@514labs/moose-proto
Supply chain provenance
Status for the latest visible version.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| install-scripts | install-script:preinstall | AI (install-scripts): Runs a workspace-local safety check script via relative path; no network access or arbitrary execution. | ai | |
| bogus-package | bogus-package | AI (bogus-package): Monorepo sub-package; missing description/repo/keywords is expected for internal proto packages. | ai | |
| maintainer-change | maintainer-added | AI (maintainer-change): New maintainer luciofranco added alongside CI transition; consistent with legitimate org-level change for established package. | ai | |
| provenance | publisher-changed | AI (provenance): Transition to GitHub Actions CI/CD publisher with SLSA provenance; consistent with automated release pipeline for this established package. | ai | |
| dependencies | unvetted-dep:@bufbuild/buf | AI (dependencies): @bufbuild/buf is the official Buf CLI for protobuf generation — a well-known legitimate tool. This finding is a stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@bufbuild/buf | AI (phantom-deps): @bufbuild/buf is used as a CLI tool in the gen script (not imported as a module). This pattern is expected and stable for this package. | ai | |
| phantom-deps | phantom-dep:rimraf | AI (phantom-deps): rimraf is used as a CLI tool in the gen script (not imported as a module). This pattern is expected and stable for this package. | ai |
Versions (showing 96 of 696)
| Version | Deps | Published |
|---|---|---|
| 0.4.232 | 3 / 2 | |
| 0.4.231 | 3 / 2 | |
| 0.4.229 | 3 / 2 | |
| 0.4.228 | 3 / 2 | |
| 0.4.227 | 3 / 2 | |
| 0.4.226 | 3 / 2 | |
| 0.4.225 | 3 / 2 | |
| 0.4.224 | 3 / 2 | |
| 0.4.223 | 3 / 2 | |
| 0.4.222 | 3 / 2 | |
| 0.4.221 | 3 / 2 | |
| 0.4.220 | 3 / 2 | |
| 0.4.219 | 3 / 2 | |
| 0.4.218 | 3 / 2 | |
| 0.4.216 | 3 / 2 | |
| 0.4.215 | 3 / 2 | |
| 0.4.214 | 3 / 2 | |
| 0.4.212 | 3 / 2 | |
| 0.4.211 | 3 / 2 | |
| 0.4.210 | 3 / 2 | |
| 0.4.208 | 3 / 2 | |
| 0.4.207 | 3 / 2 | |
| 0.4.205 | 3 / 2 | |
| 0.4.203 | 3 / 2 | |
| 0.4.202 | 3 / 2 | |
| 0.4.201 | 3 / 2 | |
| 0.4.200 | 3 / 2 | |
| 0.4.198 | 3 / 2 | |
| 0.4.197 | 3 / 2 | |
| 0.4.196 | 3 / 2 | |
| 0.4.195 | 3 / 2 | |
| 0.4.194 | 3 / 2 | |
| 0.4.193 | 3 / 2 | |
| 0.4.192 | 3 / 2 | |
| 0.4.191 | 3 / 2 | |
| 0.4.190 | 3 / 2 | |
| 0.4.188 | 3 / 2 | |
| 0.4.186 | 3 / 2 | |
| 0.4.184 | 3 / 2 | |
| 0.4.183 | 3 / 2 | |
| 0.4.182 | 3 / 2 | |
| 0.4.181 | 3 / 2 | |
| 0.4.180 | 3 / 2 | |
| 0.4.179 | 3 / 2 | |
| 0.4.178 | 3 / 2 | |
| 0.4.177 | 3 / 2 | |
| 0.4.176 | 3 / 2 | |
| 0.4.175 | 3 / 2 | |
| 0.4.174 | 3 / 2 | |
| 0.4.173 | 3 / 2 | |
| 0.4.172 | 3 / 2 | |
| 0.4.171 | 3 / 2 | |
| 0.4.170 | 3 / 2 | |
| 0.4.169 | 3 / 2 | |
| 0.4.168 | 3 / 2 | |
| 0.4.167 | 3 / 2 | |
| 0.4.166 | 3 / 2 | |
| 0.4.165 | 3 / 2 | |
| 0.4.164 | 3 / 2 | |
| 0.4.163 | 3 / 2 | |
| 0.4.162 | 3 / 2 | |
| 0.4.161 | 3 / 2 | |
| 0.4.160 | 3 / 2 | |
| 0.4.159 | 3 / 2 | |
| 0.4.158 | 3 / 2 | |
| 0.4.157 | 3 / 2 | |
| 0.4.156 | 3 / 2 | |
| 0.4.155 | 3 / 2 | |
| 0.4.154 | 3 / 2 | |
| 0.4.153 | 3 / 2 | |
| 0.4.152 | 3 / 2 | |
| 0.4.150 | 3 / 2 | |
| 0.4.149 | 3 / 2 | |
| 0.4.148 | 3 / 2 | |
| 0.4.147 | 3 / 2 | |
| 0.4.146 | 3 / 2 | |
| 0.4.145 | 3 / 2 | |
| 0.4.144 | 3 / 2 | |
| 0.4.143 | 3 / 2 | |
| 0.4.142 | 3 / 2 | |
| 0.4.141 | 3 / 2 | |
| 0.4.140 | 3 / 2 | |
| 0.4.139 | 3 / 2 | |
| 0.4.138 | 3 / 2 | |
| 0.4.137 | 3 / 2 | |
| 0.4.136 | 3 / 2 | |
| 0.4.135 | 3 / 2 | |
| 0.4.134 | 3 / 2 | |
| 0.4.133 | 3 / 2 | |
| 0.4.132 | 3 / 2 | |
| 0.4.131 | 3 / 2 | |
| 0.4.130 | 3 / 2 | |
| 0.4.129 | 3 / 2 | |
| 0.4.127 | 3 / 2 | |
| 0.4.126 | 3 / 2 | |
| 0.4.125 | 3 / 2 |
v0.4.232
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.231
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.229
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.228
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.227
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.226
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.225
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.224
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.223
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.222
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.221
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.220
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.219
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.218
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.216
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.215
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.214
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.212
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.211
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.210
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.208
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.207
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.205
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.203
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.202
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.201
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.200
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.198
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.197
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.196
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.195
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.194
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.193
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.192
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.191
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.190
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.188
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.186
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.184
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.183
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.182
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.181
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.180
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.179
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.178
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.177
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.176
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.175
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.174
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.173
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.172
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.171
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.170
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.169
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.168
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.167
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.166
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.165
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.164
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.163
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.162
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.161
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.160
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.159
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.158
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.157
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.156
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.155
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.154
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.153
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.152
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.150
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.149
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.148
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.147
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.146
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.145
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.144
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.143
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.142
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.141
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.140
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.139
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.138
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.137
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.136
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.135
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.134
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.133
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.132
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.131
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.130
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.4.129
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.4.127
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.4.126
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.4.125
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.