@imtbl/toolkit Apache-2.0 9 versions

@imtbl/toolkit

npm Repository Homepage

Provider package for Immutable SDK

9

Versions

Apache-2.0

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

tcurtin88alex-immutableplatform-saimmutable-npm

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
bogus-package	bogus-package	AI (bogus-package): Internal SDK sub-package; sparse README and no keywords are expected for this package family.	ai	2026/05/18
phantom-deps	phantom-dep:magic-sdk	AI (phantom-deps): Declared as runtime dep; phantom-dep heuristic fires because it's re-exported rather than directly imported.	ai	2026/05/18
phantom-deps	phantom-dep:@magic-ext/oidc	AI (phantom-deps): Same re-export pattern as other accepted phantom-deps in this package.	ai	2026/05/18
phantom-deps	phantom-dep:axios	AI (phantom-deps): Toolkit re-export package; deps declared for consumers, not directly imported in source.	ai	2026/05/03
phantom-deps	phantom-dep:@metamask/detect-provider	AI (phantom-deps): Same re-export/toolkit pattern; stable false positive for this package.	ai	2026/05/03
phantom-deps	phantom-dep:ethers	AI (phantom-deps): Same re-export/toolkit pattern; stable false positive for this package.	ai	2026/05/03
phantom-deps	phantom-dep:oidc-client-ts	AI (phantom-deps): Same re-export/toolkit pattern; stable false positive for this package.	ai	2026/05/03

Versions (showing 9 of 9)

Version	Deps	Published
2.20.0	6 / 17	2026-05-24
2.19.0	6 / 17	2026-05-15
2.18.0	6 / 17	2026-05-06
2.17.1	6 / 17	2026-04-30
2.17.0	6 / 17	2026-04-17
2.16.0	6 / 17	2026-04-14
2.15.0	6 / 17	2026-04-10
2.12.0	7 / 17	2025-12-09
2.10.4	9 / 17	2025-11-05

v2.20.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.19.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.18.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.17.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.17.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.16.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.15.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.12.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.10.4

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.