PkgRadar

Go modules · proxy.golang.org

github.com/weijia/go-git/v5

Remote Payload: matched "curl "

Why PkgRadar flagged v5.19.1-0.20260615045518-e0f4b2cfd320

SeveritySignalEvidence
mediumRemote Payloadmatched "curl " · github.com/weijia/go-git/[email protected]/blame.go

Scanned versions

VersionVerdictScoreScanned (UTC)
v5.19.1-0.20260615045518-e0f4b2cfd320Review122026-06-16
v5.19.1-0.20260614160940-1515e6eec726Review122026-06-15
v5.12.2-malformedfixReview122026-05-31
v5.16.4Review122026-05-31
v5.10.0Review122026-05-31
v5.0.0Low risk02026-05-31
v5.13.0Review122026-05-31
v5.2.0Low risk02026-05-31
v5.18.0Review122026-05-31
v5.4.1Low risk02026-05-31
v5.1.0Low risk02026-05-31
v5.17.2Review122026-05-31
v5.17.1Review122026-05-31
v5.12.0Review122026-05-31
v5.16.0Review122026-05-31
v5.8.1Review122026-05-31
v5.16.2Review122026-05-31
v5.9.0Review122026-05-31
v5.5.0Low risk02026-05-31
v5.10.1Review122026-05-31
v5.3.0Low risk02026-05-31
v5.4.2Low risk02026-05-31
v5.13.1Review122026-05-31
v5.15.0Review122026-05-31
v5.13.2Review122026-05-31
v5.5.1Low risk02026-05-31
v5.6.1Low risk02026-05-31
v5.5.2Low risk02026-05-31
v5.19.0Review122026-05-31
v5.8.0Review122026-05-31
v5.7.0Low risk02026-05-31
v5.4.0Low risk02026-05-31
v5.16.3Review122026-05-31
v5.6.0Low risk02026-05-31
v5.17.0Review122026-05-31
v5.16.1Review122026-05-31
v5.19.1Review122026-05-31
v5.11.0Review122026-05-31
v5.16.5Review122026-05-31
v5.14.0Review122026-05-31
v5.12.1-malformedfixReview122026-05-31

Block this in CI

PkgRadar gates github.com/weijia/go-git/v5 (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/weijia/go-git/[email protected]
Start free — 25 scans / moView full evidence