npm · registry.npmjs.org
@6thbridge/utils
Remote Dependency Spec: dependencies.xlsx="https://cdn.sheetjs.com/xlsx-0.20.3/xlsx-0.20.3.tgz"
Why PkgRadar flagged 1.3.0
| Severity | Signal | Evidence |
|---|---|---|
| high | Remote Dependency Spec | dependencies.xlsx="https://cdn.sheetjs.com/xlsx-0.20.3/xlsx-0.20.3.tgz" · package.json |
| high | Dependency Changed To Remote Vs Previous | dependencies.xlsx changed to remote spec in 1.3.0 vs 1.2.1: "https://cdn.sheetjs.com/xlsx-0.20.3/xlsx-0.20.3.tgz" · package.json |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
1.3.0 | High risk | 24 | 2026-06-15 |
1.5.1 | High risk | 6 | 2026-06-15 |
1.5.0 | High risk | 6 | 2026-06-10 |
1.4.0 | High risk | 6 | 2026-06-10 |
Related campaigns
- remote_dependency_spec:dependencies.xlsx="https://cdn.sheetjs.com/xlsx-0.20.3/xlsx-0.20.3.tgz" — 501 releases, max score 52
Block this in CI
pkgradar gate --ecosystem npm @6thbridge/[email protected]