PkgRadar

npm · registry.npmjs.org

@decaf-ts/for-couchdb

Credential File Packaged: package/docker/.env

Why PkgRadar flagged 0.13.0

SeveritySignalEvidence
highCredential File Packagedpackage/docker/.env · package/docker/.env
mediumRemote Payloadmatched "curl " · package/docker/init-cluster.sh

Scanned versions

VersionVerdictScoreScanned (UTC)
0.13.0High risk232026-06-04
0.14.0High risk232026-06-04

Block this in CI

PkgRadar gates @decaf-ts/for-couchdb (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @decaf-ts/[email protected]
Start free — 25 scans / moView full evidence