PkgRadar

PyPI · pypi.org

z4j

Credential file access: matched ".azure\\"

Why PkgRadar flagged 1.6.8

SeveritySignalEvidence
highCredential file accessmatched ".azure\\" · z4j-1.6.8/backend/src/z4j_brain/observability/sentry.py

Scanned versions

VersionVerdictScoreScanned (UTC)
1.6.8High risk452026-06-08
1.6.7High risk452026-06-08
1.6.6High risk452026-06-07
1.6.5High risk452026-05-30

Block this in CI

PkgRadar gates z4j (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi z4j==1.6.8
Start free — 25 scans / moView full evidence