@f2a/cli
F2A CLI - Command line tools for Friend-to-Agent P2P networking
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| provenance | publisher-changed | AI (provenance): Transition to GitHub Actions CI publishing with SLSA attestation; legitimate automation handoff for this monorepo. | ai | |
| semgrep | semgrep:env-spread | AI (semgrep): Firing exclusively in test files (cli-entry.test.ts) where process.env spread is used to pass env vars to spawned child processes — standard test pattern, not credential exfiltration. | ai | |
| semgrep | semgrep:etc-passwd-access | AI (semgrep): Firing in config.test.ts as a negative test case validating path traversal rejection. No actual /etc/passwd read occurs; this is security-conscious test code. | ai | |
| typosquat | typosquat.levenshtein:joi | AI (typosquat): Package is @f2a/cli in a scoped namespace for a coherent P2P networking project. Levenshtein proximity to 'joi' is a mechanical artifact with no brand impersonation intent. | ai |
Versions (showing 26 of 26)
| Version | Deps | Published |
|---|---|---|
| 0.17.0 | 2 / 3 | |
| 0.16.10 | 2 / 3 | |
| 0.16.9 | 2 / 3 | |
| 0.16.8 | 2 / 3 | |
| 0.16.7 | 2 / 3 | |
| 0.16.5 | 2 / 3 | |
| 0.16.4 | 2 / 3 | |
| 0.16.3 | 2 / 3 | |
| 0.16.2 | 2 / 3 | |
| 0.16.1 | 2 / 3 | |
| 0.16.0 | 2 / 3 | |
| 0.15.0 | 2 / 3 | |
| 0.14.0 | 2 / 3 | |
| 0.13.0 | 2 / 3 | |
| 0.12.0 | 2 / 3 | |
| 0.11.0 | 2 / 3 | |
| 0.10.0 | 2 / 3 | |
| 0.9.0 | 2 / 3 | |
| 0.8.6 | 2 / 3 | |
| 0.8.0 | 2 / 3 | |
| 0.7.0 | 2 / 3 | |
| 0.6.0 | 2 / 3 | |
| 0.5.3 | 2 / 3 | |
| 0.5.2 | 2 / 3 | |
| 0.5.1 | 2 / 3 | |
| 0.5.0 | 1 / 3 |
v0.17.0
6 findingsSpreading entire process.env into an object — may capture all secrets Source: https://github.com/LuciusCao/F2A/blob/ff22ac0d3c51f22d6717388d6d93984d7b5598cb/src/cli-entry.test.ts#L160 158 | 159 | const proc = spawn('node', [cliPath, ...args], { > 160 | env: { ...process.env, F2A_CONTROL_PORT: '9999' } // 使用不存在的端口避免连接真实 daemon 161 | }); 162 |
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/LuciusCao/F2A/blob/ff22ac0d3c51f22d6717388d6d93984d7b5598cb/src/config.test.ts#L304 302 | const config = { 303 | ...getDefaultConfig(), > 304 | dataDir: '/var/data/../etc/passwd', 305 | }; 306 | const result = F2AConfigSchema.safeParse(config);
Spreading entire process.env into an object — may capture all secrets Source: https://github.com/LuciusCao/F2A/blob/ff22ac0d3c51f22d6717388d6d93984d7b5598cb/src/daemon.ts#L416 414 | 415 | // 构建环境变量 > 416 | const env = { ...process.env }; 417 | if (!env.F2A_CONTROL_PORT) { 418 | env.F2A_CONTROL_PORT = controlPort.toString();
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/LuciusCao/F2A/blob/ff22ac0d3c51f22d6717388d6d93984d7b5598cb/src/identity.test.ts#L580 578 | // Create a file in a disallowed location (simulated) 579 | // Note: realpathSync will fail for non-existent paths > 580 | const fakePath = '/etc/passwd.json'; 581 | 582 | const result = await importIdentityInternal(fakePath, testDir);
Spreading entire process.env into an object — may capture all secrets Source: https://github.com/LuciusCao/F2A/blob/ff22ac0d3c51f22d6717388d6d93984d7b5598cb/src/main.test.ts#L153 151 | 152 | const proc = spawn('node', [cliPath, ...args], { > 153 | env: { ...process.env, F2A_CONTROL_PORT: '9999' } // 使用不存在的端口避免连接真实 daemon 154 | }); 155 |
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.16.10
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.16.9
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.16.8
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.16.7
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.16.5
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.16.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.16.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.16.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.16.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.16.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.15.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.14.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.13.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.12.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.8.6
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.8.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.0
2 findingsThis version was published by a different npm account than previous versions on 2026-04-19. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.5.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.5.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.5.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.