Go modules · proxy.golang.org
gitlab.com/gitlab-org/gitlab-runner
Remote Payload: matched "curl "
Why PkgRadar flagged v1.11.1-0.20260615220639-03c0aa4ba487
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "curl " · gitlab.com/gitlab-org/[email protected]/helpers/featureflags/flags.go |
| medium | Go Mod Replace Local | go.mod replace directive redirects to a local filesystem path — non-portable / dev-time only. · gitlab.com/gitlab-org/[email protected]/go.mod |
| medium | Credential file access | matched "id_rsa" · gitlab.com/gitlab-org/[email protected]/helpers/ssh/stub_ssh_server.go |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v1.11.1-0.20260615220639-03c0aa4ba487 | Review | 52 | 2026-06-17 |
v0.1.2-0.20260615220639-03c0aa4ba487 | Review | 52 | 2026-06-17 |
v1.11.1-0.20260522234853-d4bac16c639c | Review | 52 | 2026-06-16 |
v0.0.0-20240321193611-81ab07f6dd8c | Review | 42 | 2026-06-16 |
v0.0.0-20250521220057-4d7093e1e4eb | Review | 47 | 2026-06-06 |
v1.11.1-0.20260604183138-7e5ad683e1dd | Review | 52 | 2026-06-06 |
v1.11.1-0.20260602205936-16877607f353 | Review | 52 | 2026-06-05 |
v1.11.1-0.20260529162059-c2831b75a3ff | Review | 52 | 2026-06-05 |
v0.1.2-0.20260529175111-85eaabbeb760 | Review | 52 | 2026-05-31 |
v1.11.1-0.20260529175111-85eaabbeb760 | Review | 52 | 2026-05-31 |
v0.0.0-20260529162059-c2831b75a3ff | Review | 52 | 2026-05-31 |
v0.1.2-0.20260527221907-de0dc8cd21ce | Review | 52 | 2026-05-30 |
v0.0.0-20260522234853-d4bac16c639c | Review | 52 | 2026-05-30 |
Block this in CI
pkgradar gate --ecosystem go gitlab.com/gitlab-org/[email protected]