@adobe/spacecat-shared-data-access
Shared modules of the Spacecat Services - Data Access
Supply chain provenance
Status for the latest visible version.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| publish-pattern | dormant-publish | AI (publish-pattern): 510 versions published; high-frequency release cadence makes dormancy flag unreliable for this package. | ai | |
| semgrep | semgrep:base64-decode | AI (semgrep): Decodes a pagination cursor into a JSON offset integer — no code execution or exfiltration risk. | ai | |
| phantom-deps | phantom-dep:@types/joi | AI (phantom-deps): Type-only package; loaded by convention, not direct import. Stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:aws-xray-sdk | AI (phantom-deps): Referenced in config files per analyzer note; stable false positive for this package. | ai |
Versions (showing 51 of 51)
| Version | Deps | Published |
|---|---|---|
| 3.65.0 | 8 / 5 | |
| 3.64.0 | 8 / 5 | |
| 3.63.0 | 8 / 5 | |
| 3.62.0 | 8 / 5 | |
| 3.61.0 | 8 / 5 | |
| 3.60.0 | 8 / 5 | |
| 3.59.0 | 8 / 5 | |
| 3.58.0 | 8 / 5 | |
| 3.57.0 | 8 / 5 | |
| 3.56.1 | 8 / 5 | |
| 3.56.0 | 8 / 5 | |
| 3.55.1 | 8 / 5 | |
| 3.55.0 | 8 / 5 | |
| 3.19.0 | 8 / 5 | |
| 3.18.0 | 8 / 5 | |
| 3.17.0 | 8 / 5 | |
| 3.16.0 | 8 / 5 | |
| 3.11.0 | 7 / 5 | |
| 3.10.1 | 7 / 5 | |
| 3.9.0 | 7 / 5 | |
| 2.90.0 | 9 / 6 | |
| 2.89.0 | 8 / 6 | |
| 2.88.9 | 8 / 6 | |
| 2.88.8 | 8 / 6 | |
| 2.88.7 | 8 / 6 | |
| 2.88.6 | 8 / 6 | |
| 2.88.5 | 8 / 6 | |
| 2.88.4 | 8 / 6 | |
| 2.88.3 | 8 / 6 | |
| 2.88.2 | 8 / 6 | |
| 2.88.1 | 8 / 6 | |
| 2.88.0 | 8 / 6 | |
| 2.87.1 | 8 / 6 | |
| 2.87.0 | 8 / 6 | |
| 2.86.0 | 8 / 6 | |
| 2.85.1 | 8 / 6 | |
| 2.85.0 | 8 / 6 | |
| 2.84.0 | 8 / 6 | |
| 2.83.2 | 8 / 6 | |
| 2.83.1 | 8 / 6 | |
| 2.83.0 | 8 / 6 | |
| 2.82.0 | 8 / 6 | |
| 2.81.0 | 8 / 6 | |
| 2.80.2 | 8 / 6 | |
| 2.80.1 | 8 / 6 | |
| 2.80.0 | 8 / 6 | |
| 2.79.0 | 8 / 6 | |
| 2.78.0 | 8 / 6 | |
| 2.77.1 | 8 / 6 | |
| 2.77.0 | 8 / 6 | |
| 2.76.1 | 8 / 6 |
v3.65.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.64.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.63.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.62.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.61.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.60.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.59.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.58.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.57.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.56.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.56.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.19.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v3.18.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v3.17.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v3.16.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v3.11.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v3.10.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v3.9.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.90.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.89.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.88.9
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.88.8
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.88.7
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.88.6
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.88.5
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.88.4
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.88.3
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.88.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.88.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.88.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.87.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.87.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.86.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.85.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.85.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.84.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.83.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.83.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.83.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.82.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.81.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.80.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.80.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.80.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.79.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.78.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.77.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.77.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.76.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.