@almadar/std
Standard library operators for Almadar (math, string, array, etc.)
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:dist/behaviors/functions/index.js | AI (source-diff): Standard tsup bundle output with readable source comments and function names; not obfuscated. Long lines are a bundling artifact. | ai | |
| source-diff | obfuscated-file:dist/behaviors/functions/index.d.ts | AI (source-diff): Standard TypeScript declaration file with JSDoc; long lines from bundled type declarations, not obfuscation. | ai | |
| license | uncommon-license:BSL-1.1 | AI (license): BSL-1.1 is the intentional license for the almadar ecosystem packages; not a security concern and stable across versions. | ai | |
| phantom-deps | phantom-dep:@almadar/operators | AI (phantom-deps): Same-org scope dependency (@almadar/operators) intentionally declared as a runtime dep; phantom import pattern is expected for this monorepo package structure. | ai | |
| provenance | no-provenance | AI (provenance): Package does not use Sigstore provenance; no other malicious signals present. Acceptable for this package given its established history. | ai | |
| typosquat | typosquat.levenshtein:zod | AI (typosquat): Package is scoped under @almadar and is part of a coherent almadar-io ecosystem. 'std' is a standard abbreviation for standard library, not an attempt to impersonate 'zod'. | ai |
Versions (showing 51 of 136)
| Version | Deps | Published |
|---|---|---|
| 16.22.2 | 1 / 9 | |
| 16.22.1 | 1 / 9 | |
| 16.22.0 | 1 / 9 | |
| 16.21.6 | 1 / 9 | |
| 16.21.4 | 1 / 9 | |
| 16.21.2 | 1 / 9 | |
| 16.21.0 | 1 / 9 | |
| 16.19.0 | 1 / 9 | |
| 16.18.1 | 1 / 9 | |
| 16.18.0 | 1 / 9 | |
| 16.17.0 | 1 / 9 | |
| 16.16.0 | 1 / 9 | |
| 16.15.2 | 1 / 9 | |
| 16.15.0 | 1 / 9 | |
| 16.13.2 | 1 / 9 | |
| 16.13.1 | 1 / 9 | |
| 16.13.0 | 1 / 9 | |
| 16.12.0 | 1 / 9 | |
| 16.11.0 | 1 / 9 | |
| 16.10.4 | 1 / 9 | |
| 16.10.3 | 1 / 9 | |
| 16.10.2 | 1 / 9 | |
| 16.10.1 | 1 / 9 | |
| 16.10.0 | 1 / 9 | |
| 16.9.2 | 1 / 9 | |
| 16.9.1 | 1 / 9 | |
| 16.9.0 | 1 / 9 | |
| 16.8.1 | 1 / 9 | |
| 16.8.0 | 1 / 9 | |
| 16.6.0 | 1 / 9 | |
| 16.5.0 | 1 / 9 | |
| 16.4.1 | 1 / 9 | |
| 16.4.0 | 1 / 9 | |
| 16.3.4 | 1 / 9 | |
| 16.3.3 | 1 / 9 | |
| 16.3.2 | 1 / 9 | |
| 16.3.1 | 1 / 9 | |
| 16.3.0 | 1 / 9 | |
| 16.2.0 | 1 / 9 | |
| 16.1.0 | 1 / 9 | |
| 16.0.3 | 1 / 9 | |
| 16.0.2 | 1 / 9 | |
| 16.0.1 | 1 / 9 | |
| 15.17.2 | 1 / 9 | |
| 15.17.1 | 1 / 9 | |
| 15.17.0 | 1 / 9 | |
| 15.16.3 | 1 / 9 | |
| 15.16.1 | 1 / 9 | |
| 15.15.8 | 1 / 9 | |
| 15.15.7 | 1 / 9 | |
| 15.15.6 | 1 / 9 |
v16.22.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.22.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.22.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.21.6
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.21.4
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.21.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.21.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.19.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.18.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.18.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.17.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.16.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.15.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.15.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.13.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.13.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.13.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.12.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.11.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.10.4
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.10.3
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.10.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.10.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.10.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.9.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.9.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.9.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.8.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.8.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.6.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.5.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.4.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.4.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.3.4
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.3.3
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.3.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.3.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.3.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.2.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.1.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.0.3
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.0.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.0.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v15.17.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v15.17.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v15.17.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v15.16.3
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v15.16.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v15.15.8
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v15.15.7
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v15.15.6
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.