← Home

@cipherstash/wizard

npm Repository Homepage

AI-powered encryption setup for CipherStash. Reads your codebase, picks columns to encrypt, and wires everything up.

5
Versions
MIT
License
No
Install Scripts
Verified
Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

cs_lindsaydrew_cipherstashjames-sadlerdan-drapercs-zcjbrewer

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
phantom-deps phantom-dep:zod AI (phantom-deps): zod is a declared runtime dep; phantom-dep false positive likely due to indirect/config-only import patterns in this package. ai

Versions (showing 5 of 5)

Version Deps Published
0.2.0 8 / 5
0.1.3 8 / 5
0.1.2 8 / 5
0.1.1 8 / 5
0.1.0 8 / 5

v0.2.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.1.3

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.2

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.1.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.1.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.