npm · registry.npmjs.org

@requestnetwork/smart-contracts

Remote Dependency Spec: dependencies.commerce-payments="git+https://github.com/base/commerce-payments.git#v1.0.0"

Why PkgRadar flagged 0.53.1-next.ba2344ff.0

Severity	Signal	Evidence
medium	Remote Dependency Spec	dependencies.commerce-payments="git+https://github.com/base/commerce-payments.git#v1.0.0" · package.json

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`0.53.1-next.f220532d.0`	Low risk	0	2026-06-08
`0.53.1-next.ba2344ff.0`	Review	3	2026-06-05
`0.53.1-next.ada584b1.0`	Review	3	2026-06-05
`0.53.0`	Review	3	2026-06-03
`0.52.1-next.053cae94.0`	Review	3	2026-05-28
`0.52.0`	Review	6	2026-05-25
`0.51.0`	Review	24	2026-05-24
`0.51.1-next.2d9d2486.0`	Review	24	2026-05-24

Block this in CI

PkgRadar gates @requestnetwork/smart-contracts (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @requestnetwork/[email protected]