PkgRadar

npm · registry.npmjs.org

@pareto-engineering/label-studio

Remote Dependency Spec: devDependencies.@heartexlabs/eslint-plugin-frontend="https://github.com/heartexlabs/eslint-plugin-frontend.git"

Why PkgRadar flagged 1.5.4

SeveritySignalEvidence
mediumRemote Dependency SpecdevDependencies.@heartexlabs/eslint-plugin-frontend="https://github.com/heartexlabs/eslint-plugin-frontend.git" · package.json

Scanned versions

VersionVerdictScoreScanned (UTC)
1.5.4Review52026-06-17
1.5.5Review52026-06-17
1.5.6Review52026-06-17
1.5.7Review52026-06-17

Block this in CI

PkgRadar gates @pareto-engineering/label-studio (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @pareto-engineering/[email protected]
Start free — 25 scans / moView full evidence