@coveo/platform-client
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| maintainer-change | maintainer-removed | AI (maintainer-change): Coveo org migrated to GitHub Actions CI publishing with SLSA attestation; removal of individual maintainers is expected. | ai | |
| publish-pattern | dormant-publish | AI (publish-pattern): SLSA provenance attestation confirms CI/CD publish; Coveo org package with 265 versions and clean diff. | ai | |
| dependencies | unvetted-dep:query-string-cjs | AI (dependencies): Alias for query-string@^7 used for CJS/ESM dual-output; stable pattern for this package. | ai | |
| dependencies | unvetted-dep:query-string-esm | AI (dependencies): Alias for query-string@^9 used for CJS/ESM dual-output; stable pattern for this package. | ai |
Versions (showing 13 of 13)
| Version | Deps | Published |
|---|---|---|
| 68.2.0 | 4 / 22 | |
| 68.1.0 | 4 / 22 | |
| 68.0.0 | 4 / 22 | |
| 67.0.0 | 4 / 22 | |
| 66.0.0 | 4 / 22 | |
| 65.0.0 | 4 / 22 | |
| 61.5.1 | 4 / 22 | |
| 61.3.0 | 4 / 22 | |
| 61.2.0 | 4 / 22 | |
| 61.1.0 | 4 / 22 | |
| 61.0.0 | 4 / 22 | |
| 60.8.0 | 4 / 22 | |
| 60.7.1 | 4 / 22 |
v68.2.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v68.1.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v68.0.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v67.0.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v66.0.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v65.0.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v61.5.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v61.3.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v61.2.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v61.1.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v61.0.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v60.8.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v60.7.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.