npm · registry.npmjs.org
@shopify/ui-extensions
Remote Dependency Spec: devDependencies.@shopify/generate-docs="https://registry.npmjs.org/@shopify/generate-docs/-/generate-docs-1.1.0.tgz"
Why PkgRadar flagged 2026.4.0
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Dependency Spec | devDependencies.@shopify/generate-docs="https://registry.npmjs.org/@shopify/generate-docs/-/generate-docs-1.1.0.tgz" · package.json |
| medium | Dependency Changed To Remote Vs Previous | devDependencies.@shopify/generate-docs changed to remote spec in 2026.4.0 vs 2026.4.0-rc.3: "https://registry.npmjs.org/@shopify/generate-docs/-/generate-docs-1.1.0.tgz" · package.json |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
0.0.0-snapshot-20260611190756 | Low risk | 0 | 2026-06-11 |
0.0.0-snapshot-20250827133940 | Low risk | 0 | 2026-06-10 |
0.0.0-snapshot-20250827174740 | Low risk | 0 | 2026-06-10 |
0.0.0-snapshot-20250827122629 | Low risk | 0 | 2026-06-10 |
2026.4.0 | Review | 16 | 2026-06-10 |
2026.7.0-rc.6 | Low risk | 0 | 2026-06-10 |
0.0.0-snapshot-20260608163423 | Low risk | 0 | 2026-06-08 |
0.0.0-snapshot-20260605230548 | Low risk | 0 | 2026-06-05 |
0.0.0-snapshot-20260604193151 | Low risk | 0 | 2026-06-04 |
0.0.0-snapshot-20260528081022 | Low risk | 0 | 2026-05-28 |
2025.10.15 | Low risk | 0 | 2026-05-28 |
2026.1.4 | Low risk | 0 | 2026-05-27 |
2026.4.3 | Low risk | 0 | 2026-05-27 |
0.0.0-snapshot-20260515002710 | Review | 2 | 2026-05-26 |
0.0.0-snapshot-20260526000817 | Low risk | 0 | 2026-05-26 |
Block this in CI
pkgradar gate --ecosystem npm @shopify/[email protected]