npm · registry.npmjs.org
@async/db
Remote Dependency Spec: dependencies.@async/json="https://github.com/async/json/releases/download/v0.1.0/async-json-0.1.0.tgz"
Why PkgRadar flagged 0.9.0
| Severity | Signal | Evidence |
|---|---|---|
| high | Remote Dependency Spec | dependencies.@async/json="https://github.com/async/json/releases/download/v0.1.0/async-json-0.1.0.tgz" · package.json |
| high | New Remote Dependency Vs Previous | dependencies.@async/json added in 0.9.0 vs 0.8.0: "https://github.com/async/json/releases/download/v0.1.0/async-json-0.1.0.tgz" · package.json |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
0.11.0 | Low risk | 0 | 2026-06-15 |
0.10.0 | Low risk | 0 | 2026-06-15 |
0.9.0 | High risk | 24 | 2026-06-15 |
0.8.0 | Low risk | 0 | 2026-06-14 |
0.6.0 | Low risk | 0 | 2026-06-10 |
0.5.1 | Low risk | 0 | 2026-06-07 |
0.5.0 | Low risk | 0 | 2026-06-07 |
0.4.2 | Low risk | 0 | 2026-06-07 |
0.4.1 | Low risk | 0 | 2026-06-07 |
0.4.0 | Low risk | 0 | 2026-06-04 |
0.2.0 | Low risk | 0 | 2026-06-01 |
0.2.1 | Low risk | 0 | 2026-06-01 |
Block this in CI
pkgradar gate --ecosystem npm @async/[email protected]