npm · registry.npmjs.org
@bigcommerce/stencil-cli
Credential file access: matched ".npmrc"
Why PkgRadar flagged 1.15.6
| Severity | Signal | Evidence |
|---|---|---|
| medium | Credential file access | matched ".npmrc" · package/nvm/versions/node/v10.12.0/lib/node_modules/npm/lib/config/core.js |
| medium | Credential file access | matched ".npmrc" · package/nvm/versions/node/v10.12.0/lib/node_modules/npm/lib/config/defaults.js |
| medium | Credential file access | matched ".npmrc" · package/nvm/versions/node/v10.12.0/lib/node_modules/npm/node_modules/global-dirs/index.js |
| medium | Credential file access | matched ".npmrc" · package/nvm/versions/node/v6.14.4/lib/node_modules/npm/lib/config/core.js |
| medium | Credential file access | matched ".npmrc" · package/nvm/versions/node/v6.14.4/lib/node_modules/npm/lib/config/defaults.js |
| medium | Credential file access | matched ".npmrc" · package/nvm/versions/node/v8.12.0/lib/node_modules/npm/lib/config/core.js |
| medium | Credential file access | matched ".npmrc" · package/nvm/versions/node/v8.12.0/lib/node_modules/npm/lib/config/defaults.js |
| medium | Credential file access | matched ".npmrc" · package/nvm/versions/node/v8.12.0/lib/node_modules/npm/node_modules/global-dirs/index.js |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
3.0.0 | Low risk | 0 | 2026-06-17 |
2.1.0 | Low risk | 0 | 2026-06-17 |
8.10.5 | Low risk | 0 | 2026-06-17 |
9.0.0 | Low risk | 0 | 2026-06-17 |
9.0.2 | Low risk | 0 | 2026-06-17 |
1.15.6 | Review | 18 | 2026-06-17 |
9.0.1 | Low risk | 0 | 2026-06-17 |
Block this in CI
pkgradar gate --ecosystem npm @bigcommerce/[email protected]