PkgRadar

npm · registry.npmjs.org

@constructive-io/graphql-codegen

Remote Payload: matched "raw.githubusercontent.com"

Why PkgRadar flagged 4.45.0

SeveritySignalEvidence
mediumRemote Payloadmatched "raw.githubusercontent.com" · package/core/codegen/docs-utils.js
mediumRemote Payloadmatched "raw.githubusercontent.com" · package/esm/core/codegen/docs-utils.js

Scanned versions

VersionVerdictScoreScanned (UTC)
4.47.8Low risk02026-06-12
4.47.7Low risk02026-06-11
4.47.6Low risk02026-06-07
4.47.5Low risk02026-06-06
4.47.4Low risk02026-06-06
4.47.3Low risk02026-06-05
4.47.2Low risk02026-06-01
4.47.1Low risk02026-06-01
4.47.0Low risk02026-05-31
4.46.1Low risk02026-05-31
4.46.0Low risk02026-05-30
4.45.3Low risk02026-05-29
4.45.2Low risk02026-05-29
4.45.0Review242026-05-24
4.45.1Review242026-05-24

Block this in CI

PkgRadar gates @constructive-io/graphql-codegen (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @constructive-io/[email protected]
Start free — 25 scans / moView full evidence