npm · registry.npmjs.org

@wix/pro-gallery

Remote Dependency Spec: devDependencies.@wix/sdk="https://cdn.dev.wixpress.com/@wix/sdk/02e8069ab2fd783e0e6a080fc7d590e76cb26ab93c8389574286305b.tar.gz"

Why PkgRadar flagged 1.0.34

Severity	Signal	Evidence
medium	Remote Dependency Spec	devDependencies.@wix/sdk="https://cdn.dev.wixpress.com/@wix/sdk/02e8069ab2fd783e0e6a080fc7d590e76cb26ab93c8389574286305b.tar.gz" · package.json
medium	New Remote Dependency Vs Previous	devDependencies.@wix/sdk added in 1.0.34 vs 1.0.33: "https://cdn.dev.wixpress.com/@wix/sdk/02e8069ab2fd783e0e6a080fc7d590e76cb26ab93c8389574286305b.tar.gz" · package.json

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`1.0.107`	Low risk	0	2026-06-10
`1.0.33`	Low risk	0	2026-06-10
`1.0.34`	Review	16	2026-06-10
`1.0.110`	Low risk	0	2026-06-10
`1.0.108`	Low risk	0	2026-05-28
`1.0.109`	Low risk	0	2026-05-28

Block this in CI

PkgRadar gates @wix/pro-gallery (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @wix/[email protected]

Start free — 25 scans / mo View full evidence