PkgRadar

npm · registry.npmjs.org

@ton-community/tlb-codegen

Remote Dependency Spec: devDependencies.@ton/toolchain="github:the-ton-tech/toolchain#v1.4.0"

Why PkgRadar flagged 2.0.0-beta.2

SeveritySignalEvidence
mediumRemote Dependency SpecdevDependencies.@ton/toolchain="github:the-ton-tech/toolchain#v1.4.0" · package.json
mediumNew Remote Dependency Vs PreviousdevDependencies.@ton/toolchain added in 2.0.0-beta.2 vs 2.0.0-beta.1: "github:the-ton-tech/toolchain#v1.4.0" · package.json

Scanned versions

VersionVerdictScoreScanned (UTC)
2.0.0-beta.2Review162026-06-03
2.0.0-beta.3Review82026-05-28

Block this in CI

PkgRadar gates @ton-community/tlb-codegen (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @ton-community/[email protected]
Start free — 25 scans / moView full evidence