@chaos-maker/core
A lightweight, framework-agnostic toolkit for injecting chaos into web applications to test frontend resilience
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| typosquat | typosquat.levenshtein:cors | AI (typosquat): Scoped chaos-engineering package; name similarity to 'cors' is coincidental, not impersonation. | ai | |
| phantom-deps | phantom-dep:zod | AI (phantom-deps): zod is declared as a runtime dependency in package.json; phantom-dep heuristic is a false positive here. | ai |
Versions (showing 9 of 9)
| Version | Deps | Published |
|---|---|---|
| 0.8.0 | 1 / 6 | |
| 0.7.1 | 1 / 6 | |
| 0.7.0 | 1 / 6 | |
| 0.6.0 | 1 / 6 | |
| 0.5.0 | 1 / 6 | |
| 0.4.0 | 1 / 5 | |
| 0.3.0 | 1 / 5 | |
| 0.2.0 | 1 / 5 | |
| 0.1.0 | 1 / 5 |
v0.8.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.4.0
2 findingsPackage name '@chaos-maker/core' is 1 edit(s) away from popular package 'cors'.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.