PyPI · pypi.org

testit-python-commons

Remote Payload: matched "github.com/testit-tms/sync-storage-public/releases/download"

Why PkgRadar flagged 4.2.4

Severity	Signal	Evidence
medium	Remote Payload	matched "github.com/testit-tms/sync-storage-public/releases/download" · testit_python_commons-4.2.4/src/testit_python_commons/services/sync_storage/sync_storage_runner.py

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`4.2.8.post570`	Low risk	0	2026-06-16
`4.2.8`	Low risk	0	2026-06-16
`4.2.7.post570`	Low risk	0	2026-06-11
`4.2.6.post570`	Low risk	0	2026-06-11
`4.2.6`	Low risk	0	2026-06-11
`4.2.6rc2`	Low risk	0	2026-06-11
`4.2.5`	Low risk	0	2026-05-29
`4.2.5.post570`	Low risk	0	2026-05-29
`4.2.4`	Review	6	2026-05-27
`4.2.4.post570`	Review	6	2026-05-27

Block this in CI

PkgRadar gates testit-python-commons (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi testit-python-commons==4.2.4