PkgRadar

npm · registry.npmjs.org

liftie

Credential file access: matched ".azure"

Why PkgRadar flagged 4.3.3

SeveritySignalEvidence
highCredential file accessmatched ".azure" · package/lib/resorts/big-sky/resort.json
highCredential file accessmatched ".azure" · package/lib/resorts/brighton/resort.json
highCredential file accessmatched ".azure" · package/lib/resorts/loon/resort.json
highCredential file accessmatched ".azure" · package/lib/resorts/pleasant-mountain/resort.json
highCredential file accessmatched ".azure" · package/lib/resorts/sugarloaf/resort.json
highCredential file accessmatched ".azure" · package/lib/resorts/sunday-river/resort.json
mediumRemote Payloadmatched "curl " · package/lib/cli/fetch.js
mediumRemote Payloadmatched "curl " · package/lib/cli/generate.js

Scanned versions

VersionVerdictScoreScanned (UTC)
4.3.3Review742026-05-24
4.3.4Review742026-05-24

Block this in CI

PkgRadar gates liftie (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm [email protected]
Start free — 25 scans / moView full evidence