← Home

@aws/dsql-lint-darwin-arm64

npm Repository Homepage

dsql-lint native binary for macOS ARM64

5
Versions
MIT-0
License
No
Install Scripts
Verified
Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

aws-aurora-dsql-devex

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
npm-metadata bundled-binaries AI (npm-metadata): Platform-specific native binary package; SLSA provenance attestation confirms CI/CD build integrity. ai
license uncommon-license:MIT-0 AI (license): MIT-0 is a well-known AWS-preferred open source license variant, not a risk signal. ai

Versions (showing 5 of 5)

Version Deps Published
0.2.5 0 / 0
0.2.3 0 / 0
0.2.2 0 / 0
0.2.1 0 / 0
0.1.3 0 / 0

v0.2.5

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.2.3

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.2.2

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.2.1

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.1.3

2 findings
HIGH Bundled binary files (1) npm-metadata

Package contains compiled binaries that could be backdoors: • bin/dsql-lint

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.