npm · registry.npmjs.org
create-lve
Credential File Packaged: package/template-react/.env
Why PkgRadar flagged 0.4.20
| Severity | Signal | Evidence |
|---|---|---|
| high | Credential File Packaged | package/template-react/.env · package/template-react/.env |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
0.4.31 | Low risk | 0 | 2026-06-12 |
0.4.20 | High risk | 24 | 2026-06-10 |
0.4.19 | High risk | 24 | 2026-06-10 |
0.4.30 | Low risk | 0 | 2026-06-04 |
0.4.29 | Low risk | 0 | 2026-06-04 |
0.4.28 | Low risk | 0 | 2026-06-04 |
0.4.27 | Low risk | 0 | 2026-06-03 |
0.4.26 | Low risk | 0 | 2026-06-03 |
0.4.25 | Low risk | 0 | 2026-06-02 |
0.4.24 | Low risk | 0 | 2026-06-02 |
0.4.23 | Low risk | 0 | 2026-06-02 |
0.4.22 | Low risk | 0 | 2026-06-02 |
0.4.21 | Low risk | 0 | 2026-06-01 |
0.4.17 | Review | 12 | 2026-05-28 |
0.4.18 | Review | 12 | 2026-05-28 |
Block this in CI
pkgradar gate --ecosystem npm [email protected]