npm · registry.npmjs.org
@stdlib/stdlib
Remote Dependency Spec: devDependencies.gh-pages="git+https://github.com/Planeshifter/gh-pages.git#main"
Why PkgRadar flagged 0.4.0
| Severity | Signal | Evidence |
|---|---|---|
| high | New Lifecycle Script Vs Previous | postinstall added in 0.4.0 vs 0.3.2: "tools/scripts/apply_patches" · package.json |
| medium | Remote Dependency Spec | devDependencies.gh-pages="git+https://github.com/Planeshifter/gh-pages.git#main" · package.json |
| medium | Remote Dependency Spec | devDependencies.tap-min="git+https://github.com/Planeshifter/tap-min.git" · package.json |
| medium | Remote Dependency Spec | devDependencies.tape="git+https://github.com/kgryte/tape.git#fix/globby" · package.json |
| medium | Remote Dependency Spec | devDependencies.typedoc="git+https://github.com/kgryte/typedoc.git#0.16.11-patch" · package.json |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
0.4.1 | Review | 11 | 2026-06-06 |
0.3.2 | Review | 9 | 2026-06-06 |
0.4.0 | High risk | 77 | 2026-06-06 |
Block this in CI
pkgradar gate --ecosystem npm @stdlib/[email protected]