@cydm/pie
Pie AI Agent CLI
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:dist/chunks/typescript-GSKWJIO4.js | AI (source-diff): File is the bundled TypeScript compiler (typescript.js); minified by design, not obfuscated malware. | ai | |
| typosquat | typosquat.levenshtein:pg | AI (typosquat): Scoped AI CLI package; edit-distance match to 'pg' is coincidental. | ai | |
| typosquat | typosquat.levenshtein:pino | AI (typosquat): Scoped AI CLI package; edit-distance match to 'pino' is coincidental. | ai | |
| phantom-deps | phantom-dep:diff | AI (phantom-deps): Listed as runtime dep; phantom-dep heuristic likely misses indirect/dynamic usage in CLI bundle. | ai | |
| typosquat | typosquat.levenshtein:vite | AI (typosquat): Scoped AI CLI package; edit-distance match to 'vite' is coincidental, not impersonation. | ai | |
| phantom-deps | phantom-dep:cli-highlight | AI (phantom-deps): CLI output dep; likely used dynamically in bundled dist, not statically imported. | ai | |
| phantom-deps | phantom-dep:@sinclair/typebox | AI (phantom-deps): Schema validation dep; may be used indirectly via bundled code. | ai | |
| phantom-deps | phantom-dep:koffi | AI (phantom-deps): Native FFI binding; may be loaded conditionally at runtime, not statically imported. | ai |
Versions (showing 22 of 22)
| Version | Deps | Published |
|---|---|---|
| 1.0.19 | 8 / 12 | |
| 1.0.18 | 8 / 12 | |
| 1.0.17 | 8 / 12 | |
| 1.0.16 | 8 / 12 | |
| 1.0.15 | 8 / 12 | |
| 1.0.14 | 8 / 12 | |
| 1.0.13 | 8 / 12 | |
| 1.0.12 | 8 / 12 | |
| 1.0.11 | 8 / 12 | |
| 1.0.10 | 8 / 12 | |
| 1.0.9 | 8 / 12 | |
| 1.0.8 | 8 / 12 | |
| 1.0.7 | 8 / 12 | |
| 1.0.6 | 6 / 11 | |
| 1.0.5 | 6 / 13 | |
| 1.0.4 | 6 / 13 | |
| 1.0.3 | 6 / 13 | |
| 1.0.2 | 6 / 13 | |
| 1.0.1 | 6 / 13 | |
| 1.0.0 | 6 / 13 | |
| 0.1.1 | 6 / 13 | |
| 0.1.0 | 6 / 13 |
v1.0.19
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.18
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.17
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.16
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.15
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.14
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.12
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.11
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.10
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.9
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.8
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.7
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.6
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.5
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.4
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.