@forinda/kickjs-cli
CLI for KickJS — project scaffolding, DDD module generation, dev/build/start
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:dist/config-BnCPYsQu.mjs | AI (source-diff): Standard rolldown/tsdown bundler output with MIT header and source maps; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/run-plugins-w_kqfVLL.mjs | AI (source-diff): Standard rolldown/tsdown bundler output with MIT header and source maps; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/typegen-CFtS0A1P.mjs | AI (source-diff): Standard rolldown/tsdown bundler output with MIT header and source maps; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/project-docs-Bh20nvAP.mjs | AI (source-diff): Standard rolldown/tsdown bundler output with MIT header and source maps; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/doctor-Brw2ruus.mjs | AI (source-diff): Standard rolldown/tsdown bundler output with MIT header and source maps; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/builtins-BcviNYA8.mjs | AI (source-diff): Standard rolldown/tsdown minified ESM bundle with MIT header and readable Node built-in imports; not obfuscated. | ai | |
| source-diff | obfuscated-file:dist/typegen-DinUVd0x.mjs | AI (source-diff): Standard rolldown/tsdown minified ESM bundle with MIT header and readable Node built-in imports; not obfuscated. | ai | |
| source-diff | obfuscated-file:dist/typegen-CmY9IXTJ.mjs | AI (source-diff): Standard rolldown/tsdown minified ESM bundle with MIT header and readable Node built-in imports; not obfuscated. | ai | |
| source-diff | obfuscated-file:dist/generator-extension-Bd3BvtoI.mjs | AI (source-diff): Standard rolldown/tsdown minified ESM bundle with MIT header and readable Node built-in imports; not obfuscated. | ai | |
| source-diff | obfuscated-file:dist/builtins-Ch3SpH4z.mjs | AI (source-diff): Standard rolldown/tsdown minified ESM bundle with MIT header and readable Node built-in imports; not obfuscated. | ai | |
| source-diff | obfuscated-file:dist/builtins-BqaW8JR2.mjs | AI (source-diff): Standard rolldown/tsdown minified ESM bundle with MIT header; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/typegen-BwZ1fbLq.mjs | AI (source-diff): Standard rolldown/tsdown minified ESM bundle with MIT header; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/typegen-B4_u3xBO.mjs | AI (source-diff): Standard rolldown/tsdown minified ESM bundle with MIT header; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/generator-extension-DjQVbh56.mjs | AI (source-diff): Standard rolldown/tsdown minified ESM bundle with MIT header; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/builtins-C218lGrx.mjs | AI (source-diff): Standard rolldown/tsdown minified ESM bundle with MIT header; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/builtins-B1iai4Mu.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle output; consistent with build tooling for this CLI package. | ai | |
| source-diff | obfuscated-file:dist/typegen-VziXMsqI.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle output; consistent with build tooling for this CLI package. | ai | |
| source-diff | obfuscated-file:dist/typegen-Dnc6bshx.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle output; consistent with build tooling for this CLI package. | ai | |
| source-diff | obfuscated-file:dist/generator-extension-Ba3TqDk4.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle output; consistent with build tooling for this CLI package. | ai | |
| source-diff | obfuscated-file:dist/builtins-DC1UyGqc.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle output; consistent with build tooling for this CLI package. | ai | |
| source-diff | obfuscated-file:dist/builtins-f9GCF9UO.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle output for a CLI tool; no malicious patterns in samples. | ai | |
| source-diff | obfuscated-file:dist/typegen-BEWcYO4F.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle output for a CLI tool; no malicious patterns in samples. | ai | |
| source-diff | obfuscated-file:dist/typegen-B05WVNbq.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle output for a CLI tool; no malicious patterns in samples. | ai | |
| source-diff | obfuscated-file:dist/generator-extension-B0VOAwMA.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle output for a CLI tool; no malicious patterns in samples. | ai | |
| source-diff | obfuscated-file:dist/builtins-B9mT_e0x.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle output for a CLI tool; no malicious patterns in samples. | ai | |
