PkgRadar

npm · registry.npmjs.org

@yrpri/api

Remote Dependency Spec: dependencies.bunyan-prettystream="git+https://github.com/rbjarnason/node-bunyan-prettystream.git"

Why PkgRadar flagged 9.0.237

SeveritySignalEvidence
mediumRemote Dependency Specdependencies.bunyan-prettystream="git+https://github.com/rbjarnason/node-bunyan-prettystream.git" · package.json
mediumRemote Dependency Specdependencies.express-session="git+https://github.com/rbjarnason/session.git#upgrade-21" · package.json
mediumRemote Dependency Specdependencies.passport-openidconnect="git+https://github.com/rbjarnason/passport-openidconnect.git" · package.json
mediumRemote Dependency Specdependencies.passport-sso="github:rbjarnason/passport-sso#a3f8aa7523fd72eb2221db72eb72a81bf1a7c148" · package.json

Scanned versions

VersionVerdictScoreScanned (UTC)
9.0.237Review542026-06-11
9.0.240Review542026-06-11
9.0.238Review542026-05-28
9.0.239Review542026-05-28

Block this in CI

PkgRadar gates @yrpri/api (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @yrpri/[email protected]
Start free — 25 scans / moView full evidence