npm · registry.npmjs.org

@miradorlabs/nodejs-sdk

Remote Dependency Spec: dependencies.mirador-gateway-ingest="https://storage.googleapis.com/mirador-shd-packages/gateway/ingest/nodejs/mirador-gateway-ingest-1.0.10.tgz"

Why PkgRadar flagged 2.2.0

Severity	Signal	Evidence
high	Remote Dependency Spec	dependencies.mirador-gateway-ingest="https://storage.googleapis.com/mirador-shd-packages/gateway/ingest/nodejs/mirador-gateway-ingest-1.0.10.tgz" · package.json
high	Dependency Changed To Remote Vs Previous	dependencies.mirador-gateway-ingest changed to remote spec in 2.2.0 vs 2.1.2: "https://storage.googleapis.com/mirador-shd-packages/gateway/ingest/nodejs/mirador-gateway-ingest-1.0.10.tgz" · package.json

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`2.2.0`	High risk	24	2026-06-13
`2.3.0`	High risk	24	2026-06-10
`2.1.2`	Review	12	2026-05-29

Block this in CI

PkgRadar gates @miradorlabs/nodejs-sdk (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @miradorlabs/[email protected]

Start free — 25 scans / mo View full evidence