Go modules · proxy.golang.org

goforge.dev/rune/v3

Credential file access

Why PkgRadar flagged v3.328.41

Severity	Signal	Evidence
medium	Credential file access	goforge.dev/rune/[email protected]/infra/apply.go

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`v3.328.41`	Review	10	2026-06-24
`v3.290.1`	Low risk	0	2026-06-22
`v3.290.0`	Low risk	0	2026-06-22
`v3.289.0`	Low risk	0	2026-06-22
`v3.72.0`	Low risk	0	2026-06-21
`v3.110.0`	Low risk	0	2026-06-21
`v3.157.0`	Low risk	0	2026-06-21
`v3.233.0`	Low risk	0	2026-06-21
`v3.170.0`	Low risk	0	2026-06-21
`v3.57.0`	Low risk	0	2026-06-21
`v3.190.0`	Low risk	0	2026-06-21
`v3.111.0`	Low risk	0	2026-06-21
`v3.52.0`	Low risk	0	2026-06-21
`v3.278.0`	Low risk	0	2026-06-21
`v3.220.0`	Low risk	0	2026-06-21
`v3.286.0`	Low risk	0	2026-06-21
`v3.165.0`	Low risk	0	2026-06-21
`v3.259.0`	Low risk	0	2026-06-21
`v3.98.0`	Low risk	0	2026-06-21
`v3.241.0`	Low risk	0	2026-06-21
`v3.134.0`	Low risk	0	2026-06-21
`v3.78.0`	Low risk	0	2026-06-21
`v3.39.0`	Low risk	0	2026-06-21
`v3.205.0`	Low risk	0	2026-06-21
`v3.245.0`	Low risk	0	2026-06-21
`v3.194.0`	Low risk	0	2026-06-21
`v3.45.0`	Low risk	0	2026-06-21
`v3.177.0`	Low risk	0	2026-06-21
`v3.191.0`	Low risk	0	2026-06-21
`v3.153.0`	Low risk	0	2026-06-21
`v3.132.0`	Low risk	0	2026-06-21
`v3.139.0`	Low risk	0	2026-06-21
`v3.275.1`	Low risk	0	2026-06-21
`v3.106.0`	Low risk	0	2026-06-21
`v3.253.0`	Low risk	0	2026-06-21
`v3.277.1`	Low risk	0	2026-06-21
`v3.33.0`	Low risk	0	2026-06-21
`v3.88.0`	Low risk	0	2026-06-21
`v3.184.0`	Low risk	0	2026-06-21
`v3.192.0`	Low risk	0	2026-06-21
`v3.195.0`	Low risk	0	2026-06-21
`v3.208.0`	Low risk	0	2026-06-21
`v3.66.0`	Low risk	0	2026-06-21
`v3.218.0`	Low risk	0	2026-06-21
`v3.48.0`	Low risk	0	2026-06-21
`v3.168.0`	Low risk	0	2026-06-21
`v3.252.0`	Low risk	0	2026-06-21
`v3.103.0`	Low risk	0	2026-06-21
`v3.261.0`	Low risk	0	2026-06-21
`v3.256.0`	Low risk	0	2026-06-21
`v3.188.0`	Low risk	0	2026-06-21
`v3.171.0`	Low risk	0	2026-06-21
`v3.187.0`	Low risk	0	2026-06-21
`v3.255.0`	Low risk	0	2026-06-21
`v3.138.0`	Low risk	0	2026-06-21
`v3.216.0`	Low risk	0	2026-06-21
`v3.146.0`	Low risk	0	2026-06-21
`v3.239.0`	Low risk	0	2026-06-21
`v3.200.1`	Low risk	0	2026-06-21
`v3.31.1`	Low risk	0	2026-06-21
`v3.235.0`	Low risk	0	2026-06-21
`v3.142.0`	Low risk	0	2026-06-21
`v3.260.0`	Low risk	0	2026-06-21
