← Home

@emartech/escher-request

npm Repository Homepage
6
Versions
License
No
Install Scripts
Verified
Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

mruellakapakaajknagyjfillmorenorbert-levajsics-emarsysmmartinbsoosemarsys-deployerdrahos.istvanjudgeemarsys-securitydaniel.bankyszeistmarton.papp.emarsysdgyeness.viktorm4w4q7david.barkoczidaniels1404xin.heqw3rtamas.tothgergaczdviaualkraepgrubmairbence.utoettancosepmartinigabor.balla.emarsysmzsomborejperssonllosonczyiben12kartonfarkasadamoapevabforgacszsomborhkozmangabor84andrasp3aedosreckifhasekkimakgaborbglendvailverasztobozsadamrdoczifentosiboristomicmbazsodmihaleklhalaszjason-nelson-01dsztankotbugarfqqdkcsabafarago-emarsyssarakollmmolnar-emarattila.galbenjamingehlrkumari03tdorkaalkonyalloki-emarsysmrmeszarosvarszegiki850773dfaragoestefanlesnjakovicmhunyadyatittelmarton.matuseksixstepsaphendricksjoergmmothersilljerryrichardsonarnaud.buchholzjamescockeradamszabolcsmengjiao.zhaoianhelmrichmmartin2dkorposjbleclercnvkaur2tbucsanszkipendicg24pinteraasciortino1nicolaeciumacdimitrovnmaurogrecobercziandnish343scotthetrickkonradscheweivanfroehlichzbalazsoemlermmattfeldhake_emarsysbborsisovagosapoonburcimark.adorjanxueboliangskrivookoloshjviesersapdrewhodsonsapcrileyiulianmihaimariannagbobby_russeldkocsis-emarsysmarko.fritzschedemajo_emstothmarci25tsiraitnpmplsapsseidmedroxanamsbencekadaremarviktor.szellccarrollemgeczirobertsap-nsdhruv-sapirvansapmarkjarvisrollandghtillmannreggarciarimo86arielkovacssapsevket-atasevenzhollerrobertoraczemarsyssamthomas02mfel0123luca.fasolino.sendomkefranziskajungandras.sarrodschuppaemarsys-stephen-ivesbencsorcsullagdputtadwolter_emarsysahorvath1991dr.jjisaacsontothbence8d056437ekkovatslhammerliabrahamandras-marton-emarsyssfarielschroedersteffendanielisaptkatona-sapboldizsarnagyllakatosgillyestade82dpkemarsyskarlabrandltonyhsapaidanlesh-sapnikolett.tarsridevirabieler-sapi534456daniel.balazslaszlo.oritroywiegandnoahdojanbcsizmadiaariceemcsjakabosborcsannieman-sapsap-amvszegedironnykrossetaylor-sethmrclsufcolombo-sapmfawalszbaleksandrasapbrandon-sapbarna.barakpjohnson02dominiknyergesbence.tothlevente.otti.saptorokhelenejwalkermatusekmaeadanielmnguetsaaymenbidasapbanattittoth2sap_hangkharitonoffazsoldiermafteiuscaiivantorokgyorgyabelbence.nagy.emarsyserikgherktakacsdrilonjasharisappeterforis-emarsysnielsvbijsterveldt-emarsyszsomborkincseseergartmfearsfinally-fancymagdafabiansamuel.varga_sapyunyesaparamovicronnie_sapivan.torok-efulopgaborkovacs.zsolti.zsoltszilvia.barnaksachinmahajanadurraszilviabarnakmfawallmknurajuliaserrpeterlukacsagruczagavinsun-sapjuliandietrichnlazasapjohnnybakuczbence-illia-emarsysmiklostorbicsznemesrayhanwkapadiafarkasandrasbenedek.izso.emarsysbalint-barki-sapjohannes_thiede_20010505hendrkflorianmaakeszter.kotrahewaymanruchidhiman-sap

Keywords

escher

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
dependencies unvetted-dep:escher-auth AI (dependencies): escher-auth is the core auth library this package is explicitly designed to wrap; its presence is expected across all versions. ai

Versions (showing 6 of 6)

Version Deps Published
23.1.6 4 / 20
23.1.4 4 / 20
23.1.3 4 / 20
23.1.2 4 / 20
23.1.1 4 / 20
23.0.0 4 / 20

v23.1.6

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v23.1.4

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v23.1.3

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v23.1.2

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v23.1.1

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v23.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.