npm · registry.npmjs.org

@lordbex/thelounge

Remote Dependency Spec: dependencies.irc-framework="https://codeload.github.com/kiwiirc/irc-framework/tar.gz/9578e59a1056499e4a03a0f0fd2c260e9aadc541"

Why PkgRadar flagged 4.8.5

Severity	Signal	Evidence
high	Remote Dependency Spec	dependencies.irc-framework="https://codeload.github.com/kiwiirc/irc-framework/tar.gz/9578e59a1056499e4a03a0f0fd2c260e9aadc541" · package.json
high	Dependency Changed To Remote Vs Previous	dependencies.irc-framework changed to remote spec in 4.8.5 vs 4.8.1: "https://codeload.github.com/kiwiirc/irc-framework/tar.gz/9578e59a1056499e4a03a0f0fd2c260e9aadc541" · package.json

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`4.8.1`	Review	24	2026-06-17
`4.8.5`	High risk	24	2026-06-17
`4.8.6`	Review	3	2026-06-17
`4.8.7-pre`	Review	3	2026-06-17

Block this in CI

PkgRadar gates @lordbex/thelounge (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @lordbex/[email protected]

Start free — 25 scans / mo View full evidence