PkgRadar

Maven · repo1.maven.org

io.perfecto:quantum

Java Process Spawn: Runtime.exec / ProcessBuilder — process spawning.

Why PkgRadar flagged 3.2.4

SeveritySignalEvidence
mediumJava Process SpawnRuntime.exec / ProcessBuilder — process spawning. · com/qmetry/qaf/automation/core/ConfigurationManager.java
mediumJava Static Init Side EffectStatic-initializer block contains process/network/reflection — runs on first class load (contributory signal). · com/qmetry/qaf/automation/ui/UiDriverFactory.java
mediumJava Static Init Side EffectStatic-initializer block contains process/network/reflection — runs on first class load (contributory signal). · com/quantum/axe/AxeHelper.java

Scanned versions

VersionVerdictScoreScanned (UTC)
3.2.4Review392026-06-17

Block this in CI

PkgRadar gates io.perfecto:quantum (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem maven io.perfecto:[email protected]
Start free — 25 scans / moView full evidence