npm · registry.npmjs.org
@cyguin/changelog-adapter-postgres
Manifest Codeless Dependency Stub: package ships no JS/TS source but declares 2 dependency(ies) (1 with loose/empty version specs) — dependency-confusion / install-chain loader shape
Why PkgRadar flagged 0.1.11
| Severity | Signal | Evidence |
|---|---|---|
| high | Manifest Codeless Dependency Stub | package ships no JS/TS source but declares 2 dependency(ies) (1 with loose/empty version specs) — dependency-confusion / install-chain loader shape · package.json |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
0.1.14 | Low risk | 0 | 2026-06-07 |
0.1.13 | Low risk | 0 | 2026-06-07 |
0.1.12 | Low risk | 0 | 2026-06-07 |
0.1.10 | Low risk | 0 | 2026-06-07 |
0.1.11 | High risk | 35 | 2026-06-07 |
Block this in CI
pkgradar gate --ecosystem npm @cyguin/[email protected]