PkgRadar

Go modules · proxy.golang.org

gonum.org/v1/gonum

Go Generate Shell: //go:generate directive shells out to curl/wget/bash — runs during `go generate`.

Why PkgRadar flagged v0.0.0-20190210234155-db51563d4e67

SeveritySignalEvidence
mediumGo Generate Shell//go:generate directive shells out to curl/wget/bash — runs during `go generate`. · gonum.org/v1/[email protected]/blas/blas.go
mediumGo Generate Shell//go:generate directive shells out to curl/wget/bash — runs during `go generate`. · gonum.org/v1/[email protected]/blas/gonum/gonum.go
mediumGo Generate Shell//go:generate directive shells out to curl/wget/bash — runs during `go generate`. · gonum.org/v1/[email protected]/graph/formats/dot/dot.go

Scanned versions

VersionVerdictScoreScanned (UTC)
v0.0.0-20190210234155-db51563d4e67Review452026-06-08
v0.0.0-20190720102024-b8a36307b8c1Review452026-06-08
v0.0.0-20190720104257-c1fdadf7eaf7Review452026-06-07
v0.0.0-20181120212739-3b9988339171Review452026-06-07

Block this in CI

PkgRadar gates gonum.org/v1/gonum (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go gonum.org/v1/[email protected]
Start free — 25 scans / moView full evidence