@514labs/moose-proto
Supply chain provenance
Status for the latest visible version.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| install-scripts | install-script:preinstall | AI (install-scripts): Runs a workspace-local safety check script via relative path; no network access or arbitrary execution. | ai | |
| bogus-package | bogus-package | AI (bogus-package): Monorepo sub-package; missing description/repo/keywords is expected for internal proto packages. | ai | |
| maintainer-change | maintainer-added | AI (maintainer-change): New maintainer luciofranco added alongside CI transition; consistent with legitimate org-level change for established package. | ai | |
| provenance | publisher-changed | AI (provenance): Transition to GitHub Actions CI/CD publisher with SLSA provenance; consistent with automated release pipeline for this established package. | ai | |
| dependencies | unvetted-dep:@bufbuild/buf | AI (dependencies): @bufbuild/buf is the official Buf CLI for protobuf generation — a well-known legitimate tool. This finding is a stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@bufbuild/buf | AI (phantom-deps): @bufbuild/buf is used as a CLI tool in the gen script (not imported as a module). This pattern is expected and stable for this package. | ai | |
| phantom-deps | phantom-dep:rimraf | AI (phantom-deps): rimraf is used as a CLI tool in the gen script (not imported as a module). This pattern is expected and stable for this package. | ai |
Versions (showing 51 of 696)
| Version | Deps | Published |
|---|---|---|
| 0.6.533 | 3 / 2 | |
| 0.6.532 | 3 / 2 | |
| 0.6.531 | 3 / 2 | |
| 0.6.530 | 3 / 2 | |
| 0.6.529 | 3 / 2 | |
| 0.6.528 | 3 / 2 | |
| 0.6.527 | 3 / 2 | |
| 0.6.526 | 3 / 2 | |
| 0.6.525 | 3 / 2 | |
| 0.6.524 | 3 / 2 | |
| 0.6.523 | 3 / 2 | |
| 0.6.522 | 3 / 2 | |
| 0.6.521 | 3 / 2 | |
| 0.6.520 | 3 / 2 | |
| 0.6.519 | 3 / 2 | |
| 0.6.518 | 3 / 2 | |
| 0.6.517 | 3 / 2 | |
| 0.6.516 | 3 / 2 | |
| 0.6.515 | 3 / 2 | |
| 0.6.514 | 3 / 2 | |
| 0.6.513 | 3 / 2 | |
| 0.6.512 | 3 / 2 | |
| 0.6.511 | 3 / 2 | |
| 0.6.510 | 3 / 2 | |
| 0.6.509 | 3 / 2 | |
| 0.6.508 | 3 / 2 | |
| 0.6.507 | 3 / 2 | |
| 0.6.506 | 3 / 2 | |
| 0.6.505 | 3 / 2 | |
| 0.6.504 | 3 / 2 | |
| 0.6.503 | 3 / 2 | |
| 0.6.502 | 3 / 2 | |
| 0.6.501 | 3 / 2 | |
| 0.6.500 | 3 / 2 | |
| 0.6.499 | 3 / 2 | |
| 0.6.498 | 3 / 2 | |
| 0.6.497 | 3 / 2 | |
| 0.6.496 | 3 / 2 | |
| 0.6.495 | 3 / 2 | |
| 0.6.494 | 3 / 2 | |
| 0.6.493 | 3 / 2 | |
| 0.6.492 | 3 / 2 | |
| 0.6.491 | 3 / 2 | |
| 0.6.490 | 3 / 2 | |
| 0.6.489 | 3 / 2 | |
| 0.6.488 | 3 / 2 | |
| 0.6.487 | 3 / 2 | |
| 0.6.486 | 3 / 2 | |
| 0.6.485 | 3 / 2 | |
| 0.6.484 | 3 / 2 | |
| 0.6.483 | 3 / 2 |
v0.6.533
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.532
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.531
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.529
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.527
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.526
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.525
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.524
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.523
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.522
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.521
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.520
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.519
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.518
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.517
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.516
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.515
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.514
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.513
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.512
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.511
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.510
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.509
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.508
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.507
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.506
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.505
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.504
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.503
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.502
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.501
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.500
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.499
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.498
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.497
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.496
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.495
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.494
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.493
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.492
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.491
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.490
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.489
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.488
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.487
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.486
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.485
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.484
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.483
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.