← Home

@honeybadger-io/js

npm Repository Homepage
7
Versions
License
No
Install Scripts
Verified
Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

stympyhoneybadger-techmikemondragonjoshuapjasontrueandreybutovrabidpraxissubzero10

Keywords

exceptionerrorhoneybadgerjavascriptnodebrowsermonitoringisomorphicuniversal

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
typosquat typosquat.levenshtein:qs AI (typosquat): Scoped package @honeybadger-io/js; Levenshtein match to 'qs' is a false positive from comparing a long scoped name. ai
typosquat typosquat.levenshtein:jest AI (typosquat): Same false-positive pattern; no relation to jest. ai
typosquat typosquat.levenshtein:pg AI (typosquat): Same false-positive pattern; no relation to pg. ai
typosquat typosquat.levenshtein:rxjs AI (typosquat): Same false-positive pattern; no relation to rxjs. ai
typosquat typosquat.levenshtein:joi AI (typosquat): Same false-positive pattern; no relation to joi. ai
typosquat typosquat.levenshtein:ajv AI (typosquat): Same false-positive pattern; no relation to ajv. ai
phantom-deps phantom-dep:@types/express AI (phantom-deps): @types/express is a type-only dep used for TypeScript declarations, not directly imported at runtime. ai
phantom-deps phantom-dep:@types/aws-lambda AI (phantom-deps): @types/aws-lambda is a type-only dep used for TypeScript declarations, not directly imported at runtime. ai

Versions (showing 7 of 7)

Version Deps Published
6.12.3 3 / 19
6.12.2 3 / 19
6.12.1 3 / 19
6.12.0 3 / 19
6.11.3 3 / 19
6.11.2 3 / 19
6.11.1 3 / 19

v6.12.2

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v6.12.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v6.12.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v6.11.3

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v6.11.2

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v6.11.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.