← Home

@bananapus/buyback-hook-v6

npm Repository Homepage

`@bananapus/buyback-hook-v6` is a data hook that compares Juicebox's native mint or cash-out path with a Uniswap V4 pool and routes through whichever produces the better result for the project at that moment.

51
Versions
MIT
License
No
Install Scripts
Missing
Provenance

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures gitHead linked

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

simplemachineme.jangofilipviz

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
npm-metadata url-dep:@uniswap/v3-core AI (npm-metadata): Foundry/Solidity packages routinely reference Uniswap GitHub sources for Solidity interfaces. This is standard practice in the Foundry ecosystem for this org. ai
npm-metadata url-dep:@uniswap/v3-periphery AI (npm-metadata): Same as v3-core: GitHub reference to official Uniswap repo is standard Foundry ecosystem practice for Solidity interface packages. ai
phantom-deps phantom-dep:@uniswap/v3-core AI (phantom-deps): Solidity package; deps are referenced via Foundry remappings in config, not JS imports. Phantom dep pattern is expected for this package type. ai
phantom-deps phantom-dep:@uniswap/v3-periphery AI (phantom-deps): Same as v3-core: Foundry remapping pattern, not a JS import. Expected for Solidity packages. ai
phantom-deps phantom-dep:@exhausted-pigeon/uniswap-v3-forge-quoter AI (phantom-deps): Foundry test utility referenced via config remappings, not JS imports. Consistent with Solidity package pattern. ai
phantom-deps phantom-dep:@openzeppelin/contracts AI (phantom-deps): Foundry/Solidity package; OpenZeppelin contracts consumed via remappings, not JS imports. Standard pattern for Solidity npm packages. ai
phantom-deps phantom-dep:@bananapus/core-v6 AI (phantom-deps): Foundry/Solidity package; deps are consumed via remappings in config files, not JS imports. This is the standard pattern for Solidity npm packages. ai
phantom-deps phantom-dep:@bananapus/permission-ids-v6 AI (phantom-deps): Foundry/Solidity package; deps consumed via remappings, not JS imports. Standard pattern for Solidity npm packages. ai
phantom-deps phantom-dep:@bananapus/univ4-router-v6 AI (phantom-deps): Foundry/Solidity package; deps consumed via remappings, not JS imports. Standard pattern for Solidity npm packages. ai
phantom-deps phantom-dep:@uniswap/v4-core AI (phantom-deps): Foundry/Solidity package; deps consumed via remappings, not JS imports. Standard pattern for Solidity npm packages. ai
phantom-deps phantom-dep:@uniswap/v4-periphery AI (phantom-deps): Foundry/Solidity package; deps consumed via remappings, not JS imports. Standard pattern for Solidity npm packages. ai
phantom-deps phantom-dep:hookmate AI (phantom-deps): Foundry/Solidity package; deps consumed via remappings, not JS imports. Standard pattern for Solidity npm packages. ai

Versions (showing 51 of 70)

View all versions
Version Deps Published
0.0.73 6 / 1
0.0.72 6 / 1
0.0.71 6 / 1
0.0.70 6 / 1
0.0.69 6 / 1
0.0.68 6 / 1
0.0.67 6 / 1
0.0.66 6 / 1
0.0.65 6 / 1
0.0.64 6 / 1
0.0.63 6 / 1
0.0.62 6 / 1
0.0.61 6 / 1
0.0.60 6 / 1
0.0.59 6 / 1
0.0.58 6 / 1
0.0.55 6 / 1
0.0.54 6 / 1
0.0.53 6 / 1
0.0.52 6 / 1
0.0.51 6 / 1
0.0.50 6 / 1
0.0.49 6 / 1
0.0.48 6 / 1
0.0.47 6 / 1
0.0.46 6 / 1
0.0.45 6 / 1
0.0.44 6 / 1
0.0.43 6 / 1
0.0.42 6 / 1
0.0.40 6 / 1
0.0.39 6 / 1
0.0.38 6 / 1
0.0.37 6 / 1
0.0.36 6 / 1
0.0.35 7 / 1
0.0.34 7 / 1
0.0.33 7 / 1
0.0.32 7 / 1
0.0.31 7 / 1
0.0.30 7 / 1
0.0.29 7 / 1
0.0.28 7 / 1
0.0.27 7 / 1
0.0.26 7 / 1
0.0.25 7 / 1
0.0.24 8 / 1
0.0.23 8 / 1
0.0.22 8 / 1
0.0.21 8 / 1
0.0.20 7 / 1

v0.0.73

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.72

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.71

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.70

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.69

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.68

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.67

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.66

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.65

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.64

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.63

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.62

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.61

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.60

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.59

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.58

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.55

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.54

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.53

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.52

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.51

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.50

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.49

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.48

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.47

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.46

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.45

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.44

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.43

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.42

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.40

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.39

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.38

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.37

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.36

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.34

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.31

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.30

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.0.29

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.28

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.27

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.26

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.25

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.0.24

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.0.23

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.0.22

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.0.21

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.0.20

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.