@cloudtower/parrot — Greenflagged

i18n modules for cloudtower sparrow and eagle

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

qinghua.cui_smartcqh963852netwengtanbowensgcloudtower-fe

Keywords

i18ni18nexttypescripttower

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
provenance	publisher-changed	AI (provenance): Transition to GitHub Actions CI publisher is confirmed by SLSA provenance attestation; legitimate automation handoff.	ai	2026/05/01
publish-pattern	rapid-publish	AI (publish-pattern): Automated CI/CD pipeline explains rapid successive publishes for this package.	ai	2026/05/01

Versions (showing 51 of 54)

View all versions

Version	Deps	Published
4100.0.9	2 / 11	2026-05-20
4100.0.8	2 / 11	2026-05-19
4100.0.7	2 / 11	2026-04-30
4100.0.6	2 / 11	2026-04-30
4100.0.5	2 / 11	2026-04-30
4100.0.3	2 / 11	2026-04-29
4100.0.2	2 / 11	2026-04-27
4100.0.1	2 / 11	2026-04-24
4100.0.0	2 / 11	2026-04-22
490.0.15	2 / 11	2026-04-22
490.0.14	2 / 11	2026-04-17
490.0.13	2 / 11	2026-04-09
490.0.12	2 / 11	2026-04-09
490.0.11	2 / 11	2026-04-02
490.0.10	2 / 11	2026-04-02
490.0.9	2 / 11	2026-03-31
490.0.8	2 / 11	2026-03-26
490.0.7	2 / 11	2026-03-18
490.0.6	2 / 11	2026-03-11
490.0.5	2 / 11	2026-02-27
490.0.4	2 / 11	2026-02-26
490.0.3	2 / 11	2026-02-06
490.0.2	2 / 11	2026-01-28
490.0.1	2 / 11	2026-01-26
490.0.0	2 / 11	2026-01-26
481.0.3	2 / 11	2026-03-18
481.0.2	2 / 11	2026-01-19
0.35.9	2 / 11	2026-01-16
0.35.8	2 / 11	2026-01-15
0.35.7	2 / 11	2026-01-14
0.35.6	2 / 11	2026-01-08
0.35.5	2 / 11	2026-01-04
0.35.4	2 / 11	2025-12-23
0.35.3	2 / 11	2025-12-16
0.35.2	2 / 11	2025-12-10
0.34.31	2 / 11	2025-12-24
0.34.30	2 / 11	2025-12-23
0.34.29	2 / 11	2025-12-22
0.34.28	2 / 11	2025-12-18
0.34.27	2 / 11	2025-12-11
0.34.26	2 / 11	2025-12-11
0.34.25	2 / 11	2025-12-05
0.34.24	2 / 11	2025-11-26
0.34.23	2 / 11	2025-11-20
0.34.22	2 / 11	2025-11-19
0.34.21	2 / 11	2025-11-19
0.34.20	2 / 11	2025-11-17
0.34.19	2 / 11	2025-11-17
0.34.18	2 / 11	2025-11-10
0.34.17	2 / 11	2025-11-05
0.33.56	2 / 11	2026-01-16

v4100.0.9

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4100.0.8

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4100.0.7

2 findings

HIGH Publisher changed: netweng → GitHub Actions (on 2026-04-30) provenance

This version was published by a different npm account than previous versions on 2026-04-30. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4100.0.6

2 findings

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

INFO Publisher changed: netweng → GitHub Actions (on 2026-04-30) provenance

[Accepted risk] This version was published by a different npm account than previous versions on 2026-04-30. This could indicate a legitimate maintainer transition or an account compromise.

v4100.0.5

2 findings

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

INFO Publisher changed: netweng → GitHub Actions (on 2026-04-30) provenance

[Accepted risk] This version was published by a different npm account than previous versions on 2026-04-30. This could indicate a legitimate maintainer transition or an account compromise.