`v3.180.0`	Low risk	0	2026-06-21
`v3.149.0`	Low risk	0	2026-06-21
`v3.225.0`	Low risk	0	2026-06-21
`v3.79.0`	Low risk	0	2026-06-21
`v3.86.0`	Low risk	0	2026-06-21
`v3.119.0`	Low risk	0	2026-06-21
`v3.202.0`	Low risk	0	2026-06-21
`v3.285.1`	Low risk	0	2026-06-21
`v3.232.0`	Low risk	0	2026-06-21
`v3.277.0`	Low risk	0	2026-06-21
`v3.249.0`	Low risk	0	2026-06-21
`v3.275.0`	Low risk	0	2026-06-21
`v3.230.0`	Low risk	0	2026-06-21
`v3.244.0`	Low risk	0	2026-06-21
`v3.176.0`	Low risk	0	2026-06-21
`v3.107.0`	Low risk	0	2026-06-21
`v3.55.0`	Low risk	0	2026-06-21
`v3.123.0`	Low risk	0	2026-06-21
`v3.116.0`	Low risk	0	2026-06-21
`v3.164.0`	Low risk	0	2026-06-21
`v3.94.0`	Low risk	0	2026-06-21
`v3.197.0`	Low risk	0	2026-06-21
`v3.214.0`	Low risk	0	2026-06-21
`v3.269.0`	Low risk	0	2026-06-21
`v3.111.1`	Low risk	0	2026-06-21
`v3.59.0`	Low risk	0	2026-06-21
`v3.108.0`	Low risk	0	2026-06-21
`v3.63.0`	Low risk	0	2026-06-21
`v3.134.1`	Low risk	0	2026-06-21
`v3.209.0`	Low risk	0	2026-06-21
`v3.122.0`	Low risk	0	2026-06-21
`v3.285.0`	Low risk	0	2026-06-21
`v3.96.0`	Low risk	0	2026-06-21
`v3.43.0`	Low risk	0	2026-06-21
`v3.211.0`	Low risk	0	2026-06-21
`v3.229.0`	Low risk	0	2026-06-21
`v3.84.0`	Low risk	0	2026-06-21
`v3.240.0`	Low risk	0	2026-06-21
`v3.159.0`	Low risk	0	2026-06-21
`v3.193.0`	Low risk	0	2026-06-21
`v3.93.0`	Low risk	0	2026-06-21
`v3.243.0`	Low risk	0	2026-06-21
`v3.238.0`	Low risk	0	2026-06-21
`v3.222.0`	Low risk	0	2026-06-21
`v3.206.0`	Low risk	0	2026-06-21
`v3.212.0`	Low risk	0	2026-06-21
`v3.89.0`	Low risk	0	2026-06-21
`v3.201.0`	Low risk	0	2026-06-21
`v3.178.0`	Low risk	0	2026-06-21
`v3.257.0`	Low risk	0	2026-06-21
`v3.175.0`	Low risk	0	2026-06-21
`v3.44.0`	Low risk	0	2026-06-21
`v3.272.0`	Low risk	0	2026-06-21
`v3.151.0`	Low risk	0	2026-06-21
`v3.91.0`	Low risk	0	2026-06-21
`v3.247.0`	Low risk	0	2026-06-21
`v3.120.0`	Low risk	0	2026-06-21
`v3.267.0`	Low risk	0	2026-06-21
`v3.83.0`	Low risk	0	2026-06-21
`v3.117.0`	Low risk	0	2026-06-21
`v3.258.0`	Low risk	0	2026-06-21
`v3.127.0`	Low risk	0	2026-06-21
`v3.173.0`	Low risk	0	2026-06-21
`v3.226.0`	Low risk	0	2026-06-21
`v3.121.0`	Low risk	0	2026-06-21
`v3.105.0`	Low risk	0	2026-06-21
`v3.263.0`	Low risk	0	2026-06-21
`v3.172.0`	Low risk	0	2026-06-21
`v3.213.0`	Low risk	0	2026-06-21
`v3.65.0`	Low risk	0	2026-06-21
`v3.135.0`	Low risk	0	2026-06-21
