npm · registry.npmjs.org

@chiranjib-infosys/repro-oidc-setup-node

Ci Workflow Secret Harvesting: workflow references CI/cloud credential harvesting surfaces

Why PkgRadar flagged 0.0.50

Severity	Signal	Evidence
high	Ci Workflow Secret Harvesting	workflow references CI/cloud credential harvesting surfaces · package/.github/workflows/publish2.yml

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`0.0.50`	Review	19	2026-05-26
`0.0.49`	Review	69	2026-05-25
`0.0.47`	Review	150	2026-05-25
`0.0.48`	Review	145	2026-05-25

Block this in CI

PkgRadar gates @chiranjib-infosys/repro-oidc-setup-node (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @chiranjib-infosys/[email protected]