@digabi/exam-engine-mastering

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

eetu.ikonenvexterieerojantunenismomehdimaria.osualalnaalisvjwinter5villejokelaemsknocklinusw-rchrysalis-brobin.lundelljarkkoskytpejuamjan-aleksijerenurminenheikki.mantereogresoundsamuliheljomtreinikmplattu-mebntobiassonaateekoohennaakskos

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
maintainer-change	maintainer-added	AI (maintainer-change): Established org package with SLSA provenance; maintainer addition appears to be a legitimate org change.	ai	2026/05/30
dependencies	unvetted-dep:ffprobe	AI (dependencies): ffprobe is a legitimate media-probing library; expected for exam-engine mastering use case.	ai	2026/05/15
dependencies	unvetted-dep:libxmljs2	AI (dependencies): libxmljs2 is a well-known XML parsing library; appropriate for exam content processing.	ai	2026/05/15
dependencies	unvetted-dep:mathjax-node	AI (dependencies): mathjax-node is the standard server-side MathJax renderer; expected in an exam engine.	ai	2026/05/15
bogus-package	bogus-package	AI (bogus-package): Internal tooling package from Finland's Matriculation Examination Board; metadata gaps are cosmetic, not indicative of spam/malware.	ai	2026/05/15
npm-metadata	no-description	AI (npm-metadata): Consistent across 573 versions of this internal tooling package; not a malware signal.	ai	2026/05/15
phantom-deps	phantom-dep:@digabi/exam-engine-rendering	AI (phantom-deps): Same-org sibling package; declared as a runtime dep and expected not to be directly imported in this mastering package.	ai	2026/05/15

Versions (showing 9 of 9)

Version	Deps	Published
23.23.0	11 / 0	2026-05-15
23.22.4	11 / 0	2026-05-13
23.22.1	11 / 0	2026-04-29
23.22.0	11 / 0	2026-03-10
23.21.0	11 / 0	2025-11-28
23.20.6	11 / 0	2025-11-12
23.14.4	11 / 0	2025-06-06
23.14.1	11 / 0	2025-06-03
23.13.2	11 / 0	2025-05-02