@gpc-cli/core
Core business logic for GPC — Google Play Console CLI
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| typosquat | typosquat.levenshtein:cors | AI (typosquat): Scoped @gpc-cli/core is a Google Play Console CLI package, not a typosquat of cors; name collision is coincidental. | ai |
Versions (showing 49 of 49)
| Version | Deps | Published |
|---|---|---|
| 0.9.66 | 10 / 2 | |
| 0.9.65 | 10 / 2 | |
| 0.9.64 | 10 / 2 | |
| 0.9.62 | 10 / 2 | |
| 0.9.61 | 10 / 2 | |
| 0.9.43 | 6 / 2 | |
| 0.9.42 | 6 / 2 | |
| 0.9.41 | 6 / 2 | |
| 0.9.40 | 6 / 2 | |
| 0.9.39 | 6 / 2 | |
| 0.9.38 | 6 / 2 | |
| 0.9.37 | 6 / 2 | |
| 0.9.36 | 6 / 2 | |
| 0.9.35 | 6 / 2 | |
| 0.9.34 | 6 / 2 | |
| 0.9.33 | 6 / 2 | |
| 0.9.32 | 4 / 1 | |
| 0.9.31 | 4 / 1 | |
| 0.9.30 | 4 / 1 | |
| 0.9.29 | 4 / 1 | |
| 0.9.28 | 4 / 1 | |
| 0.9.27 | 4 / 1 | |
| 0.9.26 | 4 / 1 | |
| 0.9.25 | 4 / 1 | |
| 0.9.24 | 4 / 1 | |
| 0.9.23 | 4 / 1 | |
| 0.9.22 | 4 / 1 | |
| 0.9.21 | 4 / 1 | |
| 0.9.20 | 4 / 1 | |
| 0.9.19 | 4 / 1 | |
| 0.9.18 | 4 / 1 | |
| 0.9.17 | 4 / 1 | |
| 0.9.16 | 4 / 1 | |
| 0.9.15 | 4 / 1 | |
| 0.9.14 | 4 / 1 | |
| 0.9.13 | 4 / 1 | |
| 0.9.12 | 4 / 1 | |
| 0.9.11 | 4 / 1 | |
| 0.9.10 | 4 / 1 | |
| 0.9.9 | 4 / 1 | |
| 0.9.8 | 4 / 1 | |
| 0.9.7 | 4 / 1 | |
| 0.9.6 | 4 / 1 | |
| 0.9.5 | 4 / 1 | |
| 0.9.4 | 4 / 1 | |
| 0.1.3 | 4 / 1 | |
| 0.1.2 | 4 / 1 | |
| 0.1.1 | 4 / 1 | |
| 0.1.0 | 4 / 1 |
v0.9.66
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.65
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.64
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.62
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.61
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.43
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.42
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.41
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.40
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.39
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.38
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.37
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.36
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.35
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.34
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.33
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.32
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.31
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.30
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.29
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.28
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.27
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.26
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.25
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.24
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.23
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.22
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.21
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.20
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.19
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.18
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.17
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.16
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.15
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.14
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.13
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.12
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.11
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.10
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.9
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.8
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.7
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.6
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.5
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.9.4
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.3
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.2
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.1
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.0
2 findingsPackage name '@gpc-cli/core' is 1 edit(s) away from popular package 'cors'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.