npm · registry.npmjs.org

babel-plugin-polyfill-custom

Remote Dependency Spec: devDependencies.@3846masa/configs="github:3846masa/configs#d47780f05642fb481d61f6789507c4b2561a25bf"

Why PkgRadar flagged 2.0.58

Severity	Signal	Evidence
medium	Remote Dependency Spec	devDependencies.@3846masa/configs="github:3846masa/configs#d47780f05642fb481d61f6789507c4b2561a25bf" · package.json
medium	Dependency Changed To Remote Vs Previous	devDependencies.@3846masa/configs changed to remote spec in 2.0.58 vs 2.0.57: "github:3846masa/configs#d47780f05642fb481d61f6789507c4b2561a25bf" · package.json

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`2.0.58`	Review	16	2026-06-13
`2.0.57`	Review	16	2026-06-08
`2.0.56`	Review	16	2026-06-03
`2.0.55`	Review	16	2026-06-03
`2.0.54`	Review	2	2026-05-25

Block this in CI

PkgRadar gates babel-plugin-polyfill-custom (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm [email protected]