@dfosco/storyboard
Storyboard prototyping framework — core engine, React integration, and canvas
Supply chain provenance
Status for the latest visible version.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| phantom-deps | phantom-dep:@codemirror/lang-javascript | AI (phantom-deps): Optional peer dep; phantom-dep false positive. | ai | |
| phantom-deps | phantom-dep:@codemirror/state | AI (phantom-deps): Optional peer dep; phantom-dep false positive. | ai | |
| phantom-deps | phantom-dep:@codemirror/search | AI (phantom-deps): Optional peer dep; phantom-dep false positive. | ai | |
| phantom-deps | phantom-dep:@codemirror/commands | AI (phantom-deps): Optional peer dep; phantom-dep false positive. | ai | |
| phantom-deps | phantom-dep:@codemirror/lang-css | AI (phantom-deps): Optional peer dep; phantom-dep false positive. | ai | |
| phantom-deps | phantom-dep:@codemirror/language | AI (phantom-deps): Optional peer dep; phantom-dep false positive. | ai | |
| phantom-deps | phantom-dep:@codemirror/lang-html | AI (phantom-deps): Optional peer dep; phantom-dep false positive. | ai | |
| phantom-deps | phantom-dep:@codemirror/lang-json | AI (phantom-deps): Optional peer dep; phantom-dep false positive. | ai | |
| phantom-deps | phantom-dep:@codemirror/lang-yaml | AI (phantom-deps): Optional peer dep; phantom-dep false positive. | ai | |
| phantom-deps | phantom-dep:@codemirror/lang-python | AI (phantom-deps): Optional peer dep; phantom-dep false positive. | ai | |
| phantom-deps | phantom-dep:@codemirror/autocomplete | AI (phantom-deps): Optional peer dep; phantom-dep false positive. | ai | |
| phantom-deps | phantom-dep:@codemirror/lang-markdown | AI (phantom-deps): Optional peer dep; phantom-dep false positive. | ai | |
| phantom-deps | phantom-dep:@codemirror/theme-one-dark | AI (phantom-deps): Optional peer dep; phantom-dep false positive. | ai | |
| semgrep | semgrep:etc-passwd-access | AI (semgrep): Appears only in a test asserting that /etc/passwd path traversal is blocked — not credential harvesting. | ai | |
| semgrep | semgrep:eval-usage | AI (semgrep): eval() is in a test file validating inline bootstrap script output, not production code. | ai | |
| phantom-deps | phantom-dep:codemirror | AI (phantom-deps): Declared as optional peer dep; referenced in config files — phantom-dep heuristic false positive for this package. | ai | |
| phantom-deps | phantom-dep:@mdx-js/mdx | AI (phantom-deps): Declared as optional peer dep; referenced in config files — phantom-dep heuristic false positive. | ai | |
| phantom-deps | phantom-dep:@codemirror/view | AI (phantom-deps): Optional peer dep; phantom-dep false positive. | ai | |
| semgrep | semgrep:silent-process-exec | AI (semgrep): Detached spawn of 'npx storyboard dev' is the documented worktree dev-server feature. | ai | |
| semgrep | semgrep:silent-process-exec-var | AI (semgrep): Same detached dev-server spawn as silent-process-exec; legitimate CLI tooling pattern. | ai | |
| semgrep | semgrep:base64-decode | AI (semgrep): Decodes base64 image data with size guard — standard image handling, not payload execution. | ai | |
| semgrep | semgrep:env-bulk-read | AI (semgrep): Enumerates env keys to unset shell config vars inside tmux — legitimate terminal isolation logic. | ai | |
| semgrep | semgrep:toplevel-fetch | AI (semgrep): POSTs to local storyboard server endpoint for agent spawn — internal IPC, not exfiltration. | ai | |
| phantom-deps | phantom-dep:zod | AI (phantom-deps): Used in config schema; phantom-dep heuristic misses config-file imports. | ai | |
| phantom-deps | phantom-dep:iconoir | AI (phantom-deps): Referenced in config files; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:ansi-to-html | AI (phantom-deps): Referenced in config files; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:html-to-image | AI (phantom-deps): Referenced in config files; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@toon-format/toon | AI (phantom-deps): Referenced in config files; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@radix-ui/react-visually-hidden | AI (phantom-deps): Referenced in config files; stable false positive for this package. | ai | |
