@editframe/api
API functions for EditFrame
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| typosquat | typosquat.levenshtein:hapi | AI (typosquat): Scoped @editframe package with 204 versions; not a typosquat of hapi. | ai | |
| typosquat | typosquat.levenshtein:pg | AI (typosquat): Scoped @editframe package; Levenshtein match to pg is coincidental. | ai | |
| typosquat | typosquat.levenshtein:joi | AI (typosquat): Scoped @editframe package; Levenshtein match to joi is coincidental. | ai | |
| typosquat | typosquat.levenshtein:ajv | AI (typosquat): Scoped @editframe package; Levenshtein match to ajv is coincidental. | ai |
Versions (showing 51 of 77)
| Version | Deps | Published |
|---|---|---|
| 0.57.6 | 10 / 5 | |
| 0.57.5 | 10 / 5 | |
| 0.57.4 | 10 / 5 | |
| 0.57.3 | 10 / 5 | |
| 0.57.2 | 10 / 5 | |
| 0.57.1 | 10 / 5 | |
| 0.57.0 | 10 / 5 | |
| 0.56.0 | 10 / 5 | |
| 0.55.2 | 10 / 5 | |
| 0.55.1 | 10 / 5 | |
| 0.54.2 | 10 / 5 | |
| 0.54.1 | 10 / 5 | |
| 0.54.0 | 10 / 5 | |
| 0.53.3 | 10 / 5 | |
| 0.53.2 | 10 / 5 | |
| 0.53.1 | 10 / 5 | |
| 0.53.0 | 10 / 5 | |
| 0.52.1 | 10 / 5 | |
| 0.52.0 | 10 / 5 | |
| 0.51.9 | 10 / 5 | |
| 0.51.8 | 10 / 5 | |
| 0.51.7 | 10 / 5 | |
| 0.51.6 | 10 / 5 | |
| 0.51.5 | 10 / 5 | |
| 0.51.4 | 10 / 5 | |
| 0.51.3 | 10 / 5 | |
| 0.51.2 | 10 / 5 | |
| 0.51.1 | 10 / 5 | |
| 0.51.0 | 10 / 5 | |
| 0.50.1 | 10 / 5 | |
| 0.50.0 | 10 / 5 | |
| 0.49.7 | 10 / 5 | |
| 0.49.6 | 10 / 5 | |
| 0.49.5 | 10 / 5 | |
| 0.49.4 | 10 / 5 | |
| 0.49.3 | 10 / 5 | |
| 0.49.2 | 10 / 5 | |
| 0.49.1 | 10 / 5 | |
| 0.49.0 | 10 / 5 | |
| 0.48.1 | 10 / 5 | |
| 0.48.0 | 10 / 5 | |
| 0.47.2 | 10 / 5 | |
| 0.47.1 | 10 / 5 | |
| 0.47.0 | 10 / 5 | |
| 0.46.4 | 10 / 5 | |
| 0.46.2 | 10 / 5 | |
| 0.46.1 | 10 / 5 | |
| 0.46.0 | 10 / 5 | |
| 0.45.8 | 10 / 5 | |
| 0.45.6 | 10 / 5 | |
| 0.45.5 | 10 / 5 |
v0.57.6
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.57.5
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.57.4
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.57.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.57.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.57.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.57.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.56.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.55.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.55.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.54.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.54.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.54.0
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.53.3
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.53.2
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.53.1
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.53.0
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.52.1
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.52.0
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.51.9
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.51.8
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.51.7
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.51.6
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.51.5
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.51.4
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.51.3
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.51.2
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.51.1
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.51.0
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.50.1
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.50.0
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.49.7
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.49.6
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.49.5
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.49.4
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.49.3
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.49.2
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.49.1
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.49.0
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.48.1
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.48.0
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.47.2
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.47.1
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.47.0
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.46.4
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.46.2
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.46.1
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.46.0
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.45.8
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.45.6
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.45.5
2 findingsPackage name '@editframe/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.