Go modules · proxy.golang.org
github.com/wtzhang23/istio
Go Generate Shell: //go:generate directive shells out to curl/wget/bash — runs during `go generate`.
Why PkgRadar flagged v0.0.0-20250821002347-f155a2ffcbb0
| Severity | Signal | Evidence |
|---|---|---|
| medium | Go Generate Shell | //go:generate directive shells out to curl/wget/bash — runs during `go generate`. · github.com/wtzhang23/[email protected]/pkg/config/xds/filter_types.go |
| medium | Remote Payload | matched "curl " · github.com/wtzhang23/[email protected]/istioctl/pkg/proxyconfig/proxyconfig.go |
| medium | Remote Payload | matched "curl " · github.com/wtzhang23/[email protected]/istioctl/pkg/ztunnelconfig/ztunnelconfig.go |
| medium | Remote Payload | matched "cURL " · github.com/wtzhang23/[email protected]/pkg/config/analysis/diag/message.go |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v0.0.0-20250821002347-f155a2ffcbb0 | High risk | 51 | 2026-06-14 |
v0.0.0-20251114170857-768daf0dac9b | High risk | 51 | 2026-06-14 |
Block this in CI
pkgradar gate --ecosystem go github.com/wtzhang23/[email protected]