@automattic/jetpack-api

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

macbreyuliyanmjangdamatticbota8cbloweryehg_sgomestyxlasaroshaganejclovrencicsirbrilligchriszaraterobersongomesjohngodleyjehervedaledupreez-a8ct2dw4tluismulinariandrea-sdlelazzabifmfernandessirrealwwachihsuanmanzoorwanijkmsurdi-a8cnewspack-npmdsmartgkthai15bgrgicakrobertsreberski_a8cartpigmjuhaszkat3samsinbrunobastodhenridevmrmurphywpvip-botetobiesenalshakeroarthur791004diliritymehmoodaknatalia.vidalivan.ottingeranandnalyaarcangelinisretrofoxfredrikekelundchriskmndsoandregalgalatanovidiukangzj_mirka_aduthebuccelli

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
bogus-package	bogus-package	AI (bogus-package): Internal Automattic monorepo package; sparse README and no keywords are expected for this type of package.	ai	2026/04/29

Versions (showing 27 of 27)

Version	Deps	Published
1.0.27	2 / 1	2026-06-03
1.0.26	2 / 1	2026-05-21
1.0.25	2 / 1	2026-05-19
1.0.24	2 / 1	2026-05-04
1.0.23	2 / 1	2026-04-20
1.0.22	2 / 1	2026-04-09
1.0.21	2 / 1	2026-03-30
1.0.20	2 / 1	2026-03-23
1.0.19	2 / 1	2026-03-16
1.0.18	2 / 1	2026-02-26
1.0.17	2 / 1	2026-02-18
1.0.16	2 / 1	2026-02-02
1.0.15	2 / 1	2026-01-19
1.0.14	2 / 1	2026-01-14
1.0.13	2 / 2	2026-01-07
1.0.12	2 / 2	2025-12-01
1.0.11	2 / 2	2025-11-17
1.0.10	2 / 2	2025-09-19
1.0.9	2 / 2	2025-09-08
1.0.8	2 / 2	2025-08-13
1.0.7	2 / 2	2025-08-11
1.0.5	2 / 2	2025-07-08
1.0.4	2 / 2	2025-07-03
1.0.3	2 / 2	2025-07-01
1.0.2	2 / 2	2025-06-23
1.0.1	2 / 2	2025-06-18
1.0.0	2 / 2	2025-06-03

v1.0.27

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.0.26

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.0.25

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.0.24

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.0.22

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.0.21

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.0.20

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.0.19

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.0.18

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.