| source-diff | obfuscated-file:dist/config-icjz-b4f.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle with MIT header; no obfuscation or malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/typegen-Cd0w7Al-.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle with MIT header; no obfuscation or malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/run-plugins-B3Ooiczg.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle with MIT header; no obfuscation or malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/project-docs-LqGoslXZ.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle with MIT header; no obfuscation or malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/doctor-BrkA44Gz.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle with MIT header; no obfuscation or malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/config-CKv4zZ7y.mjs | AI (source-diff): Standard rolldown/tsdown bundler output; MIT header, readable logic, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/typegen-Bo2XztpK.mjs | AI (source-diff): Standard rolldown/tsdown bundler output; MIT header, readable logic, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/run-plugins-D2SRJqzb.mjs | AI (source-diff): Standard rolldown/tsdown bundler output; MIT header, readable logic, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/project-docs-f1JR5er_.mjs | AI (source-diff): Standard rolldown/tsdown bundler output; MIT header, readable logic, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/doctor-Cl-wlutc.mjs | AI (source-diff): Standard rolldown/tsdown bundler output; MIT header, readable logic, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/config-BXTsAmnY.mjs | AI (source-diff): Standard rolldown/tsdown bundle output; readable CLI tool code with no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/typegen-C6c4B6mA.mjs | AI (source-diff): Standard rolldown/tsdown bundle output; readable CLI tool code with no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/run-plugins-CPnfwUUk.mjs | AI (source-diff): Standard rolldown/tsdown bundle output; readable CLI tool code with no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/project-docs-CGn7Z7h9.mjs | AI (source-diff): Standard rolldown/tsdown bundle output; readable CLI tool code with no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/doctor-BX8eDq-O.mjs | AI (source-diff): Standard rolldown/tsdown bundle output; readable CLI tool code with no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/builtins-CB0cpCRy.mjs | AI (source-diff): Standard rolldown/tsdown minified ESM bundle with MIT header; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/typegen-DzmDwZvN.mjs | AI (source-diff): Standard rolldown/tsdown minified ESM bundle with MIT header; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/typegen-COBqEd4w.mjs | AI (source-diff): Standard rolldown/tsdown minified ESM bundle with MIT header; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/generator-extension-Ds2fzYZS.mjs | AI (source-diff): Standard rolldown/tsdown minified ESM bundle with MIT header; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/builtins-DNnIUbGs.mjs | AI (source-diff): Standard rolldown/tsdown minified ESM bundle with MIT header; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/generator-extension-DO7Lmj9A.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle output with license header and source maps; not obfuscated. | ai | |
| source-diff | obfuscated-file:dist/typegen-BY8RdkXt.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle output with license header and source maps; not obfuscated. | ai | |
| source-diff | obfuscated-file:dist/run-plugins-D1yEXkCX.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle output with license header and source maps; not obfuscated. | ai | |
| source-diff | obfuscated-file:dist/project-docs-D-qp0Ey7.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle output with license header and source maps; not obfuscated. | ai | |
| source-diff | obfuscated-file:dist/config-0Kk83nQ_.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle output with license header and source maps; not obfuscated. | ai | |
| source-diff | obfuscated-file:dist/generator-extension-D8q_Dcqh.mjs | AI (source-diff): Standard rolldown/tsdown bundler output with MIT header and source maps; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/typegen-CGrhe0Ta.mjs | AI (source-diff): Standard rolldown/tsdown bundler output with MIT header and source maps; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/run-plugins-D_jHPl16.mjs | AI (source-diff): Standard rolldown/tsdown bundler output with MIT header and source maps; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/project-docs-DkHcUaf1.mjs | AI (source-diff): Standard rolldown/tsdown bundler output with MIT header and source maps; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/config-BlM3L0kV.mjs | AI (source-diff): Standard