@adguard/dnr-rulesets
Utility to create AdGuard DNR rulesets for mv3 extensions
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:dist/filters/local_script_rules.js | AI (source-diff): This file contains AdGuard scriptlet filter rules — minified JS strings mapped to expanded implementations. This is expected content for an ad-blocking DNR ruleset package, not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/filters/chromium-mv3/local_script_rules.js | AI (source-diff): These files contain AdGuard's scriptlet lookup tables — minified ad-blocking JS used as object keys with expanded implementations as values. This is the package's documented design, not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/filters/opera-mv3/local_script_rules.js | AI (source-diff): Same as chromium-mv3 variant: AdGuard scriptlet lookup tables with minified keys and readable implementations. Expected build artifact for this package. | ai | |
| publish-pattern | rapid-publish | AI (publish-pattern): Package has 13,351 versions with timestamp-based version numbers, indicating a fully automated filter-list update pipeline. Rapid publishing is the normal operating mode for this package. | ai | |
| phantom-deps | phantom-dep:chokidar | AI (phantom-deps): CLI tool legitimately uses chokidar for file watching; declared in dependencies and referenced in config files. | ai | |
| dependencies | unvetted-dep:@adguard/agtree | AI (dependencies): First-party AdGuard dependency in the same org scope; expected internal dependency for this package. | ai | |
| phantom-deps | phantom-dep:@adguard/re2-wasm | AI (phantom-deps): First-party AdGuard dependency declared in package.json; phantom-dep flag is a false positive for same-org packages. | ai | |
| phantom-deps | phantom-dep:commander | AI (phantom-deps): CLI tool legitimately uses commander for CLI argument parsing; declared in dependencies. | ai | |
| dependencies | unvetted-dep:@adguard/logger | AI (dependencies): First-party AdGuard dependency in the same org scope; expected internal dependency for this package. | ai | |
| dependencies | unvetted-dep:@adguard/re2-wasm | AI (dependencies): First-party AdGuard dependency in the same org scope; expected internal dependency for this package. | ai | |
| dependencies | unvetted-dep:@adguard/tsurlfilter | AI (dependencies): First-party AdGuard dependency in the same org scope; expected internal dependency for this package. | ai |
Versions (showing 100 of 9640)
v3.3.20260212130127
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v3.3.20260212070055
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v3.3.20260210230051
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v3.3.20260210140141
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v3.3.20260209210051
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v3.3.20260209150150
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.