npm · registry.npmjs.org

@kamino-finance/klend-sdk

Remote Dependency Spec: devDependencies.anchor-client-gen="git+https://github.com/kklas/anchor-client-gen.git#03a3273a10b804a41878e71cdae1b7d6257aa347"

Why PkgRadar flagged 8.1.0-beta.4

Severity	Signal	Evidence
medium	Remote Dependency Spec	devDependencies.anchor-client-gen="git+https://github.com/kklas/anchor-client-gen.git#03a3273a10b804a41878e71cdae1b7d6257aa347" · package.json

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`8.1.0-beta.4`	Review	2	2026-06-12
`8.1.0-beta.3`	Review	2	2026-06-11
`8.1.0-beta.2`	Review	2	2026-06-04
`8.1.0-beta.1`	Review	2	2026-06-02
`8.1.0-beta.0`	Review	2	2026-06-02
`8.0.1`	Review	2	2026-05-28
`8.0.2`	Review	2	2026-05-28

Block this in CI

PkgRadar gates @kamino-finance/klend-sdk (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @kamino-finance/[email protected]

Start free — 25 scans / mo View full evidence