rolldown/tsdown bundler output with MIT header and source maps; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/generator-extension-VtAaa5qD.mjs | AI (source-diff): Standard rolldown bundler minification output; MIT header present, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/typegen-DZGjDSOf.mjs | AI (source-diff): Standard rolldown bundler minification output; MIT header present, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/run-plugins-qeJ8k2Pi.mjs | AI (source-diff): Standard rolldown bundler minification output; MIT header present, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/project-docs-DpdbqsFZ.mjs | AI (source-diff): Standard rolldown bundler minification output; MIT header present, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/config-C58Eekb2.mjs | AI (source-diff): Standard rolldown bundler minification output; MIT header present, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/generator-extension-m04pTdQi.mjs | AI (source-diff): Standard rolldown/tsdown bundler output with MIT header; not obfuscated, just minified CLI dist. | ai | |
| source-diff | obfuscated-file:dist/builtins-DXPOvADa.mjs | AI (source-diff): Standard rolldown/tsdown bundler output with MIT header; not obfuscated, just minified CLI dist. | ai | |
| source-diff | obfuscated-file:dist/builtins-DYktFyU-.mjs | AI (source-diff): Standard rolldown/tsdown bundler output with MIT header; not obfuscated, just minified CLI dist. | ai | |
| source-diff | obfuscated-file:dist/typegen-COED-VIb.mjs | AI (source-diff): Standard rolldown/tsdown bundler output with MIT header; not obfuscated, just minified CLI dist. | ai | |
| source-diff | obfuscated-file:dist/typegen-CYaoTJ6r.mjs | AI (source-diff): Standard rolldown/tsdown bundler output with MIT header; not obfuscated, just minified CLI dist. | ai | |
| source-diff | obfuscated-file:dist/builtins-BxGfcEP6.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle output for a CLI tool; no malicious patterns in sampled code. | ai | |
| source-diff | obfuscated-file:dist/typegen-CYA1y8NJ.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle output for a CLI tool; no malicious patterns in sampled code. | ai | |
| source-diff | obfuscated-file:dist/typegen-CFW1vIgv.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle output for a CLI tool; no malicious patterns in sampled code. | ai | |
| source-diff | obfuscated-file:dist/generator-extension-BNgcYlom.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle output for a CLI tool; no malicious patterns in sampled code. | ai | |
| source-diff | obfuscated-file:dist/builtins-CnQ6lxcV.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle output for a CLI tool; no malicious patterns in sampled code. | ai | |
| source-diff | obfuscated-file:dist/generator-extension-D4D7ANu6.mjs | AI (source-diff): Standard rolldown/tsdown bundle output; code is readable and benign. | ai | |
| source-diff | obfuscated-file:dist/typegen-CL2GzEgc.mjs | AI (source-diff): Standard rolldown/tsdown bundle output; code is readable and benign. | ai | |
| source-diff | obfuscated-file:dist/run-plugins-BiLXFAaa.mjs | AI (source-diff): Standard rolldown/tsdown bundle output; code is readable and benign. | ai | |
| source-diff | obfuscated-file:dist/project-docs-B5xYM3MX.mjs | AI (source-diff): Standard rolldown/tsdown bundle output; code is readable and benign. | ai | |
| source-diff | obfuscated-file:dist/config-Bo4xxPHs.mjs | AI (source-diff): Standard rolldown/tsdown bundle output; code is readable and benign. | ai | |
| source-diff | obfuscated-file:dist/generator-extension-CVVCnF6w.mjs | AI (source-diff): Standard rolldown/tsdown bundle output with MIT header and source maps; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/typegen-BK-C_dMm.mjs | AI (source-diff): Standard rolldown/tsdown bundle output with MIT header and source maps; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/run-plugins-BE1Dakam.mjs | AI (source-diff): Standard rolldown/tsdown bundle output with MIT header and source maps; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/project-docs-DRR0mSJy.mjs | AI (source-diff): Standard rolldown/tsdown bundle output with MIT header and source maps; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/config-DKQcNKrg.mjs | AI (source-diff): Standard rolldown/tsdown bundle output with MIT header and source maps; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/builtins-K-nRJcJG.mjs | AI (source-diff): Standard rolldown/tsdown minified CLI bundle output; MIT header present, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/typegen-DDQJNnUl.mjs | AI (source-diff): Standard rolldown/tsdown minified CLI bundle output; MIT header present, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/typegen-Bl9kUVNL.mjs | AI (source-diff): Standard rolldown/tsdown minified CLI bundle output; MIT header present, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/generator-extension-Bn2aH7kY.mjs | AI (source-diff): Standard rolldown/tsdown minified CLI bundle output; MIT header present, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/builtins-DBzZkJey.mjs | AI (source-diff): Standard rolldown/tsdown minified CLI bundle output; MIT header present, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/builtins-WmcOB_BH.mjs | AI (source-diff): Standard rolldown/tsdown minified ESM bundle with MIT header; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/typegen-BcmvYXaW.mjs | AI (source-diff): Standard rolldown/tsdown minified ESM bundle with MIT header; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/typegen-B-504b6a.mjs | AI (source-diff): Standard rolldown/tsdown minified ESM bundle with MIT header; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/generator-extension-C8B3jDpA.mjs | AI (source-diff): Standard rolldown/tsdown minified ESM bundle with MIT header; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/builtins-CTv3_NFH.mjs | AI (source-diff): Standard rolldown/tsdown minified ESM bundle with MIT header; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/generator-extension-ChoCJW23.mjs | AI (source-diff): Standard rolldown/tsdown minified ESM bundle with license header; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/typegen-B8lAhWXz.mjs | AI (source-diff): Standard rolldown/tsdown minified ESM bundle with license header; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/run-plugins-Bg8kTYfa.mjs | AI (source-diff): Standard rolldown/tsdown minified ESM bundle with license header; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/config-v6vsVMtc.mjs | AI (source-diff): Standard rolldown/tsdown minified ESM bundle with license header; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/typegen-C3G375CR.mjs | AI (source-diff): Minified rolldown/tsdown build output with source maps; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/run-plugins-Cvgyo_th.mjs | AI (source-diff): Minified rolldown/tsdown build output with source maps; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/generator-extension-BXLt3Tp_.mjs | AI (source-diff): Minified rolldown/tsdown build output with source maps; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/config-ierHW69f.mjs | AI (source-diff): Minified rolldown/tsdown build output with source maps; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/config-BQUzGk6m.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle output; no malicious patterns in sampled code. | ai | |
| phantom-deps | phantom-dep:jiti | AI (phantom-deps): jiti is used at runtime for config loading via dynamic import; bundled code resolves it without static import statements. | ai | |
| source-diff | obfuscated-file:dist/typegen-D-1Q9yBD.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle output; no malicious patterns in sampled code. | ai | |
| source-diff | obfuscated-file:dist/run-plugins-DaO1FtZb.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle output; no malicious patterns in sampled code. | ai | |
| source-diff | obfuscated-file:dist/generator-extension-Cd2DU_XX.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle output; no malicious patterns in sampled code. | ai | |
| source-diff | obfuscated-file:dist/builtins-BpWIctor.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle output; MIT header present, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/typegen-DyXcnNCk.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle output; MIT header present, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/typegen-CZMLNEJQ.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle output; MIT header present, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/generator-extension-CEYm6tuj.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle output; MIT header present, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/builtins-5aWa9xTa.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle output; MIT header present, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/builtins-BIiKePdP.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle; MIT header, clean imports, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/typegen-DyhkvERd.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle; MIT header, clean imports, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/typegen-BL07Yyj4.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle; MIT header, clean imports, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/generator-extension-DSIVI-lg.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle; MIT header, clean imports, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/builtins-DI-a8PeJ.mjs | AI (source-diff): Standard rolldown/tsdown minified bundle; MIT header, clean imports, no malicious patterns. | ai | |
