@certd/plugin-plus — Greenflagged

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures gitHead linked

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

greper

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
dependencies	unvetted-dep:baidu-aip-sdk	AI (dependencies): Official Baidu AI SDK; expected dependency for a plugin-plus package integrating Baidu cloud services.	ai	2026/05/09
dependencies	unvetted-dep:@baiducloud/sdk	AI (dependencies): Official Baidu Cloud SDK; expected for this package's cloud integration scope.	ai	2026/05/09
npm-metadata	no-description	AI (npm-metadata): Monorepo plugin package; missing description is consistent across all versions.	ai	2026/05/09
bogus-package	bogus-package	AI (bogus-package): Established @certd org plugin package; sparse metadata is consistent across all versions, not indicative of spam/malware.	ai	2026/05/09
phantom-deps	phantom-dep:jsencrypt	AI (phantom-deps): Cloud SDK plugin; deps loaded conditionally per provider.	ai	2026/05/02
phantom-deps	phantom-dep:baidu-aip-sdk	AI (phantom-deps): Cloud SDK plugin; deps loaded conditionally per provider.	ai	2026/05/02
phantom-deps	phantom-dep:cos-nodejs-sdk-v5	AI (phantom-deps): Cloud SDK plugin; deps loaded conditionally per provider.	ai	2026/05/02
phantom-deps	phantom-dep:https-proxy-agent	AI (phantom-deps): Cloud SDK plugin; deps loaded conditionally per provider.	ai	2026/05/02
phantom-deps	phantom-dep:@alicloud/pop-core	AI (phantom-deps): Cloud SDK plugin; deps loaded conditionally per provider.	ai	2026/05/02
phantom-deps	phantom-dep:tencentcloud-sdk-nodejs	AI (phantom-deps): Cloud SDK plugin; deps loaded conditionally per provider.	ai	2026/05/02
phantom-deps	phantom-dep:@baiducloud/sdk	AI (phantom-deps): Cloud SDK plugin; deps loaded conditionally per provider.	ai	2026/05/02
phantom-deps	phantom-dep:qiniu	AI (phantom-deps): Cloud SDK plugin; deps loaded conditionally per provider, not statically imported.	ai	2026/05/02
phantom-deps	phantom-dep:ali-oss	AI (phantom-deps): Cloud SDK plugin; deps loaded conditionally per provider.	ai	2026/05/02
phantom-deps	phantom-dep:basic-ftp	AI (phantom-deps): Cloud SDK plugin; deps loaded conditionally per provider.	ai	2026/05/02
phantom-deps	phantom-dep:dayjs	AI (phantom-deps): Monorepo plugin; dayjs likely used transitively or in bundled output, stable FP.	ai	2026/04/28
phantom-deps	phantom-dep:@certd/plus-core	AI (phantom-deps): Same-org sibling dep; phantom-dep heuristic is a stable FP for this monorepo package.	ai	2026/04/28
phantom-deps	phantom-dep:querystring	AI (phantom-deps): Monorepo plugin; querystring likely used transitively or in bundled output, stable FP.	ai	2026/04/28
phantom-deps	phantom-dep:form-data	AI (phantom-deps): Monorepo plugin; form-data likely used transitively or in bundled output, stable FP.	ai	2026/04/28

Versions (showing 51 of 98)

View all versions

Version	Deps	Published
1.41.1	9 / 21	2026-06-05
1.41.0	9 / 21	2026-06-04
1.40.5	9 / 21	2026-05-26
1.40.4	9 / 21	2026-05-24
1.40.3	9 / 21	2026-05-21
1.40.2	9 / 21	2026-05-19
1.40.1	9 / 21	2026-05-18
1.40.0	9 / 21	2026-05-14
1.39.16	9 / 21	2026-05-13
1.39.14	9 / 21	2026-05-11
1.39.13	9 / 21	2026-05-10
1.39.12	9 / 18	2026-04-29
1.39.11	9 / 18	2026-04-26
1.39.10	9 / 18	2026-04-11
1.39.9	9 / 18	2026-04-05
1.39.8	9 / 18	2026-03-31
1.39.7	9 / 18	2026-03-25
1.39.6	9 / 18	2026-03-22
1.39.5	9 / 18	2026-03-18
1.39.4	9 / 18	2026-03-17
1.39.3	9 / 18	2026-03-17
1.39.2	9 / 18	2026-03-16
1.39.1	9 / 18	2026-03-09
1.39.0	9 / 18	2026-03-07
1.38.12	9 / 18	2026-02-18
1.38.11	9 / 18	2026-02-16
1.38.10	9 / 18	2026-02-15
1.38.9	9 / 18	2026-02-09
1.38.8	9 / 18	2026-02-06
1.38.7	9 / 18	2026-02-05
1.38.6	9 / 18	2026-02-04
1.38.5	9 / 18	2026-02-02
1.38.4	9 / 18	2026-01-31
1.38.3	9 / 18	2026-01-28
1.38.2	9 / 18	2026-01-22
1.38.1	9 / 18	2026-01-15
1.38.0	7 / 18	2026-01-13
1.37.17	21 / 19	2025-12-29
1.37.16	21 / 19	2025-12-15
1.37.15	21 / 19	2025-12-06
1.37.14	21 / 19	2025-12-02
1.37.13	21 / 19	2025-12-02
1.37.12	21 / 19	2025-11-29
1.37.11	21 / 19	2025-11-28
1.37.10	21 / 19	2025-11-19
1.37.9	21 / 19	2025-11-19
1.37.8	21 / 19	2025-11-17
1.37.7	21 / 19	2025-11-12
1.37.6	21 / 19	2025-11-10
1.37.5	21 / 19	2025-11-08
1.37.4	21 / 19	2025-10-28