npm · registry.npmjs.org
qqlib-node-boleto
Remote Dependency Spec: devDependencies.moment="https://github.com/pagarme/moment/archive/0.0.5.tar.gz"
Why PkgRadar flagged 1.0.79
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Dependency Spec | devDependencies.moment="https://github.com/pagarme/moment/archive/0.0.5.tar.gz" · package.json |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
1.0.79 | Review | 8 | 2026-06-12 |
1.0.78 | Review | 8 | 2026-06-12 |
1.0.76 | Review | 8 | 2026-06-03 |
1.0.74 | Review | 8 | 2026-06-03 |
1.0.75 | Review | 8 | 2026-06-03 |
1.0.47 | Review | 8 | 2026-06-03 |
1.0.48 | Review | 8 | 2026-06-03 |
1.0.41 | Review | 8 | 2026-05-29 |
1.0.42 | Review | 8 | 2026-05-29 |
1.0.37 | Review | 8 | 2026-05-29 |
1.0.36 | Review | 8 | 2026-05-29 |
1.0.22 | Review | 8 | 2026-05-29 |
1.0.21 | Review | 8 | 2026-05-29 |
Block this in CI
pkgradar gate --ecosystem npm [email protected]