@blocklet/dataset-sdk — Greenflagged

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures No source commit

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

wangshijungxw

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
dependencies	unvetted-dep:openapi-enforcer	AI (dependencies): openapi-enforcer is a legitimate OpenAPI validation library; stable dependency for this SDK package.	ai	2026/05/14
phantom-deps	phantom-dep:ajv	AI (phantom-deps): Declared in dependencies; used via config/convention in this SDK package.	ai	2026/05/12
phantom-deps	phantom-dep:ufo	AI (phantom-deps): Declared in dependencies; SDK re-export pattern.	ai	2026/05/12
phantom-deps	phantom-dep:yaml	AI (phantom-deps): Declared in dependencies; SDK re-export pattern.	ai	2026/05/12
phantom-deps	phantom-dep:express	AI (phantom-deps): Declared in dependencies; used in openapi/swagger middleware exports.	ai	2026/05/12
phantom-deps	phantom-dep:js-cookie	AI (phantom-deps): Declared in dependencies; SDK utility pattern.	ai	2026/05/12
phantom-deps	phantom-dep:openapi-types	AI (phantom-deps): Declared in dependencies; type-only usage common in compiled TS packages.	ai	2026/05/12
phantom-deps	phantom-dep:swagger-jsdoc	AI (phantom-deps): Declared in dependencies; used in openapi export.	ai	2026/05/12
phantom-deps	phantom-dep:openapi-enforcer	AI (phantom-deps): Declared in dependencies; used in openapi validation.	ai	2026/05/12
phantom-deps	phantom-dep:@blocklet/constant	AI (phantom-deps): Same org scope; declared in dependencies, stable false positive.	ai	2026/05/12
phantom-deps	phantom-dep:swagger-ui-express	AI (phantom-deps): Declared in dependencies; used in openapi/swagger middleware.	ai	2026/05/12
phantom-deps	phantom-dep:@types/swagger-jsdoc	AI (phantom-deps): Type-only package; framework-scoped, stable false positive.	ai	2026/05/12
phantom-deps	phantom-dep:@types/swagger-ui-express	AI (phantom-deps): Type-only package; framework-scoped, stable false positive.	ai	2026/05/12

Versions (showing 51 of 58)

View all versions

Version	Deps	Published
0.7.13	17 / 5	2026-01-07
0.7.12	17 / 5	2025-12-26
0.7.11	17 / 5	2025-12-23
0.7.8	17 / 5	2025-11-28
0.7.7	17 / 5	2025-11-24
0.7.6	17 / 5	2025-11-15
0.7.5	17 / 5	2025-11-14
0.7.4	17 / 5	2025-11-14
0.7.3	17 / 5	2025-11-11
0.7.2	17 / 5	2025-11-10
0.7.1	17 / 5	2025-11-09
0.7.0	17 / 5	2025-11-06
0.6.3	17 / 5	2025-11-05
0.6.2	17 / 5	2025-11-04
0.6.1	17 / 5	2025-10-29
0.6.0	17 / 5	2025-10-29
0.5.26	17 / 5	2025-10-11
0.5.25	17 / 5	2025-10-11
0.5.24	17 / 5	2025-10-11
0.5.23	17 / 5	2025-10-09
0.5.22	17 / 5	2025-10-09
0.5.21	17 / 5	2025-10-01
0.5.20	17 / 5	2025-09-15
0.5.19	17 / 5	2025-09-05
0.5.18	17 / 5	2025-09-05
0.5.17	17 / 5	2025-09-05
0.5.16	17 / 5	2025-09-02
0.5.15	17 / 5	2025-08-28
0.5.14	17 / 5	2025-08-28
0.5.13	17 / 5	2025-08-25
0.5.12	17 / 5	2025-08-22
0.5.11	17 / 5	2025-08-21
0.5.10	17 / 5	2025-08-21
0.5.9	17 / 5	2025-08-21
0.5.8	17 / 5	2025-08-20
0.5.7	17 / 5	2025-08-20
0.5.6	17 / 5	2025-08-13
0.5.5	17 / 5	2025-08-11
0.5.4	17 / 5	2025-08-11
0.5.3	17 / 5	2025-08-07
0.5.2	17 / 5	2025-08-07
0.5.1	17 / 5	2025-08-06
0.5.0	17 / 5	2025-08-06
0.4.279	17 / 5	2025-08-04
0.4.278	17 / 5	2025-08-04
0.4.277	17 / 5	2025-08-01
0.4.276	17 / 5	2025-07-05
0.4.275	17 / 5	2025-06-30
0.4.274	17 / 5	2025-06-11
0.4.273	17 / 5	2025-06-06
0.4.272	17 / 5	2025-06-04