PkgRadar

npm · registry.npmjs.org

faf-cli

Remote Dependency Spec: devDependencies.@faf/specification="github:Wolfe-Jam/faf"

Why PkgRadar flagged 6.8.0

SeveritySignalEvidence
mediumRemote Dependency SpecdevDependencies.@faf/specification="github:Wolfe-Jam/faf" · package.json
mediumNew Remote Dependency Vs PreviousdevDependencies.@faf/specification added in 6.8.0 vs 6.7.1: "github:Wolfe-Jam/faf" · package.json

Scanned versions

VersionVerdictScoreScanned (UTC)
6.8.0Review212026-06-03
6.7.1Low risk02026-05-31

Block this in CI

PkgRadar gates faf-cli (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm [email protected]
Start free — 25 scans / moView full evidence