PkgRadar

npm · registry.npmjs.org

@monogatari/core

Remote Dependency Spec: dependencies.random-js="https://github.com/Monogatari/random-js"

Why PkgRadar flagged 2.8.0

SeveritySignalEvidence
highRemote Dependency Specdependencies.random-js="https://github.com/Monogatari/random-js" · package.json
highNew Remote Dependency Vs Previousdependencies.random-js added in 2.8.0 vs 2.6.0: "https://github.com/Monogatari/random-js" · package.json

Scanned versions

VersionVerdictScoreScanned (UTC)
2.0.0Low risk02026-06-17
2.0.2Low risk02026-06-17
2.6.0Low risk02026-06-17
2.8.0High risk242026-06-17

Block this in CI

PkgRadar gates @monogatari/core (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @monogatari/[email protected]
Start free — 25 scans / moView full evidence