npm · registry.npmjs.org
remsg
Remote Dependency Spec: devDependencies.@changesets/changelog-github="https://pkg.pr.new/changesets/changesets/@changesets/changelog-github@bd27256"
Why PkgRadar flagged 2.0.0
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Dependency Spec | devDependencies.@changesets/changelog-github="https://pkg.pr.new/changesets/changesets/@changesets/changelog-github@bd27256" · package.json |
| medium | Remote Dependency Spec | devDependencies.@changesets/cli="https://pkg.pr.new/changesets/changesets/@changesets/cli@bd27256" · package.json |
| medium | Dependency Changed To Remote Vs Previous | devDependencies.@changesets/changelog-github changed to remote spec in 2.0.0 vs 1.2.1: "https://pkg.pr.new/changesets/changesets/@changesets/changelog-github@bd27256" · package.json |
| medium | Dependency Changed To Remote Vs Previous | devDependencies.@changesets/cli changed to remote spec in 2.0.0 vs 1.2.1: "https://pkg.pr.new/changesets/changesets/@changesets/cli@bd27256" · package.json |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
2.0.0 | High risk | 164 | 2026-06-03 |
2.0.1 | Review | 44 | 2026-05-27 |
Related campaigns
- https://pkg.pr.new/changesets/changesets/@changesets/cli@bd27256 — 2 releases, max score 100
- 43010cfe83f290afd5b2898f02e48fb0162717168a61d2d9445b6c8ea95c2e9c — 2 releases, max score 100
- https://pkg.pr.new/changesets/changesets/@changesets/changelog-github@bd27256 — 2 releases, max score 32
- d97bd447ec58643cece5490c2b3e89ca1b80289104df20f6b68f6edee6bd92b4 — 2 releases, max score 32
Block this in CI
pkgradar gate --ecosystem npm [email protected]