| semgrep | semgrep:env-spread | AI (semgrep): Passes process.env to spawned terminal process — required for terminal emulation functionality. | ai |
Versions (showing 31 of 31)
| Version | Deps | Published |
|---|---|---|
| 0.10.2 | 38 / 10 | |
| 0.10.1 | 38 / 10 | |
| 0.10.0 | 38 / 10 | |
| 0.9.6 | 22 / 10 | |
| 0.9.5 | 22 / 10 | |
| 0.9.4 | 22 / 10 | |
| 0.9.3 | 22 / 10 | |
| 0.9.2 | 22 / 10 | |
| 0.9.1 | 22 / 10 | |
| 0.9.0 | 20 / 12 | |
| 0.8.1 | 20 / 12 | |
| 0.8.0 | 22 / 12 | |
| 0.7.1 | 22 / 12 | |
| 0.7.0 | 22 / 12 | |
| 0.6.16 | 22 / 12 | |
| 0.6.15 | 22 / 12 | |
| 0.6.14 | 22 / 12 | |
| 0.6.13 | 22 / 12 | |
| 0.6.12 | 22 / 12 | |
| 0.6.11 | 22 / 12 | |
| 0.6.10 | 22 / 12 | |
| 0.6.9 | 22 / 12 | |
| 0.6.8 | 22 / 12 | |
| 0.6.7 | 22 / 12 | |
| 0.6.6 | 22 / 12 | |
| 0.6.5 | 22 / 12 | |
| 0.6.4 | 22 / 12 | |
| 0.6.3 | 22 / 12 | |
| 0.6.2 | 22 / 12 | |
| 0.6.1 | 22 / 12 | |
| 0.6.0 | 22 / 12 |
v0.10.2
4 findingsAccessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/dfosco/storyboard/blob/1995ae558aeb3fbcef8dde6373921d5ef67a6e6e/src/core/file/__tests__/tree.test.js#L33 31 | 32 | it('rejects path outside repo root', () => { > 33 | expect(isPathAllowed(root, '/etc/passwd', {})).toBe(false) 34 | }) 35 |
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/dfosco/storyboard/blob/1995ae558aeb3fbcef8dde6373921d5ef67a6e6e/src/internals/canvas/CanvasPage.dragdrop.test.jsx#L482 480 | json: async () => ({ 481 | results: [ > 482 | { ok: false, reason: 'outside_repo', absPath: '/etc/passwd' }, 483 | { ok: true, kind: 'file', path: 'src/ok.md' }, 484 | ],
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/dfosco/storyboard/blob/1995ae558aeb3fbcef8dde6373921d5ef67a6e6e/src/internals/canvas/CanvasPage.dragdrop.test.jsx#L493 491 | const dropEvent = new Event('drop', { bubbles: true, cancelable: true }) 492 | dropEvent.dataTransfer = createUriListTransfer( > 493 | 'file:///etc/passwd\nfile:///Users/me/repo/src/ok.md', 494 | ) 495 | dropEvent.clientX = 100
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.1
4 findingsAccessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/dfosco/storyboard/blob/0178bfda260dc4088b3d5deb9518d744b97a5f63/src/core/file/__tests__/tree.test.js#L33 31 | 32 | it('rejects path outside repo root', () => { > 33 | expect(isPathAllowed(root, '/etc/passwd', {})).toBe(false) 34 | }) 35 |
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/dfosco/storyboard/blob/0178bfda260dc4088b3d5deb9518d744b97a5f63/src/internals/canvas/CanvasPage.dragdrop.test.jsx#L482 480 | json: async () => ({ 481 | results: [ > 482 | { ok: false, reason: 'outside_repo', absPath: '/etc/passwd' }, 483 | { ok: true, kind: 'file', path: 'src/ok.md' }, 484 | ],
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/dfosco/storyboard/blob/0178bfda260dc4088b3d5deb9518d744b97a5f63/src/internals/canvas/CanvasPage.dragdrop.test.jsx#L493 491 | const dropEvent = new Event('drop', { bubbles: true, cancelable: true }) 492 | dropEvent.dataTransfer = createUriListTransfer( > 493 | 'file:///etc/passwd\nfile:///Users/me/repo/src/ok.md', 494 | ) 495 | dropEvent.clientX = 100
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.0
4 findingsAccessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/dfosco/storyboard/blob/9c6630b8b7f6d29504d51d3539b111e91903e55d/src/core/file/__tests__/tree.test.js#L33 31 | 32 | it('rejects path outside repo root', () => { > 33 | expect(isPathAllowed(root, '/etc/passwd', {})).toBe(false) 34 | }) 35 |
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/dfosco/storyboard/blob/9c6630b8b7f6d29504d51d3539b111e91903e55d/src/internals/canvas/CanvasPage.dragdrop.test.jsx#L482 480 | json: async () => ({ 481 | results: [ > 482 | { ok: false, reason: 'outside_repo', absPath: '/etc/passwd' }, 483 | { ok: true, kind: 'file', path: 'src/ok.md' }, 484 | ],
