Go modules · proxy.golang.org
tangled.org/core
Remote Payload: matched "CURL "
Why PkgRadar flagged v0.0.0-20260612103734-ff6d47cfb983
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "CURL " · tangled.org/[email protected]/appview/config/config.go |
| medium | Remote Payload | matched "cURL " · tangled.org/[email protected]/appview/repo/archive.go |
| medium | Remote Payload | matched "cUrl " · tangled.org/[email protected]/idresolver/resolver.go |
| medium | Remote Payload | matched "cUrl " · tangled.org/[email protected]/knotmirror/config/config.go |
| medium | Remote Payload | matched "cUrl " · tangled.org/[email protected]/knotserver/config/config.go |
| medium | Remote Payload | matched "cUrl " · tangled.org/[email protected]/knotserver/repodid/repodid.go |
| medium | Remote Payload | matched "cUrl " · tangled.org/[email protected]/spindle/config/config.go |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v0.0.0-20260612103734-ff6d47cfb983 | High risk | 84 | 2026-06-13 |
v1.0.3-alpha.0.20250405114757-c2e3b7a7a14f | Low risk | 0 | 2026-05-30 |
v1.14.1-alpha.0.20260528232853-0ce6a113ba34 | Review | 84 | 2026-05-30 |
Block this in CI
pkgradar gate --ecosystem go tangled.org/[email protected]