@graphql-mesh/incontext-sdk-codegen No license 17 versions

@graphql-mesh/incontext-sdk-codegen

npm Repository Homepage

17

Versions

—

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

urigodotansimhaardatanenisdenjotheguild-bot

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
provenance	publisher-changed	AI (provenance): graphql-mesh monorepo transitioned to GitHub Actions CI publishing with SLSA provenance; stable pattern going forward.	ai	2026/05/21
provenance	slsa-provenance	AI (provenance): SLSA provenance attestation confirms CI/CD integrity for this package.	ai	2026/05/21
dependencies	unvetted-dep:@graphql-mesh/fusion-runtime	AI (dependencies): First-party sibling package in the same @graphql-mesh monorepo; not an external unvetted dependency.	ai	2026/05/08
npm-metadata	no-description	AI (npm-metadata): Monorepo package; missing description is a cosmetic issue, not a malice indicator.	ai	2026/05/04

Versions (showing 17 of 17)

Version	Deps	Published
0.0.17	13 / 0	2026-04-23
0.0.16	13 / 0	2026-04-15
0.0.15	13 / 0	2026-04-14
0.0.14	13 / 0	2026-04-09
0.0.13	13 / 0	2026-04-03
0.0.12	13 / 0	2026-03-31
0.0.11	13 / 0	2026-03-30
0.0.10	13 / 0	2026-03-25
0.0.9	13 / 0	2026-03-23
0.0.8	13 / 0	2026-03-23
0.0.7	13 / 0	2026-03-22
0.0.6	13 / 0	2026-03-19
0.0.5	13 / 0	2026-03-17
0.0.4	13 / 0	2026-03-17
0.0.3	13 / 0	2026-03-11
0.0.2	13 / 0	2026-03-11
0.0.1	13 / 0	2026-03-11

v0.0.17

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.0.16

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.0.15

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.0.14

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.0.13

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.0.12

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.0.11

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.0.10

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.0.9

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.0.8

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.0.7

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.0.6

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.0.5

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.0.4

2 findings

HIGH Publisher changed: ardatan → GitHub Actions (on 2026-03-17) provenance

This version was published by a different npm account than previous versions on 2026-03-17. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.0.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.0.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.0.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.