npm · registry.npmjs.org

@sassoftware/cra-template-viya-app-quickstart

Credential File Packaged: package/template/.env

Why PkgRadar flagged 3.2.64

Severity	Signal	Evidence
high	Credential File Packaged	package/template/.env · package/template/.env

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`3.2.64`	High risk	17	2026-06-10
`3.2.65`	High risk	17	2026-06-10
`3.2.66`	High risk	17	2026-06-10
`3.3.0`	High risk	17	2026-06-10

Block this in CI

PkgRadar gates @sassoftware/cra-template-viya-app-quickstart (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @sassoftware/[email protected]