PkgRadar

npm · registry.npmjs.org

@pipeline-builder/pipeline-data

Credential file access: matched ".AWS"

Why PkgRadar flagged 3.4.42

SeveritySignalEvidence
highCredential file accessmatched ".AWS" · package/lib/database/postgres-connection.js

Scanned versions

VersionVerdictScoreScanned (UTC)
3.4.74Low risk02026-06-13
3.4.73Low risk02026-06-12
3.4.72Low risk02026-06-11
3.4.71Low risk02026-06-11
3.4.70Low risk02026-06-10
3.4.68Low risk02026-06-10
3.4.69Low risk02026-06-10
3.4.67Low risk02026-06-10
3.4.66Low risk02026-06-10
3.4.65Low risk02026-06-10
3.4.64Low risk02026-06-08
3.4.63Low risk02026-06-08
3.4.62Low risk02026-06-08
3.4.61Low risk02026-06-07
3.4.60Low risk02026-06-07
3.4.59Low risk02026-06-02
3.4.58Low risk02026-06-01
3.4.57Low risk02026-06-01
3.4.56Low risk02026-06-01
3.4.55Low risk02026-05-29
3.4.42Review302026-05-24
3.4.41Review302026-05-24
3.4.40Review302026-05-24
3.4.39Review302026-05-24
3.4.38Review302026-05-24

Block this in CI

PkgRadar gates @pipeline-builder/pipeline-data (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @pipeline-builder/[email protected]
Start free — 25 scans / moView full evidence