PkgRadar

npm · registry.npmjs.org

@instructure/canvas-rce-old

Remote Dependency Spec: dependencies.scroll-into-view="https://github.com/bkirkby/scroll-into-view.git#588b0ced98eeecf84e6fb2074aa076e80b7cffab"

Why PkgRadar flagged 4.1.2

SeveritySignalEvidence
highRemote Dependency Specdependencies.scroll-into-view="https://github.com/bkirkby/scroll-into-view.git#588b0ced98eeecf84e6fb2074aa076e80b7cffab" · package.json

Scanned versions

VersionVerdictScoreScanned (UTC)
4.1.2High risk122026-06-10
4.1.3High risk122026-06-10
4.1.4Review122026-05-29
4.1.5Review122026-05-29

Block this in CI

PkgRadar gates @instructure/canvas-rce-old (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @instructure/[email protected]
Start free — 25 scans / moView full evidence