Maven · repo1.maven.org
com.github.eirslett:frontend-plugin-core
Java Process Spawn: Runtime.exec / ProcessBuilder — process spawning.
Why PkgRadar flagged 2.0.1
| Severity | Signal | Evidence |
|---|---|---|
| medium | Java Process Spawn | Runtime.exec / ProcessBuilder — process spawning. · com/github/eirslett/maven/plugins/frontend/lib/ArchiveExtractor.java |
| medium | Remote Payload | matched "github.com/yarnpkg/yarn/releases/download" · com/github/eirslett/maven/plugins/frontend/lib/YarnInstaller.java |
| medium | Remote Payload | matched "github.com/oven-sh/bun/releases/download" · com/github/eirslett/maven/plugins/frontend/lib/BunInstaller.java |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
2.0.1 | Review | 19 | 2026-06-12 |
Block this in CI
pkgradar gate --ecosystem maven com.github.eirslett:[email protected]