@adonisjs/content MIT 9 versions

@adonisjs/content

npm Repository Homepage

Content management for AdonisJS with schema validation, GitHub loaders, and custom queries

9

Versions

MIT

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

romainlanzvirkjulien-r44

Keywords

adonisjscontentcollectionschemavalidationgithubsponsorscontributorsreleasescms

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
provenance	publisher-changed	AI (provenance): Transition from manual publish (virk) to GitHub Actions CI with SLSA provenance; expected for AdonisJS org packages.	ai	2026/05/27

Versions (showing 9 of 9)

Version	Deps	Published
1.7.0	3 / 20	2026-04-26
1.6.1	3 / 20	2026-01-07
1.6.0	3 / 20	2026-01-05
1.5.0	3 / 20	2025-12-27
1.4.0	3 / 20	2025-12-27
1.3.0	3 / 20	2025-11-26
1.2.0	3 / 20	2025-11-26
1.1.1	3 / 20	2025-11-17
1.1.0	3 / 20	2025-11-15

v1.7.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.1

2 findings

HIGH Publisher changed: virk → GitHub Actions (on 2026-01-07) provenance

This version was published by a different npm account than previous versions on 2026-01-07. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.0

2 findings

HIGH Publisher changed: virk → GitHub Actions (on 2026-01-05) provenance

This version was published by a different npm account than previous versions on 2026-01-05. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.5.0

2 findings

HIGH Publisher changed: virk → GitHub Actions (on 2025-12-27) provenance

This version was published by a different npm account than previous versions on 2025-12-27. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.4.0

2 findings

HIGH Publisher changed: virk → GitHub Actions (on 2025-12-27) provenance

This version was published by a different npm account than previous versions on 2025-12-27. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.3.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.2.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.1.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.1.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.