npm · registry.npmjs.org

azdo-cli

Credential file access: matched ".azure"

Why PkgRadar flagged 0.5.0-019-fix-pr-command.324

Severity	Signal	Evidence
high	Credential file access	matched ".azure" · package/dist/index.js

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`0.5.0-024-azdo-pipeline.405`	Low risk	0	2026-06-03
`0.5.0-024-azdo-pipeline.407`	Low risk	0	2026-06-03
`0.5.0-022-version-update-check.384`	Low risk	0	2026-06-03
`0.10.0-develop.386`	Low risk	0	2026-06-03
`0.5.0-022-version-update-check.378`	Low risk	0	2026-06-01
`0.5.0-022-version-update-check.379`	Low risk	0	2026-06-01
`0.5.0-021-download-markdown-images.371`	Low risk	0	2026-06-01
`0.10.0-develop.373`	Low risk	0	2026-06-01
`0.5.0-021-download-markdown-images.367`	Low risk	0	2026-06-01
`0.5.0-021-download-markdown-images.365`	Low risk	0	2026-06-01
`0.10.0-develop.348`	Low risk	0	2026-06-01
`0.5.0-019-fix-pr-command.346`	Low risk	0	2026-06-01
`0.5.0-019-fix-pr-command.342`	Low risk	0	2026-05-29
`0.5.0-019-fix-pr-command.344`	Low risk	0	2026-05-29
`0.5.0-020-auth-docs-sync.326`	Low risk	0	2026-05-29
`0.5.0-020-auth-docs-sync.327`	Low risk	0	2026-05-29
`0.5.0-020-auth-docs-sync.325`	Low risk	0	2026-05-29
`0.5.0-019-fix-pr-command.324`	Review	30	2026-05-24
`0.5.0-019-fix-pr-command.323`	Review	30	2026-05-24

Block this in CI

PkgRadar gates azdo-cli (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm [email protected]