PkgRadar

PyPI · pypi.org

fosslight-util

Remote Payload: matched "wget "

Why PkgRadar flagged 2.1.59

SeveritySignalEvidence
mediumRemote Payloadmatched "wget " · fosslight_util-2.1.59/src/fosslight_util/download.py
mediumRemote Payloadmatched "raw.githubusercontent.com" · fosslight_util-2.1.59/src/fosslight_util/spdx_licenses.py

Scanned versions

VersionVerdictScoreScanned (UTC)
2.1.60Low risk02026-06-09
2.1.59Review82026-05-26

Block this in CI

PkgRadar gates fosslight-util (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi fosslight-util==2.1.59
Start free — 25 scans / moView full evidence