npm · registry.npmjs.org
multi-signature
Remote Dependency Spec: dependencies.varint="github:vandeurenglenn/varint"
Why PkgRadar flagged 1.3.1
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Dependency Spec | dependencies.varint="github:vandeurenglenn/varint" · package.json |
| medium | Dependency Changed To Remote Vs Previous | dependencies.varint changed to remote spec in 1.3.1 vs 1.3.0: "github:vandeurenglenn/varint" · package.json |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
1.3.1 | Review | 24 | 2026-06-03 |
1.4.0 | Review | 12 | 2026-05-24 |
Block this in CI
pkgradar gate --ecosystem npm [email protected]