PkgRadar

npm · registry.npmjs.org

@duetds/components

Credential File Packaged: package/hydrate/tests/.npmrc

Why PkgRadar flagged 4.9.2

SeveritySignalEvidence
highCredential File Packagedpackage/hydrate/tests/.npmrc · package/hydrate/tests/.npmrc

Scanned versions

VersionVerdictScoreScanned (UTC)
4.9.2Review102026-06-10
10.2.1Low risk02026-06-10
4.10.1Review102026-06-10
4.9.4Review102026-06-10
10.2.0Low risk02026-06-04
10.1.0Review62026-05-28
10.1.1Review62026-05-28

Block this in CI

PkgRadar gates @duetds/components (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @duetds/[email protected]
Start free — 25 scans / moView full evidence
@duetds/components — npm security scan | PkgRadar