npm · registry.npmjs.org

@vivix-ai/ivi-frontend-sdk

Remote Dependency Spec: dependencies.@vivix/ivi-sdk-ts="git+ssh://[email protected]/vinf-2.0/ivi-sdk/ivi-sdk-ts.git#v0.2.5"

Why PkgRadar flagged 0.2.4

Severity	Signal	Evidence
medium	Remote Dependency Spec	dependencies.@vivix/ivi-sdk-ts="git+ssh://[email protected]/vinf-2.0/ivi-sdk/ivi-sdk-ts.git#v0.2.5" · package.json
medium	Dependency Changed To Remote Vs Previous	dependencies.@vivix/ivi-sdk-ts changed to remote spec in 0.2.4 vs 0.2.3: "git+ssh://[email protected]/vinf-2.0/ivi-sdk/ivi-sdk-ts.git#v0.2.5" · package.json

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`0.2.4`	Review	24	2026-06-03
`0.2.5`	Review	12	2026-06-03
`0.3.4`	Low risk	0	2026-05-28
`0.3.5`	Low risk	0	2026-05-28
`0.3.1`	Low risk	0	2026-05-28
`0.3.2`	Low risk	0	2026-05-28
`0.2.2`	Review	12	2026-05-27
`0.2.3`	Low risk	0	2026-05-27

Block this in CI

PkgRadar gates @vivix-ai/ivi-frontend-sdk (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @vivix-ai/[email protected]