remote Payload | — |
| medium | Remote Payload | — |
| medium | Go Mod Replace Local | — |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v0.0.0-20260419213138-eebc8096b46e | Review | 39 | 2026-07-01 |
v0.1.1 | Review | 39 | 2026-07-01 |
v0.0.0-20260628230138-427221af52d5 | Review | 44 | 2026-07-01 |
v0.6.0 | Review | 29 | 2026-07-01 |
Block this in CI
pkgradar gate --ecosystem go github.com/tmc/[email protected]