@activepieces/pieces-framework

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures gitHead linked

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

abuaboudactivepieces-botabdul_activepiecer

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
publish-pattern	dormant-publish	AI (publish-pattern): Monorepo bot publisher with 25 approved packages; dormancy reflects release cadence, not account takeover.	ai	2026/05/09
phantom-deps	phantom-dep:@ai-sdk/replicate	AI (phantom-deps): Framework peer/optional dep pattern; stable false positive for this package.	ai	2026/05/09
phantom-deps	phantom-dep:@ai-sdk/anthropic	AI (phantom-deps): Framework peer/optional dep pattern; stable false positive for this package.	ai	2026/05/09
phantom-deps	phantom-dep:@ai-sdk/openai	AI (phantom-deps): Framework peer/optional dep pattern; stable false positive for this package.	ai	2026/05/09
phantom-deps	phantom-dep:ai	AI (phantom-deps): Framework peer/optional dep pattern; stable false positive for this package.	ai	2026/05/09
phantom-deps	phantom-dep:semver	AI (phantom-deps): Declared in package.json; heuristic false positive for config-referenced deps.	ai	2026/04/28
phantom-deps	phantom-dep:socket.io-client	AI (phantom-deps): Declared in package.json; heuristic false positive for config-referenced deps.	ai	2026/04/28
phantom-deps	phantom-dep:deepmerge-ts	AI (phantom-deps): Declared in package.json; heuristic false positive for config-referenced deps.	ai	2026/04/28
phantom-deps	phantom-dep:nanoid	AI (phantom-deps): Declared in package.json; heuristic false positive for config-referenced deps.	ai	2026/04/28
bogus-package	bogus-package	AI (bogus-package): Monorepo-published package; missing metadata fields are consistent across all versions, not a spam indicator.	ai	2026/04/28
npm-metadata	no-description	AI (npm-metadata): Stable pattern across all versions of this monorepo package; not a malice signal.	ai	2026/04/28
phantom-deps	phantom-dep:lru-cache	AI (phantom-deps): Monorepo transitive dep declared in package.json; not a direct import by design.	ai	2026/04/28
phantom-deps	phantom-dep:@ai-sdk/provider-utils	AI (phantom-deps): AI SDK peer dep declared for resolution; stable false positive for this package.	ai	2026/04/28
phantom-deps	phantom-dep:@standard-schema/spec	AI (phantom-deps): Schema peer dep declared for resolution; stable false positive for this package.	ai	2026/04/28
phantom-deps	phantom-dep:eventsource-parser	AI (phantom-deps): Streaming dep declared for resolution; stable false positive for this package.	ai	2026/04/28
phantom-deps	phantom-dep:@opentelemetry/api	AI (phantom-deps): Observability peer dep declared for resolution; stable false positive for this package.	ai	2026/04/28
phantom-deps	phantom-dep:@ai-sdk/provider	AI (phantom-deps): AI SDK peer dep declared for resolution; stable false positive for this package.	ai	2026/04/28
phantom-deps	phantom-dep:@ai-sdk/gateway	AI (phantom-deps): AI SDK peer dep declared for resolution; stable false positive for this package.	ai	2026/04/28
phantom-deps	phantom-dep:@vercel/oidc	AI (phantom-deps): Framework-scoped dep loaded by convention in the Activepieces ecosystem.	ai	2026/04/28
phantom-deps	phantom-dep:json-schema	AI (phantom-deps): Monorepo transitive dep declared in package.json; not a direct import by design.	ai	2026/04/28
phantom-deps	phantom-dep:yallist	AI (phantom-deps): Monorepo transitive dep declared in package.json; not a direct import by design.	ai	2026/04/28

Versions (showing 51 of 54)

View all versions

Version	Deps	Published
0.30.0	5 / 2	2026-06-07
0.29.1	5 / 2	2026-06-03
0.29.0	5 / 2	2026-05-30
0.28.2	5 / 2	2026-05-21
0.28.1	5 / 2	2026-04-24
0.28.0	5 / 2	2026-04-23
0.27.2	15 / 2	2026-04-16
0.27.1	15 / 2	2026-04-14
0.27.0	15 / 2	2026-04-13
0.26.2	5 / 2	2026-04-06
0.26.1	5 / 2	2026-04-06
0.26.0	5 / 2	2026-03-05
0.25.6	5 / 2	2026-02-26
0.25.5	5 / 2	2026-02-25
0.25.4	8 / 0	2026-02-22
0.25.3	9 / 0	2026-02-09
0.25.2	9 / 0	2026-02-05
0.25.1	9 / 0	2026-02-03
0.25.0	9 / 0	2026-01-26
0.24.0	11 / 0	2026-01-22
0.23.0	7 / 0	2025-12-29
0.22.3	7 / 0	2025-12-24
0.22.2	7 / 0	2025-12-04
0.22.1	7 / 0	2025-12-03
0.22.0	7 / 0	2025-12-03
0.21.0	7 / 0	2025-12-03
0.20.3	7 / 0	2025-12-01
0.20.2	6 / 0	2025-11-03
0.20.1	6 / 0	2025-09-08
0.20.0	6 / 0	2025-09-03
0.19.0	6 / 0	2025-09-01
0.18.5	7 / 0	2025-08-28
0.18.4	7 / 0	2025-08-25
0.18.3	12 / 0	2025-08-12
0.18.2	12 / 0	2025-08-12
0.18.1	12 / 0	2025-08-11
0.18.0	12 / 0	2025-08-03
0.17.0	12 / 0	2025-07-31
0.16.0	12 / 0	2025-07-30
0.15.0	12 / 0	2025-07-08
0.14.2	12 / 0	2025-07-04
0.14.1	11 / 0	2025-06-15
0.14.0	7 / 0	2025-06-02
0.13.0	7 / 0	2025-05-29
0.12.0	7 / 0	2025-05-26
0.11.0	7 / 0	2025-05-20
0.10.5	7 / 0	2025-05-15
0.10.4	7 / 0	2025-05-15
0.10.3	6 / 0	2025-05-14
0.10.2	7 / 0	2025-05-14
0.10.1	7 / 0	2025-05-14