npm · registry.npmjs.org
@bonlineza/b-lib
Remote Dependency Spec: dependencies.react-dates="https://github.com/bonlineza/react-dates#v16.0.1-showBeforeTodayDifferently-lib"
Why PkgRadar flagged 1.0.3
| Severity | Signal | Evidence |
|---|---|---|
| high | Remote Dependency Spec | dependencies.react-dates="https://github.com/bonlineza/react-dates#v16.0.1-showBeforeTodayDifferently-lib" · package.json |
| high | Remote Dependency Spec | dependencies.react-pdf-js="https://github.com/robguy21/react-pdf-js#v4.1.0" · package.json |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
1.0.3 | High risk | 12 | 2026-06-15 |
3.2.1 | High risk | 12 | 2026-06-15 |
3.2.2 | High risk | 12 | 2026-06-15 |
4.0.0 | High risk | 6 | 2026-06-15 |
4.0.1 | High risk | 6 | 2026-06-15 |
Block this in CI
pkgradar gate --ecosystem npm @bonlineza/[email protected]