PkgRadar

npm · registry.npmjs.org

directus

Credential file access: matched ".npmrc"

Why PkgRadar flagged 0.1.0-preview.7

SeveritySignalEvidence
mediumCredential file accessmatched ".npmrc" · package/dist/knex-schema-inspector/node_modules/global-prefix/index.js

Scanned versions

VersionVerdictScoreScanned (UTC)
0.1.0-preview.7Review32026-06-10
0.1.0-preview.1Review32026-06-10
0.1.0-preview.8Review32026-06-10
12.0.0Low risk02026-06-10
12.0.0-rc.2Low risk02026-06-05
11.17.4Low risk02026-05-29
12.0.0-rc.1Low risk02026-05-29

Block this in CI

PkgRadar gates directus (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm [email protected]
Start free — 25 scans / moView full evidence
directus — npm security scan | PkgRadar