PkgRadar

npm · registry.npmjs.org

@shopify/plugin-cloudflare

Remote Payload: matched "github.com/cloudflare/cloudflared/releases/download"

Why PkgRadar flagged 0.0.0-nightly-20260525073851

SeveritySignalEvidence
mediumRemote Payloadmatched "github.com/cloudflare/cloudflared/releases/download" · package/dist/install-cloudflared.js

Scanned versions

VersionVerdictScoreScanned (UTC)
4.2.0Low risk02026-06-16
0.0.0-nightly-20260616161348Low risk02026-06-16
0.0.0-snapshot-20260616121718Low risk02026-06-16
0.0.0-nightly-20260616120653Low risk02026-06-16
0.0.0-snapshot-20260616085935Low risk02026-06-16
0.0.0-nightly-20260616100622Low risk02026-06-16
0.0.0-nightly-20260616080201Low risk02026-06-16
0.0.0-nightly-20260615080516Low risk02026-06-16
0.0.0-nightly-20260614074005Low risk02026-06-15
0.0.0-nightly-20260613072234Low risk02026-06-13
0.0.0-snapshot-20260612141153Low risk02026-06-13
0.0.0-nightly-20260612093548Low risk02026-06-12
0.0.0-nightly-20260612074146Low risk02026-06-12
0.0.0-nightly-20260611074553Low risk02026-06-11
0.0.0-snapshot-20260611111520Low risk02026-06-11
0.0.0-snapshot-20260610101222Low risk02026-06-10
0.0.0-experimental-20240308104538Low risk02026-06-10
0.0.0-experimental-20240308111455Low risk02026-06-10
0.0.0-experimental-20240308110932Low risk02026-06-10
0.0.0-nightly-20260610073327Low risk02026-06-10
0.0.0-snapshot-20260609162508Low risk02026-06-09
0.0.0-snapshot-20260609114645Low risk02026-06-09
0.0.0-nightly-20260609071852Low risk02026-06-09
0.0.0-nightly-20260608074734Low risk02026-06-08
0.0.0-snapshot-20260608100421Low risk02026-06-08
0.0.0-nightly-20260607072749Low risk02026-06-07
0.0.0-nightly-20260606070824Low risk02026-06-06
0.0.0-snapshot-20260605172558Low risk02026-06-05
0.0.0-snapshot-20260605131911Low risk02026-06-05
0.0.0-nightly-20260605073403Low risk02026-06-05
0.0.0-snapshot-20260604135418Low risk02026-06-04
0.0.0-snapshot-20260604092612Low risk02026-06-04
0.0.0-nightly-20260604074230Low risk02026-06-04
0.0.0-snapshot-20260603134319Low risk02026-06-03
0.0.0-snapshot-20260603122041Low risk02026-06-03
0.0.0-nightly-20260603074628Low risk02026-06-03
0.0.0-snapshot-20260602104654Low risk02026-06-02
0.0.0-nightly-20260602074323Low risk02026-06-02
0.0.0-nightly-20260601075121Low risk02026-06-01
0.0.0-nightly-20260531072224Low risk02026-05-31
0.0.0-nightly-20260530070427Low risk02026-05-30
0.0.0-snapshot-20260529202055Low risk02026-05-29
0.0.0-snapshot-20260529205834Low risk02026-05-29
0.0.0-snapshot-20260529125211Low risk02026-05-29
0.0.0-snapshot-20260529134635Low risk02026-05-29
0.0.0-snapshot-20260529094324Low risk02026-05-29
0.0.0-snapshot-20260529095708Low risk02026-05-29
0.0.0-nightly-20260529072502Low risk02026-05-29
0.0.0-snapshot-20260528213307Low risk02026-05-29
0.0.0-snapshot-20260528143009Low risk02026-05-28
0.0.0-snapshot-20260528113027Low risk02026-05-28
0.0.0-nightly-20260528072525Low risk02026-05-28
0.0.0-nightly-20260527143603Low risk02026-05-27
4.1.0Low risk02026-05-27
0.0.0-snapshot-20260526094552Low risk02026-05-26
0.0.0-nightly-20260526071712Low risk02026-05-26
0.0.0-snapshot-20260525120835Low risk02026-05-25
0.0.0-nightly-20260525073851Review122026-05-25
0.0.0-nightly-20260523065831Review122026-05-24
0.0.0-nightly-20260524071012Review122026-05-24

Block this in CI

PkgRadar gates @shopify/plugin-cloudflare (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @shopify/[email protected]
Start free — 25 scans / moView full evidence