`v3.231.0`	Low risk	0	2026-06-21
`v3.285.2`	Low risk	0	2026-06-21
`v3.29.0`	Low risk	0	2026-06-21
`v3.145.0`	Low risk	0	2026-06-21
`v3.27.0`	Low risk	0	2026-06-21
`v3.54.0`	Low risk	0	2026-06-21
`v3.126.0`	Low risk	0	2026-06-21
`v3.279.2`	Low risk	0	2026-06-21
`v3.219.0`	Low risk	0	2026-06-21
`v3.280.0`	Low risk	0	2026-06-21
`v3.158.0`	Low risk	0	2026-06-21
`v3.182.0`	Low risk	0	2026-06-21
`v3.130.0`	Low risk	0	2026-06-21
`v3.40.0`	Low risk	0	2026-06-21
`v3.102.0`	Low risk	0	2026-06-21
`v3.95.0`	Low risk	0	2026-06-21
`v3.198.0`	Low risk	0	2026-06-21
`v3.31.0`	Low risk	0	2026-06-21
`v3.109.0`	Low risk	0	2026-06-21
`v3.287.0`	Low risk	0	2026-06-21
`v3.150.0`	Low risk	0	2026-06-21
`v3.136.0`	Low risk	0	2026-06-21
`v3.223.0`	Low risk	0	2026-06-21
`v3.87.0`	Low risk	0	2026-06-21
`v3.248.0`	Low risk	0	2026-06-21
`v3.53.0`	Low risk	0	2026-06-21
`v3.50.0`	Low risk	0	2026-06-21
`v3.242.0`	Low risk	0	2026-06-21
`v3.204.0`	Low risk	0	2026-06-21
`v3.264.0`	Low risk	0	2026-06-21
`v3.131.0`	Low risk	0	2026-06-21
`v3.281.0`	Low risk	0	2026-06-21
`v3.160.0`	Low risk	0	2026-06-21
`v3.186.0`	Low risk	0	2026-06-21
`v3.26.0`	Low risk	0	2026-06-21
`v3.288.1`	Low risk	0	2026-06-21
`v3.69.0`	Low risk	0	2026-06-21
`v3.73.0`	Low risk	0	2026-06-21
`v3.288.0`	Low risk	0	2026-06-21
`v3.56.0`	Low risk	0	2026-06-21
`v3.287.1`	Low risk	0	2026-06-21
`v3.128.0`	Low risk	0	2026-06-21
`v3.161.0`	Low risk	0	2026-06-21
`v3.265.0`	Low risk	0	2026-06-21
`v3.174.0`	Low risk	0	2026-06-21
`v3.284.0`	Low risk	0	2026-06-21
`v3.283.0`	Low risk	0	2026-06-21
`v3.224.0`	Low risk	0	2026-06-21
`v3.210.0`	Low risk	0	2026-06-21
`v3.282.0`	Low risk	0	2026-06-21
`v3.281.1`	Low risk	0	2026-06-21
`v3.276.0`	Low risk	0	2026-06-21
`v3.279.0`	Low risk	0	2026-06-21
`v3.76.0`	Low risk	0	2026-06-21
`v3.227.0`	Low risk	0	2026-06-21
`v3.203.0`	Low risk	0	2026-06-21
`v3.251.0`	Low risk	0	2026-06-21
`v3.274.0`	Low risk	0	2026-06-21
`v3.273.0`	Low risk	0	2026-06-21
`v3.148.0`	Low risk	0	2026-06-21
`v3.268.0`	Low risk	0	2026-06-21
`v3.266.0`	Low risk	0	2026-06-21
`v3.41.0`	Low risk	0	2026-06-21
`v3.262.0`	Low risk	0	2026-06-21
`v3.51.0`	Low risk	0	2026-06-21
`v3.254.0`	Low risk	0	2026-06-21

Block this in CI

PkgRadar gates goforge.dev/rune/v3 (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go goforge.dev/rune/[email protected]

Start free — 25 scans / mo View full evidence