| provenance | publisher-changed | AI (provenance): Publisher is GitHub Actions with SLSA provenance attestation; this is the documented CI/CD publish pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/builtins-Du70nybS.mjs | AI (source-diff): Standard rolldown/tsdown minified ESM output with MIT header; no malicious patterns. | ai | |
| phantom-deps | phantom-dep:@clack/prompts | AI (phantom-deps): @clack/prompts is imported in bundled dist files; phantom-dep heuristic misses bundled imports. | ai | |
| phantom-deps | phantom-dep:picocolors | AI (phantom-deps): picocolors is imported in bundled dist files; phantom-dep heuristic misses bundled imports. | ai | |
| phantom-deps | phantom-dep:pluralize | AI (phantom-deps): pluralize is imported in bundled dist files; phantom-dep heuristic misses bundled imports. | ai | |
| phantom-deps | phantom-dep:oxfmt | AI (phantom-deps): oxfmt is dynamically imported at runtime in the bundle; phantom-dep heuristic misses this. | ai | |
| phantom-deps | phantom-dep:glob | AI (phantom-deps): glob is imported in bundled dist files; phantom-dep heuristic misses bundled imports. | ai | |
| source-diff | obfuscated-file:dist/typegen-CBI7dNXr.mjs | AI (source-diff): Standard rolldown/tsdown minified ESM output with MIT header; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/typegen-C6ZfoYTC.mjs | AI (source-diff): Standard rolldown/tsdown minified ESM output with MIT header; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/builtins-BdvmVAJ1.mjs | AI (source-diff): Standard rolldown/tsdown minified ESM output with MIT header; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/generator-extension-Cp5FUUAw.mjs | AI (source-diff): Standard rolldown/tsdown minified ESM output with MIT header; no malicious patterns. | ai | |
| provenance | no-provenance | AI (provenance): New package without provenance setup; common for early-stage monorepo packages. | ai |
Versions (showing 96 of 96)
| Version | Deps | Published |
|---|---|---|
| 5.10.2 | 9 / 10 | |
| 5.10.1 | 9 / 10 | |
| 5.9.1 | 9 / 10 | |
| 5.9.0 | 9 / 10 | |
| 5.8.7 | 9 / 10 | |
| 5.8.6 | 9 / 10 | |
| 5.8.4 | 9 / 10 | |
| 5.8.3 | 9 / 10 | |
| 5.8.2 | 9 / 10 | |
| 5.8.1 | 9 / 10 | |
| 5.8.0 | 9 / 10 | |
| 5.7.0 | 9 / 10 | |
| 5.5.1 | 8 / 10 | |
| 5.5.0 | 8 / 10 | |
| 5.4.7 | 8 / 10 | |
| 5.4.6 | 8 / 10 | |
| 5.4.5 | 8 / 10 | |
| 5.4.4 | 8 / 10 | |
| 5.4.3 | 8 / 10 | |
| 5.4.2 | 8 / 10 | |
| 5.4.0 | 8 / 10 | |
| 5.3.2 | 8 / 10 | |
| 5.3.0 | 8 / 10 | |
| 5.2.3 | 8 / 10 | |
| 5.2.1 | 8 / 10 | |
| 5.2.0 | 8 / 10 | |
| 5.1.0 | 6 / 10 | |
| 5.0.2 | 5 / 7 | |
| 5.0.1 | 5 / 7 | |
| 5.0.0 | 5 / 7 | |
| 4.2.0 | 5 / 7 | |
| 4.1.0 | 5 / 7 | |
| 4.0.0 | 5 / 7 | |
| 3.2.0 | 4 / 7 | |
| 3.1.3 | 4 / 7 | |
| 3.1.2 | 4 / 7 | |
| 3.1.1 | 4 / 7 | |
| 3.1.0 | 4 / 7 | |
| 3.0.8 | 4 / 7 | |
| 3.0.7 | 4 / 7 | |
| 3.0.6 | 4 / 7 | |
| 3.0.5 | 4 / 7 | |
| 3.0.4 | 4 / 7 | |
| 3.0.3 | 4 / 7 | |
| 3.0.2 | 4 / 7 | |
| 3.0.0 | 4 / 7 | |
| 2.3.3 | 2 / 7 | |
| 2.3.2 | 2 / 7 | |
| 2.3.1 | 2 / 7 | |
| 2.3.0 | 2 / 7 | |
| 2.2.5 | 2 / 6 | |
| 2.2.4 | 1 / 5 | |
| 2.2.3 | 1 / 5 | |
| 2.2.2 | 1 / 5 | |
| 2.2.1 | 1 / 5 | |
| 2.2.0 | 1 / 5 | |
| 2.1.0 | 1 / 5 | |
| 2.0.1 | 1 / 5 | |
| 2.0.0 | 1 / 5 | |
| 1.7.0 | 1 / 5 | |
| 1.6.0 | 1 / 5 | |
| 1.5.0 | 1 / 5 | |
| 1.4.0 | 1 / 5 | |
| 1.3.2 | 1 / 5 | |
| 1.3.1 | 1 / 5 | |
| 1.3.0 | 1 / 5 | |
| 1.2.13 | 1 / 5 | |
| 1.2.12 | 1 / 5 | |
| 1.2.11 | 1 / 5 | |
| 1.2.10 | 1 / 5 | |
| 1.2.9 | 1 / 5 | |
| 1.2.8 | 1 / 5 | |
| 1.2.7 | 1 / 5 | |
| 1.2.6 | 1 / 5 | |
| 1.2.5 | 1 / 5 | |
| 1.2.4 | 1 / 5 | |
| 1.2.3 | 1 / 5 | |
| 1.2.2 | 1 / 5 | |
| 1.2.1 | 1 / 5 | |
| 1.2.0 | 1 / 5 | |
| 1.1.3 | 1 / 5 | |
| 1.1.2 | 1 / 5 | |
| 1.1.1 | 1 / 5 | |
| 1.1.0 | 1 / 5 | |
| 1.0.0 | 1 / 5 | |
| 0.7.0 | 1 / 5 | |
| 0.6.0 | 1 / 5 | |
| 0.5.2 | 1 / 5 | |
| 0.5.0 | 1 / 5 | |
| 0.4.3 | 1 / 5 | |
| 0.4.2 | 1 / 5 | |
| 0.4.1 | 1 / 5 | |
| 0.4.0 | 1 / 5 | |
| 0.3.2 | 1 / 5 | |
| 0.3.1 | 1 / 5 | |
| 0.3.0 | 1 / 5 |
v5.10.2
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.10.1
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.9.1
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.9.0
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.8.7
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.8.6
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.8.4
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.8.3
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.8.2
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.8.1
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.8.0
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.7.0
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.5.1
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.5.0
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.4.7
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.4.6
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.4.5
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.4.4
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.4.3
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.4.2
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.4.0
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.3.2
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.3.0
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.2.3
7 findingsThis version was published by a different npm account than previous versions on 2026-05-04. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.2.1
2 findingsThis version was published by a different npm account than previous versions on 2026-05-04. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.2.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v5.1.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v5.0.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v5.0.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v5.0.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.2.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.1.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.0.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.2.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.1.3
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.1.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.1.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.1.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.0.8
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.0.7
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.0.6
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.0.5
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.0.4
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.0.3
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.0.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.0.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.3.3
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.3.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.3.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.3.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.2.5
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.2.4
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.2.3
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.2.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.2.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.2.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.0.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.0.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.7.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.6.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.5.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.4.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.3.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.3.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.3.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.2.13
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.2.12
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.2.11
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.2.10
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.2.9
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.2.8
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.2.7
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.2.6
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.2.5
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.2.4
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.2.3
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.2.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.2.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.2.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.1.3
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.1.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.1.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.1.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.6.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.5.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.5.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.3
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.3.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.3.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.3.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.