@cloudflare/sandbox Apache-2.0 51 versions

@cloudflare/sandbox

npm Repository Homepage

A sandboxed environment for running commands

51

Versions

Apache-2.0

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

dcruz_cfjculveysejokercf-radarcf-ci-writesegments-writethibmeuxortivecf-ci2lvalentaworengathird774jasnellterinjokescelsogregbrimbleg4brymwrangler-publishercf-media-managerdash_service_accountcf-npm-publishsimonabadoiucms1919mgirouard-cfmusa-cfvaishakpdineshichernetsky-cfgabivlj-cfganders-cloudflarensharma-cfmikenomitchtlefebvre_cfnafeezcfeduardo-vargasthreepointonextuc

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
npm-metadata	suspicious-initial-version	AI (npm-metadata): Cloudflare scoped package published by trusted wrangler-publisher; 0.0.0 is a placeholder version pattern, not malicious.	ai	2026/05/20
semgrep	semgrep:env-spread	AI (semgrep): Standard subprocess spawn pattern merging parent env with user overrides; expected for a sandbox/container runner.	ai	2026/05/19
semgrep	semgrep:shady-links-raw-ip	AI (semgrep): Explicitly proxying to 127.0.0.1 (localhost) for container networking; not exfiltration.	ai	2026/05/19
provenance	publisher-changed	AI (provenance): Cloudflare packages published via GitHub Actions CI with SLSA attestation; automated publisher is expected for this org.	ai	2026/05/16
provenance	slsa-provenance	AI (provenance): Cloudflare official CI publishes this package with Sigstore/SLSA attestation; stable signal across versions.	ai	2026/04/29

Versions (showing 51 of 86)

View all versions

Version	Deps	Published
0.10.3	4 / 5	2026-05-27
0.10.2	4 / 5	2026-05-21
0.10.1	4 / 5	2026-05-11
0.10.0	4 / 5	2026-05-07
0.9.4	4 / 5	2026-05-06
0.9.3	4 / 5	2026-05-05
0.9.2	4 / 5	2026-04-29
0.9.1	4 / 5	2026-04-27
0.9.0	3 / 5	2026-04-24
0.8.14	3 / 5	2026-04-24
0.8.11	3 / 5	2026-04-15
0.8.10	2 / 5	2026-04-13
0.8.9	2 / 5	2026-04-10
0.8.8	2 / 5	2026-04-09
0.8.7	2 / 5	2026-04-08
0.8.6	2 / 5	2026-04-07
0.8.5	2 / 5	2026-04-07
0.8.4	2 / 5	2026-04-01
0.8.3	2 / 5	2026-04-01
0.8.2	2 / 5	2026-04-01
0.8.1	2 / 5	2026-03-30
0.8.0	2 / 5	2026-03-26
0.7.21	2 / 5	2026-03-26
0.7.20	2 / 5	2026-03-24
0.7.19	2 / 5	2026-03-23
0.7.18	2 / 5	2026-03-16
0.7.17	2 / 5	2026-03-10
0.7.16	2 / 5	2026-03-10
0.7.15	2 / 5	2026-03-10
0.7.14	2 / 5	2026-03-09
0.7.13	2 / 5	2026-03-06
0.7.12	2 / 5	2026-03-05
0.7.11	2 / 5	2026-03-04
0.7.10	2 / 4	2026-03-03
0.7.8	2 / 4	2026-02-27
0.7.7	2 / 4	2026-02-27
0.7.6	2 / 4	2026-02-25
0.7.5	2 / 4	2026-02-20
0.7.4	1 / 4	2026-02-13
0.7.3	1 / 4	2026-02-13
0.7.2	1 / 4	2026-02-11
0.7.1	1 / 4	2026-02-09
0.7.0	1 / 3	2026-01-14
0.6.11	1 / 3	2026-01-13
0.6.10	1 / 3	2026-01-06
0.6.9	1 / 3	2026-01-05
0.6.7	1 / 3	2025-12-18
0.6.6	1 / 3	2025-12-12
0.6.5	1 / 3	2025-12-11
0.6.4	1 / 3	2025-12-10
0.6.3	1 / 2	2025-12-05

v0.10.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.9.4

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.9.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.9.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.9.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.14

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.11

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.10

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.8

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.7

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.6

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.5

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.4

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.0

2 findings

HIGH Publisher changed: wrangler-publisher → GitHub Actions (on 2026-03-26) provenance

This version was published by a different npm account than previous versions on 2026-03-26. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.7.21

2 findings

HIGH Publisher changed: wrangler-publisher → GitHub Actions (on 2026-03-26) provenance

This version was published by a different npm account than previous versions on 2026-03-26. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.7.20

2 findings

HIGH Publisher changed: wrangler-publisher → GitHub Actions (on 2026-03-24) provenance

This version was published by a different npm account than previous versions on 2026-03-24. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.7.19

2 findings

HIGH Publisher changed: wrangler-publisher → GitHub Actions (on 2026-03-23) provenance