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/dfosco/storyboard/blob/9c6630b8b7f6d29504d51d3539b111e91903e55d/src/internals/canvas/CanvasPage.dragdrop.test.jsx#L493 491 | const dropEvent = new Event('drop', { bubbles: true, cancelable: true }) 492 | dropEvent.dataTransfer = createUriListTransfer( > 493 | 'file:///etc/passwd\nfile:///Users/me/repo/src/ok.md', 494 | ) 495 | dropEvent.clientX = 100
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.6
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.5
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.8.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.8.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.16
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.15
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.14
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.13
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.12
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.11
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.10
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.9
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.8
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.7
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.6
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.5
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.0
8 findingsSpreading entire process.env into an object — may capture all secrets Source: https://github.com/dfosco/storyboard/blob/66740a078c3ae76538ecd63a55d891719d0bf81c/src/core/canvas/terminal-server.js#L801 799 | rows: 24, 800 | cwd: process.cwd(), > 801 | env: { ...process.env, TERM: 'xterm-256color', COLORTERM: 'truecolor' }, 802 | }) 803 | } catch (err) {
Spreading entire process.env into an object — may capture all secrets Source: https://github.com/dfosco/storyboard/blob/66740a078c3ae76538ecd63a55d891719d0bf81c/src/core/cli/dev.js#L234 232 | // In quiet mode swallow the spawned-setup output; verbose passes through. 233 | stdio: verbose ? 'inherit' : 'ignore', > 234 | env: { ...process.env, STORYBOARD_NO_BUDDY: '1' }, 235 | } 236 | )
Spreading entire process.env into an object — may capture all secrets Source: https://github.com/dfosco/storyboard/blob/66740a078c3ae76538ecd63a55d891719d0bf81c/src/core/cli/dev.js#L282 280 | cwd: targetCwd, 281 | stdio: verbose ? 'inherit' : ['inherit', 'pipe', 'pipe'], > 282 | env: { 283 | ...process.env, 284 | STORYBOARD_WORKTREE: worktreeName,
Silent detached process — runs invisibly in the background (reverse shells, miners) Source: https://github.com/dfosco/storyboard/blob/66740a078c3ae76538ecd63a55d891719d0bf81c/src/core/cli/server.js#L73 71 | p.log.step(`Spawning detached dev server for "${worktreeName}"…`) 72 | const npmBin = process.platform === 'win32' ? 'npx.cmd' : 'npx' > 73 | const child = spawn(npmBin, ['storyboard', 'dev'], { 74 | cwd: targetCwd, 75 | detached: true,
Silent detached process — runs invisibly in the background (reverse shells, miners) Source: https://github.com/dfosco/storyboard/blob/66740a078c3ae76538ecd63a55d891719d0bf81c/src/core/cli/server.js#L73 71 | p.log.step(`Spawning detached dev server for "${worktreeName}"…`) 72 | const npmBin = process.platform === 'win32' ? 'npx.cmd' : 'npx' > 73 | const child = spawn(npmBin, ['storyboard', 'dev'], { 74 | cwd: targetCwd, 75 | detached: true,
Spreading entire process.env into an object — may capture all secrets Source: https://github.com/dfosco/storyboard/blob/66740a078c3ae76538ecd63a55d891719d0bf81c/src/core/cli/server.js#L77 75 | detached: true, 76 | stdio: 'ignore', > 77 | env: { ...process.env }, 78 | }) 79 | child.unref()
Spreading entire process.env into an object — may capture all secrets Source: https://github.com/dfosco/storyboard/blob/66740a078c3ae76538ecd63a55d891719d0bf81c/src/core/cli/terminal-welcome.js#L67 65 | .filter(p => !p.endsWith('.storyboard/terminals/bin')) 66 | .join(':') > 67 | const env = { ...process.env, PATH: cleanPath } 68 | // Strip env vars that suppress colors in supports-color based CLIs 69 | delete env.CI
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.