← Home

@cubejs-backend/testing-drivers

npm Repository Homepage

Cube.js drivers test suite

51
Versions
MIT
License
No
Install Scripts
Verified
Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

cubedevincstatsbotkeydunovmaxim_cube

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
publish-pattern dormant-publish AI (publish-pattern): Large monorepo package with 444 versions; SLSA provenance confirms CI/CD publishing; dormancy reflects sub-package cadence, not account takeover risk. ai
dependencies unvetted-dep:@cubejs-backend/dotenv AI (dependencies): Same org scope (@cubejs-backend); internal dependency used consistently across the monorepo. ai
phantom-deps phantom-dep:@cubejs-backend/mysql-driver AI (phantom-deps): Same-org monorepo test package; drivers loaded dynamically by test suite. ai
phantom-deps phantom-dep:@cubejs-backend/athena-driver AI (phantom-deps): Same-org monorepo test package; drivers loaded dynamically by test suite. ai
phantom-deps phantom-dep:@cubejs-backend/testing-shared AI (phantom-deps): Same-org monorepo test package; loaded dynamically by test suite. ai
phantom-deps phantom-dep:@cubejs-backend/bigquery-driver AI (phantom-deps): Same-org monorepo test package; drivers loaded dynamically by test suite. ai
phantom-deps phantom-dep:@cubejs-backend/postgres-driver AI (phantom-deps): Same-org monorepo test package; drivers loaded dynamically by test suite. ai
phantom-deps phantom-dep:@cubejs-client/ws-transport AI (phantom-deps): Same-org monorepo test package; drivers loaded dynamically by test suite, not direct imports. ai
phantom-deps phantom-dep:@cubejs-backend/snowflake-driver AI (phantom-deps): Same-org monorepo test package; drivers loaded dynamically by test suite. ai
phantom-deps phantom-dep:@cubejs-backend/clickhouse-driver AI (phantom-deps): Same-org monorepo test package; drivers loaded dynamically by test suite. ai
phantom-deps phantom-dep:@cubejs-backend/query-orchestrator AI (phantom-deps): Same-org monorepo test package; loaded dynamically by test suite. ai
phantom-deps phantom-dep:@cubejs-backend/databricks-jdbc-driver AI (phantom-deps): Same-org monorepo test package; drivers loaded dynamically by test suite. ai
phantom-deps phantom-dep:@cubejs-backend/cubestore-driver AI (phantom-deps): Same-org monorepo test package; drivers loaded dynamically by test suite. ai
phantom-deps phantom-dep:@cubejs-backend/mssql-driver AI (phantom-deps): Same-org monorepo test package; drivers loaded dynamically by test suite. ai
phantom-deps phantom-dep:@cubejs-client/core AI (phantom-deps): Same-org sibling used in tests; stable false positive. ai
phantom-deps phantom-dep:@cubejs-backend/dotenv AI (phantom-deps): Same-org sibling; stable false positive for this monorepo package. ai
phantom-deps phantom-dep:@cubejs-backend/linter AI (phantom-deps): Same-org sibling; stable false positive. ai
phantom-deps phantom-dep:typescript AI (phantom-deps): Build tool; loaded by tsc, not direct import. ai
phantom-deps phantom-dep:@cubejs-backend/base-driver AI (phantom-deps): Same-org sibling; stable false positive. ai
phantom-deps phantom-dep:@cubejs-backend/server-core AI (phantom-deps): Same-org sibling; stable false positive. ai
phantom-deps phantom-dep:@cubejs-backend/shared AI (phantom-deps): Same-org sibling; stable false positive. ai
phantom-deps phantom-dep:@types/jest AI (phantom-deps): Framework-scoped type package; stable false positive. ai
phantom-deps phantom-dep:@types/node AI (phantom-deps): Framework-scoped type package; stable false positive. ai
phantom-deps phantom-dep:jsonwebtoken AI (phantom-deps): Used in test auth helpers; stable false positive. ai
phantom-deps phantom-dep:@jest/globals AI (phantom-deps): Framework-scoped; stable false positive. ai
phantom-deps phantom-dep:testcontainers AI (phantom-deps): Used in test setup; stable false positive. ai
phantom-deps phantom-dep:pg AI (phantom-deps): Testing package; pg used in test configs, not directly imported in src. ai
phantom-deps phantom-dep:jest AI (phantom-deps): Test runner loaded by convention, not direct import. ai
phantom-deps phantom-dep:yaml AI (phantom-deps): Used in test config files; stable false positive for this package. ai
phantom-deps phantom-dep:ramda AI (phantom-deps): Used in test helpers; stable false positive for this package. ai
phantom-deps phantom-dep:yargs AI (phantom-deps): Used in test CLI scripts; stable false positive for this package. ai
phantom-deps phantom-dep:dotenv AI (phantom-deps): Loaded via config in test environment; stable false positive. ai
phantom-deps phantom-dep:env-var AI (phantom-deps): Used in test config; stable false positive for this package. ai
phantom-deps phantom-dep:fs-extra AI (phantom-deps): Used in test utilities; stable false positive. ai

Versions (showing 51 of 71)

View all versions
Version Deps Published
1.6.54 32 / 0
1.6.53 32 / 0
1.6.52 32 / 0
1.6.51 32 / 0
1.6.50 32 / 0
1.6.49 32 / 0
1.6.48 32 / 0
1.6.47 32 / 0
1.6.46 32 / 0
1.6.45 32 / 0
1.6.44 32 / 0
1.6.43 32 / 0
1.6.42 32 / 0
1.6.41 32 / 0
1.6.40 32 / 0
1.6.39 32 / 0
1.6.38 32 / 0
1.6.37 32 / 0
1.6.36 32 / 0
1.6.35 32 / 0
1.6.34 32 / 0
1.6.33 32 / 0
1.6.32 32 / 0
1.6.31 32 / 0
1.6.30 32 / 0
1.6.29 32 / 0
1.6.28 32 / 0
1.6.27 32 / 0
1.6.26 32 / 0
1.6.25 32 / 0
1.6.24 32 / 0
1.6.23 32 / 0
1.6.22 32 / 0
1.6.21 32 / 0
1.6.20 32 / 0
1.6.19 32 / 0
1.6.18 32 / 0
1.6.17 32 / 0
1.6.16 32 / 0
1.6.15 32 / 0
1.6.14 32 / 0
1.6.13 32 / 0
1.6.12 32 / 0
1.6.11 32 / 0
1.6.10 32 / 0
1.6.9 32 / 0
1.6.8 32 / 0
1.6.7 32 / 0
1.6.6 32 / 0
1.6.5 32 / 0
1.6.4 32 / 0

v1.6.54

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.53

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.52

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.51

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.50

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.49

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.48

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.47

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.46

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.45

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.44

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.43

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.42

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.41

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.40

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.39

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.38

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.37

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.36

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.35

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.34

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.33

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.32

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.31

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.30

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.29

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.28

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.27

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.26

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.25

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.24

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.23

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.22

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.21

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.20

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.19

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.18

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.17

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.16

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.15

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.14

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.13

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.12

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.11

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.10

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.9

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.8

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.7

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.6

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.5

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.4

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.