@harness-engineering/orchestrator
Orchestrator daemon for dispatching coding agents to issues
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| dependencies | unvetted-dep:@harness-engineering/core | AI (dependencies): First-party scoped dep from the same org; unvetted status reflects review lag, not external risk. | ai | |
| dependencies | unvetted-dep:@harness-engineering/types | AI (dependencies): First-party scoped dep from the same org; unvetted status reflects review lag, not external risk. | ai | |
| phantom-deps | phantom-dep:chokidar | AI (phantom-deps): chokidar is declared as a runtime dependency in package.json; phantom-dep fires because it's not directly imported in source, but it's a legitimate declared dep. | ai |
Versions (showing 30 of 30)
| Version | Deps | Published |
|---|---|---|
| 0.6.0 | 16 / 10 | |
| 0.5.0 | 16 / 10 | |
| 0.4.6 | 16 / 10 | |
| 0.4.5 | 16 / 10 | |
| 0.4.4 | 16 / 10 | |
| 0.4.3 | 16 / 10 | |
| 0.4.2 | 14 / 6 | |
| 0.4.1 | 14 / 6 | |
| 0.4.0 | 14 / 6 | |
| 0.3.2 | 14 / 6 | |
| 0.3.1 | 14 / 6 | |
| 0.3.0 | 14 / 6 | |
| 0.2.17 | 14 / 6 | |
| 0.2.16 | 14 / 6 | |
| 0.2.15 | 14 / 6 | |
| 0.2.14 | 14 / 6 | |
| 0.2.13 | 14 / 6 | |
| 0.2.12 | 14 / 6 | |
| 0.2.11 | 14 / 6 | |
| 0.2.10 | 14 / 6 | |
| 0.2.9 | 14 / 6 | |
| 0.2.8 | 14 / 6 | |
| 0.2.7 | 9 / 5 | |
| 0.2.6 | 6 / 5 | |
| 0.2.5 | 7 / 5 | |
| 0.2.4 | 7 / 5 | |
| 0.2.3 | 7 / 5 | |
| 0.2.2 | 7 / 5 | |
| 0.2.1 | 7 / 5 | |
| 0.2.0 | 7 / 5 |
v0.6.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.4.6
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.4.5
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.4.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.4.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.4.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.4.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.4.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.17
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.16
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.15
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.14
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.13
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.12
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.10
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.5
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.