PyPI · pypi.org

e2a

Remote Payload: matched "cURL "

Why PkgRadar flagged 2.5.0

Severity	Signal	Evidence
medium	Remote Payload	matched "cURL " · e2a-2.5.0/src/e2a/v1/generated/__init__.py
medium	Remote Payload	matched "cURL " · e2a-2.5.0/src/e2a/v1/generated/_internal.py

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`2.5.0`	Review	24	2026-05-27

Block this in CI

PkgRadar gates e2a (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi e2a==2.5.0