PkgRadar

Go modules · proxy.golang.org

mygithub.libinneed.workers.dev/runfinch/finch

Remote Payload: matched "github.com/awslabs/soci-snapshotter/releases/download"

Why PkgRadar flagged v1.9.0

SeveritySignalEvidence
mediumRemote Payloadmatched "github.com/awslabs/soci-snapshotter/releases/download" · mygithub.libinneed.workers.dev/runfinch/[email protected]/pkg/config/lima_config_applier.go

Scanned versions

VersionVerdictScoreScanned (UTC)
v1.9.0Review252026-06-16
v1.14.1Review252026-06-16
v1.7.0Review302026-06-16
v1.8.1Review252026-06-16
v1.10.1Review252026-06-16
v1.13.0Review252026-06-16
v1.2.2Review252026-06-16
v0.1.1Low risk02026-06-16
v1.6.1Review302026-06-16
v1.10.3Review252026-06-16
v1.4.0Review302026-06-16
v1.2.0Review252026-06-16
v0.9.0Review222026-06-16
v0.4.1Low risk02026-06-16
v0.4.0Low risk02026-06-16
v1.11.0Review252026-06-16
v1.10.0Review252026-06-16
v1.7.2Review252026-06-16
v1.1.2Review252026-06-16
v1.1.3Review252026-06-16
v1.15.1Review302026-06-16
v1.4.1Review302026-06-16
v1.5.0Review302026-06-16
v1.7.1Review302026-06-16
v1.3.1Review302026-06-16
v1.1.1Review252026-06-16
v1.4.3Review302026-06-16
v0.5.0Low risk02026-06-16
v0.6.0Low risk02026-06-16
v0.6.2Review52026-06-16
v1.8.2Review252026-06-16
v1.12.0Review252026-06-16
v0.8.0Review222026-06-16
v1.14.0Review252026-06-16
v1.8.3Review252026-06-16
v1.0.0Review222026-06-16
v0.6.1Review52026-06-16
v1.4.2Review302026-06-16
v1.6.0Review302026-06-16
v1.8.0Review252026-06-16
v0.3.0Low risk02026-06-16
v1.2.3Review252026-06-16
v0.7.0Review102026-06-16
v1.17.0Review302026-06-16
v0.2.0Low risk02026-06-16
v1.17.2-0.20260611173854-e2c5d05b3176Review302026-06-16
v1.17.1Review302026-06-16

Block this in CI

PkgRadar gates mygithub.libinneed.workers.dev/runfinch/finch (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go mygithub.libinneed.workers.dev/runfinch/[email protected]
Start free — 25 scans / moView full evidence