PkgRadar

npm · registry.npmjs.org

@commercelayer/sdk

Known Indicator Filename: package/lib/bundle.js

Why PkgRadar flagged 8.0.0-beta.4

SeveritySignalEvidence
highKnown Indicator Filenamepackage/lib/bundle.js · package/lib/bundle.js

Scanned versions

VersionVerdictScoreScanned (UTC)
8.0.0-beta.6Low risk02026-05-28
8.0.0-beta.4Review132026-05-25
8.0.0-beta.5Review132026-05-25

Block this in CI

PkgRadar gates @commercelayer/sdk (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @commercelayer/[email protected]
Start free — 25 scans / moView full evidence