PkgRadar

npm · registry.npmjs.org

@bigcommerce/stencil-paper

Remote Dependency Spec: devDependencies.semantic-release-github-pullrequest="https://github.com/jairo-bc/semantic-release-github-pullrequest"

Why PkgRadar flagged 5.3.0

SeveritySignalEvidence
mediumRemote Dependency SpecdevDependencies.semantic-release-github-pullrequest="https://github.com/jairo-bc/semantic-release-github-pullrequest" · package.json

Scanned versions

VersionVerdictScoreScanned (UTC)
2.0.16Low risk02026-06-11
5.3.0Review22026-06-11
5.4.0Review22026-06-11
5.4.1Review22026-06-11
5.4.2Review22026-06-11

Block this in CI

PkgRadar gates @bigcommerce/stencil-paper (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @bigcommerce/[email protected]
Start free — 25 scans / moView full evidence