PkgRadar

npm · registry.npmjs.org

@dataform/cli

Known Indicator Filename: package/bundle.js

Why PkgRadar flagged 3.0.58

SeveritySignalEvidence
highKnown Indicator Filenamepackage/bundle.js · package/bundle.js

Scanned versions

VersionVerdictScoreScanned (UTC)
3.0.59Low risk02026-06-02
3.0.56Low risk02026-05-30
3.0.57Low risk02026-05-30
3.0.58Review132026-05-26

Block this in CI

PkgRadar gates @dataform/cli (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @dataform/[email protected]
Start free — 25 scans / moView full evidence