@ai-sdk/provider-utils
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| npm-metadata | no-description | AI (npm-metadata): Minor metadata gap; package is clearly legitimate with 17M weekly downloads. | ai | |
| provenance | publisher-changed | AI (provenance): Legitimate transition from jaredpalmer (Vercel employee) to vercel-release-bot (Vercel's automated release account). Both are within the Vercel org. | ai | |
| provenance | missing-githead | AI (provenance): Consistent with move to bot-based CI/CD publishing at Vercel; not a security concern for this package. | ai | |
| maintainer-change | maintainer-added | AI (maintainer-change): vercel-release-bot added as part of standard Vercel org transition to automated releases. | ai | |
| npm-metadata | suspicious-initial-version | AI (npm-metadata): Version 0.0.0 is a known monorepo workspace placeholder pattern used by the Vercel AI SDK; not indicative of malicious intent for this package. | ai | |
| bogus-package | bogus-package | AI (bogus-package): 17M weekly downloads and 738-day history confirm this is a legitimate, high-value package despite sparse README/description metadata. | ai |
Versions (showing 100 of 132)
| Version | Deps | Published |
|---|---|---|
| 4.0.30 | 3 / 6 | |
| 4.0.29 | 3 / 6 | |
| 4.0.28 | 3 / 6 | |
| 4.0.27 | 3 / 6 | |
| 4.0.26 | 3 / 6 | |
| 4.0.25 | 3 / 6 | |
| 4.0.24 | 3 / 6 | |
| 4.0.23 | 3 / 6 | |
| 4.0.22 | 3 / 6 | |
| 4.0.21 | 3 / 6 | |
| 4.0.20 | 3 / 6 | |
| 4.0.19 | 3 / 6 | |
| 4.0.18 | 3 / 6 | |
| 4.0.17 | 3 / 6 | |
| 4.0.16 | 3 / 6 | |
| 4.0.15 | 3 / 6 | |
| 4.0.14 | 3 / 6 | |
| 4.0.13 | 3 / 6 | |
| 4.0.12 | 3 / 6 | |
| 4.0.11 | 3 / 6 | |
| 4.0.10 | 3 / 6 | |
| 4.0.9 | 3 / 6 | |
| 4.0.8 | 3 / 6 | |
| 4.0.7 | 3 / 6 | |
| 4.0.6 | 3 / 6 | |
| 4.0.5 | 3 / 6 | |
| 4.0.4 | 3 / 6 | |
| 4.0.3 | 3 / 6 | |
| 4.0.2 | 3 / 6 | |
| 4.0.1 | 3 / 6 | |
| 4.0.0 | 3 / 6 | |
| 3.0.27 | 3 / 6 | |
| 3.0.26 | 3 / 6 | |
| 3.0.25 | 3 / 6 | |
| 3.0.24 | 3 / 6 | |
| 3.0.23 | 3 / 6 | |
| 3.0.22 | 3 / 6 | |
| 3.0.21 | 3 / 6 | |
| 3.0.20 | 3 / 6 | |
| 3.0.19 | 3 / 6 | |
| 3.0.18 | 3 / 6 | |
| 3.0.17 | 3 / 6 | |
| 3.0.16 | 3 / 6 | |
| 3.0.15 | 3 / 6 | |
| 3.0.14 | 3 / 6 | |
| 3.0.13 | 3 / 6 | |
| 3.0.12 | 3 / 6 | |
| 3.0.11 | 3 / 6 | |
| 3.0.10 | 3 / 6 | |
| 3.0.9 | 3 / 6 | |
| 3.0.8 | 3 / 6 | |
| 3.0.7 | 3 / 6 | |
| 3.0.6 | 3 / 6 | |
| 3.0.5 | 4 / 6 | |
| 3.0.4 | 4 / 6 | |
| 3.0.3 | 4 / 6 | |
| 3.0.2 | 4 / 6 | |
| 3.0.1 | 4 / 6 | |
| 3.0.0 | 4 / 6 | |
| 2.2.8 | 3 / 6 | |
| 2.2.7 | 3 / 6 | |
| 2.2.6 | 3 / 6 | |
| 2.2.5 | 3 / 6 | |
| 2.2.4 | 3 / 6 | |
| 2.2.3 | 3 / 6 | |
| 2.2.2 | 3 / 6 | |
| 2.2.1 | 3 / 6 | |
| 2.2.0 | 4 / 6 | |
| 2.1.15 | 4 / 6 | |
| 2.1.14 | 4 / 6 | |
| 2.1.13 | 4 / 6 | |
| 2.1.12 | 4 / 6 | |
| 2.1.11 | 4 / 6 | |
| 2.1.10 | 4 / 6 | |
| 2.1.9 | 4 / 6 | |
| 2.1.8 | 4 / 6 | |
| 2.1.7 | 4 / 6 | |
| 2.1.6 | 4 / 6 | |
| 2.1.5 | 4 / 6 | |
| 2.1.4 | 4 / 6 | |
| 2.1.3 | 4 / 6 | |
| 2.1.2 | 4 / 6 | |
| 2.1.1 | 4 / 6 | |
| 2.1.0 | 4 / 6 | |
| 2.0.8 | 4 / 6 | |
| 2.0.7 | 4 / 6 | |
| 2.0.6 | 4 / 6 | |
| 2.0.5 | 4 / 6 | |
| 2.0.4 | 4 / 6 | |
| 2.0.3 | 4 / 6 | |
| 2.0.2 | 4 / 6 | |
| 2.0.1 | 4 / 6 | |
| 2.0.0 | 4 / 6 | |
| 1.0.22 | 4 / 6 | |
| 1.0.20 | 4 / 6 | |
| 1.0.19 | 4 / 6 | |
| 1.0.18 | 4 / 6 | |
| 1.0.17 | 4 / 6 | |
| 1.0.16 | 4 / 6 | |
| 1.0.15 | 4 / 6 |
v4.0.30
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.0.29
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.0.28
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.0.27
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.0.26
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.0.25
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.27
2 findingsCVSS 4.3 (MEDIUM) — CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L A vulnerability was determined in Vercel AI up to 3.0.97. The impacted element is the function `createJsonResponseHandler/createJsonErrorResponseHandler` of the file `packages/provider-utils/src/response-handler.ts` of the component `provider-utils`. This manipulation causes resource consumption. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.26
2 findingsCVSS 4.3 (MEDIUM) — CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L A vulnerability was determined in Vercel AI up to 3.0.97. The impacted element is the function `createJsonResponseHandler/createJsonErrorResponseHandler` of the file `packages/provider-utils/src/response-handler.ts` of the component `provider-utils`. This manipulation causes resource consumption. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.25
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.24
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.