This version was published by a different npm account than previous versions on 2026-03-23. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.7.18

2 findings

HIGH Publisher changed: wrangler-publisher → GitHub Actions (on 2026-03-16) provenance

This version was published by a different npm account than previous versions on 2026-03-16. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.7.17

2 findings

HIGH Publisher changed: wrangler-publisher → GitHub Actions (on 2026-03-10) provenance

This version was published by a different npm account than previous versions on 2026-03-10. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.7.16

2 findings

HIGH Publisher changed: wrangler-publisher → GitHub Actions (on 2026-03-10) provenance

This version was published by a different npm account than previous versions on 2026-03-10. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.7.15

2 findings

HIGH Publisher changed: wrangler-publisher → GitHub Actions (on 2026-03-10) provenance

This version was published by a different npm account than previous versions on 2026-03-10. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.7.14

2 findings

HIGH Publisher changed: wrangler-publisher → GitHub Actions (on 2026-03-09) provenance

This version was published by a different npm account than previous versions on 2026-03-09. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.7.13

2 findings

HIGH Publisher changed: wrangler-publisher → GitHub Actions (on 2026-03-06) provenance

This version was published by a different npm account than previous versions on 2026-03-06. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.7.12

2 findings

HIGH Publisher changed: wrangler-publisher → GitHub Actions (on 2026-03-05) provenance

This version was published by a different npm account than previous versions on 2026-03-05. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.7.11

2 findings

HIGH Publisher changed: wrangler-publisher → GitHub Actions (on 2026-03-04) provenance

This version was published by a different npm account than previous versions on 2026-03-04. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.7.10

2 findings

HIGH Publisher changed: wrangler-publisher → GitHub Actions (on 2026-03-03) provenance

This version was published by a different npm account than previous versions on 2026-03-03. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.7.8

2 findings

HIGH Publisher changed: wrangler-publisher → GitHub Actions (on 2026-02-27) provenance

This version was published by a different npm account than previous versions on 2026-02-27. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.7.7

2 findings

HIGH Publisher changed: wrangler-publisher → GitHub Actions (on 2026-02-27) provenance

This version was published by a different npm account than previous versions on 2026-02-27. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.7.6

2 findings

HIGH Publisher changed: wrangler-publisher → GitHub Actions (on 2026-02-25) provenance

This version was published by a different npm account than previous versions on 2026-02-25. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.7.5

2 findings

HIGH Publisher changed: wrangler-publisher → GitHub Actions (on 2026-02-20) provenance

This version was published by a different npm account than previous versions on 2026-02-20. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.7.4

2 findings

HIGH Publisher changed: wrangler-publisher → GitHub Actions (on 2026-02-13) provenance

This version was published by a different npm account than previous versions on 2026-02-13. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.7.3

2 findings

HIGH Publisher changed: wrangler-publisher → GitHub Actions (on 2026-02-13) provenance

This version was published by a different npm account than previous versions on 2026-02-13. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.7.2

2 findings

HIGH Publisher changed: wrangler-publisher → GitHub Actions (on 2026-02-11) provenance

This version was published by a different npm account than previous versions on 2026-02-11. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.7.1

2 findings

HIGH Publisher changed: wrangler-publisher → GitHub Actions (on 2026-02-09) provenance

This version was published by a different npm account than previous versions on 2026-02-09. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.7.0

2 findings

HIGH Publisher changed: wrangler-publisher → GitHub Actions (on 2026-01-14) provenance

This version was published by a different npm account than previous versions on 2026-01-14. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.6.11

2 findings

HIGH Publisher changed: wrangler-publisher → GitHub Actions (on 2026-01-13) provenance

This version was published by a different npm account than previous versions on 2026-01-13. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.6.10

2 findings

HIGH Publisher changed: wrangler-publisher → GitHub Actions (on 2026-01-06) provenance

This version was published by a different npm account than previous versions on 2026-01-06. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.6.9

2 findings

HIGH Publisher changed: wrangler-publisher → GitHub Actions (on 2026-01-05) provenance

This version was published by a different npm account than previous versions on 2026-01-05. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.6.7

2 findings

HIGH Publisher changed: wrangler-publisher → GitHub Actions (on 2025-12-18) provenance

This version was published by a different npm account than previous versions on 2025-12-18. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.6.6

2 findings

HIGH Publisher changed: wrangler-publisher → GitHub Actions (on 2025-12-12) provenance

This version was published by a different npm account than previous versions on 2025-12-12. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.6.5

2 findings

HIGH Publisher changed: wrangler-publisher → GitHub Actions (on 2025-12-11) provenance

This version was published by a different npm account than previous versions on 2025-12-11. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.6.4

2 findings

HIGH Publisher changed: wrangler-publisher → GitHub Actions (on 2025-12-10) provenance

This version was published by a different npm account than previous versions on 2025-12-10. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.6.3

2 findings

HIGH Publisher changed: wrangler-publisher → GitHub Actions (on 2025-12-05) provenance

This version was published by a different npm account than previous versions on 2025-12-05. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.