npm · registry.npmjs.org
@project-fmps/sunbird-sdk
Remote Dependency Spec: dependencies.cordova-zip-plugin="https://github.com/Sunbird-Ed/jjdltc-cordova-plugin-zip.git"
Why PkgRadar flagged 1.0.2
| Severity | Signal | Evidence |
|---|---|---|
| high | Remote Dependency Spec | dependencies.cordova-zip-plugin="https://github.com/Sunbird-Ed/jjdltc-cordova-plugin-zip.git" · package.json |
| high | New Remote Dependency Vs Previous | dependencies.cordova-zip-plugin added in 1.0.2 vs 1.0.1: "https://github.com/Sunbird-Ed/jjdltc-cordova-plugin-zip.git" · package.json |
| medium | Remote Dependency Spec | devDependencies.cordova-plugin-android-downloadmanager="git+https://github.com/Sunbird-Ed/sb-cordova-plugin-downloadmanager.git" · package.json |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
1.0.0 | Review | 8 | 2026-06-10 |
1.0.1 | Review | 8 | 2026-06-10 |
1.0.2 | High risk | 32 | 2026-06-10 |
Block this in CI
pkgradar gate --ecosystem npm @project-fmps/[email protected]