PkgRadar

npm · registry.npmjs.org

@module-federation/observability-plugin

Remote Dependency Spec: dependencies.@openruntime/core="https://pkg.pr.new/2heal1/openruntime/@openruntime/core@a13b382"

Why PkgRadar flagged 0.0.0-feat-operate-openruntime-20260615030101

SeveritySignalEvidence
highRemote Dependency Specdependencies.@openruntime/core="https://pkg.pr.new/2heal1/openruntime/@openruntime/core@a13b382" · package.json
highNew Remote Dependency Vs Previousdependencies.@openruntime/core added in 0.0.0-feat-operate-openruntime-20260615030101 vs 0.0.0-feat-federationdiagnosticerror-20260518053736: "https://pkg.pr.new/2heal1/openruntime/@openruntime/core@a13b382" · package.json

Scanned versions

VersionVerdictScoreScanned (UTC)
0.0.0-feat-mf-ssr-clear-cache-20260617024751Low risk02026-06-17
0.0.0-fix-metro-windows-path-comparisons-20260616022748Low risk02026-06-16
0.0.0-feat-operate-openruntime-20260615030101High risk242026-06-15
2.5.1Low risk02026-06-04
0.0.0-fix-4748-shared-fallback-versions-20260604072020Low risk02026-06-04
2.5.0Low risk02026-05-29
0.0.0-fix-4748-shared-fallback-versions-20260529023626Low risk02026-05-29

Block this in CI

PkgRadar gates @module-federation/observability-plugin (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @module-federation/observability-plugin@0.0.0-feat-operate-openruntime-20260615030101
Start free — 25 scans / moView full evidence