@hed-hog/address
Módulo para gerenciamento de endereços no HedHog. Fornece endpoints para criar, listar, atualizar e deletar endereços, com suporte a múltiplos tipos de endereço e controle de endereço primário por tipo.
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| npm-metadata | no-description | AI (npm-metadata): Consistent with @hed-hog org publishing pattern; not indicative of malice. | ai | |
| bogus-package | bogus-package | AI (bogus-package): Part of established @hed-hog monorepo; sparse metadata is a consistent pattern across all org packages. | ai | |
| dependencies | unvetted-dep:@hed-hog/api-types | AI (dependencies): Same-org dependency (@hed-hog scope); consistent with the package's ecosystem pattern across versions. | ai | |
| provenance | no-provenance | AI (provenance): Consistent across all @hed-hog/* packages; publisher has strong approval track record without provenance. | ai | |
| publish-pattern | rapid-publish | AI (publish-pattern): High-frequency automated publishing is the established pattern for this package family (61 versions in 81 days). | ai | |
| phantom-deps | phantom-dep:@nestjs/jwt | AI (phantom-deps): NestJS peer-dep pattern; not directly imported but declared for consumers. | ai | |
| phantom-deps | phantom-dep:@hed-hog/api-types | AI (phantom-deps): Same-org dep; consistent with hed-hog module architecture. | ai | |
| phantom-deps | phantom-dep:@hed-hog/core | AI (phantom-deps): Same-org dep; consistent with hed-hog module architecture. | ai | |
| phantom-deps | phantom-dep:@nestjs/core | AI (phantom-deps): NestJS peer-dep pattern; standard for NestJS modules. | ai |
Versions (showing 33 of 33)
| Version | Deps | Published |
|---|---|---|
| 0.0.364 | 11 / 0 | |
| 0.0.358 | 11 / 0 | |
| 0.0.355 | 11 / 0 | |
| 0.0.351 | 11 / 0 | |
| 0.0.347 | 11 / 0 | |
| 0.0.338 | 11 / 0 | |
| 0.0.333 | 11 / 0 | |
| 0.0.331 | 11 / 0 | |
| 0.0.329 | 11 / 0 | |
| 0.0.328 | 11 / 0 | |
| 0.0.327 | 11 / 0 | |
| 0.0.322 | 11 / 0 | |
| 0.0.321 | 11 / 0 | |
| 0.0.319 | 11 / 0 | |
| 0.0.316 | 11 / 0 | |
| 0.0.312 | 11 / 0 | |
| 0.0.310 | 11 / 0 | |
| 0.0.306 | 11 / 0 | |
| 0.0.305 | 11 / 0 | |
| 0.0.304 | 11 / 0 | |
| 0.0.303 | 11 / 0 | |
| 0.0.301 | 11 / 0 | |
| 0.0.300 | 11 / 0 | |
| 0.0.299 | 11 / 0 | |
| 0.0.297 | 11 / 0 | |
| 0.0.293 | 11 / 0 | |
| 0.0.291 | 11 / 0 | |
| 0.0.286 | 11 / 0 | |
| 0.0.279 | 11 / 0 | |
| 0.0.276 | 11 / 0 | |
| 0.0.273 | 11 / 0 | |
| 0.0.272 | 11 / 0 | |
| 0.0.270 | 10 / 0 |
v0.0.364
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.358
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.355
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.351
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.347
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.338
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.333
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.331
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.329
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.328
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.327
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.322
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.321
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.319
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.316
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.312
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.310
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.306
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.305
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.304
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.303
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.301
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.300
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.299
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.297
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.293
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.291
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.286
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.279
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.276
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.273
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.272
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.270
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.