PkgRadar

PyPI · pypi.org

morphql

Remote Payload: matched "github.com/quickjs-ng/quickjs/releases/download"

Why PkgRadar flagged 0.1.45

SeveritySignalEvidence
mediumRemote Payloadmatched "github.com/quickjs-ng/quickjs/releases/download" · morphql-0.1.45/src/morphql/morphql.py

Scanned versions

VersionVerdictScoreScanned (UTC)
0.1.45Review122026-05-26
0.1.44Review122026-05-26

Block this in CI

PkgRadar gates morphql (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi morphql==0.1.45
Start free — 25 scans / moView full evidence