@injectivelabs/sdk-ts — Greenflagged

SDK in TypeScript for building Injective applications in a browser, node, and react native environment.

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

albertchonbangjelkoskihmoragregathomasraleemmeloniivan-angelkoskimaxim-injdanidomiproofofzedbrajovicdavidjossefrederick-injectivea1337

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
source-diff	obfuscated-file:dist/cjs/index-BU32_7AB.d.cts	AI (source-diff): Bundler-generated chunk with long import lines; not obfuscation. Stable pattern for this package.	ai	2026/06/07
source-diff	obfuscated-file:dist/esm/index-53Nc40Ah.d.ts	AI (source-diff): TypeScript declaration file with long import lines from bundler; not obfuscation.	ai	2026/06/07
source-diff	obfuscated-file:dist/esm/MsgSetDenomMetadata-Bl5qIcb9.js	AI (source-diff): Rollup/tsdown bundle chunk; long lines are import statements from tree-shaking, not obfuscation.	ai	2026/06/07
source-diff	obfuscated-file:dist/esm/MsgSetDenomMetadata-tIx6OFg9.js	AI (source-diff): Bundled ESM output with long import lines; standard tsdown/rollup artifact for this SDK.	ai	2026/06/06
source-diff	obfuscated-file:dist/cjs/index-d95UiY0V.d.cts	AI (source-diff): TypeScript declaration file with long import lines from bundler output; not obfuscated code.	ai	2026/06/06
source-diff	obfuscated-file:dist/cjs/index-DGHZJt7G.d.cts	AI (source-diff): TypeScript declaration file with long bundler-generated import lines; not obfuscated code.	ai	2026/06/06
source-diff	obfuscated-file:dist/esm/index-B7rS5iIF.d.ts	AI (source-diff): TypeScript declaration file with long bundler-generated import lines; not obfuscated code.	ai	2026/06/06
source-diff	obfuscated-file:dist/esm/MsgSetDenomMetadata-BNYIha2C.js	AI (source-diff): Bundled ESM output with long import statements; standard tsdown build artifact for this SDK.	ai	2026/06/06
source-diff	obfuscated-file:dist/esm/index-Bn3JkjMQ.d.ts	AI (source-diff): TypeScript declaration file with long import lines from bundler output; not obfuscated code.	ai	2026/06/06
source-diff	obfuscated-file:dist/cjs/index-C_ioefRg.d.cts	AI (source-diff): TypeScript declaration file with long import lines from bundler output; not obfuscated code.	ai	2026/06/06
source-diff	obfuscated-file:dist/cjs/index-Cz0vkasG.d.cts	AI (source-diff): TypeScript declaration file with long import lines from bundler output; not obfuscation.	ai	2026/06/05
source-diff	obfuscated-file:dist/esm/MsgSetDenomMetadata-BN6xAObK.js	AI (source-diff): Bundled ESM output with long import lines; standard tsdown build artifact for this SDK.	ai	2026/06/05
source-diff	obfuscated-file:dist/cjs/index-YmLrS29a.d.cts	AI (source-diff): Long lines are bundler-generated TypeScript declaration files with many re-exports, not obfuscation.	ai	2026/06/05
source-diff	obfuscated-file:dist/esm/MsgSetDenomMetadata-CWhjd9Yp.js	AI (source-diff): Bundler-generated ESM chunk with long import lines; readable named imports from known packages.	ai	2026/06/04
source-diff	obfuscated-file:dist/esm/index-DvOw3RHi.d.ts	AI (source-diff): Bundler-generated TypeScript declaration file with long import lines; not obfuscation.	ai	2026/06/04
source-diff	obfuscated-file:dist/cjs/index-DYNILG8y.d.cts	AI (source-diff): Bundler-generated TypeScript declaration file with long import lines; not obfuscation.	ai	2026/06/04
source-diff	obfuscated-file:dist/esm/MsgSetDenomMetadata-BpZGNLUP.js	AI (source-diff): Bundled ESM output with long import lines; standard tsdown/rollup output for this package.	ai	2026/06/03
source-diff	obfuscated-file:dist/cjs/index-D1bWAXoi.d.cts	AI (source-diff): TypeScript declaration file with long import lines from bundler output; not obfuscation.	ai	2026/06/03
source-diff	obfuscated-file:dist/cjs/index-DJm-qDcY.d.cts	AI (source-diff): Bundler-generated TypeScript declaration file with long import lines; not obfuscation. Stable pattern for this package.	ai	2026/06/02
source-diff	obfuscated-file:dist/esm/MsgSetDenomMetadata-CCP5OcIu.js	AI (source-diff): Rollup/tsdown chunk with long import lines; all imports are known packages. Standard build artifact.	ai	2026/06/02
source-diff	obfuscated-file:dist/esm/utils-D-LVHEfQ.js	AI (source-diff): Bundled utility chunk; readable code visible in sample. Standard build artifact for this package.	ai	2026/06/02
source-diff	obfuscated-file:dist/esm/index-C4ebvHUB.d.ts	AI (source-diff): Bundler-generated TypeScript declaration file with long import lines; not obfuscation.	ai	2026/06/02
source-diff	obfuscated-file:dist/cjs/index-ByRa2IE-.d.cts	AI (source-diff): TypeScript declaration file with long import lines from bundler output; not obfuscated code.	ai	2026/05/31
source-diff	obfuscated-file:dist/esm/index-DFreudT5.d.ts	AI (source-diff): TypeScript declaration file with long import lines from bundler output; not obfuscated code.	ai	2026/05/31
source-diff	obfuscated-file:dist/esm/MsgSetDenomMetadata-BWUlFM6L.js	AI (source-diff): Bundled ESM chunk with long import lines; standard tsdown/vite output for this SDK.	ai	2026/05/31
source-diff	obfuscated-file:dist/cjs/index-Dz6elmkG.d.cts	AI (source-diff): TypeScript declaration file with long import lines from bundler output; not obfuscated code.	ai	2026/05/30
source-diff	large-new-source-files	AI (source-diff): Large SDK with 1535 versions; new bundler chunks are expected across releases.	ai	2026/05/30
source-diff	obfuscated-file:dist/esm/MsgSetDenomMetadata-CeD0R82a.js	AI (source-diff): Bundled ESM chunk with long import lines; standard tsdown/rollup output for this large SDK.	ai	2026/05/30
source-diff	obfuscated-file:dist/cjs/index-CDh-fE3h.d.cts	AI (source-diff): TypeScript declaration file with long import lines from bundler output; not obfuscated code.	ai	2026/05/30
source-diff	obfuscated-file:dist/esm/index-DLvkfrR5.d.ts	AI (source-diff): TypeScript declaration file with long import lines from bundler output; not obfuscated code.	ai	2026/05/30
source-diff	obfuscated-file:dist/esm/MsgSetDenomMetadata-CnbW6OG0.js	AI (source-diff): Bundled ESM chunk with long import lines; standard tsdown/rollup output for this large SDK.	ai	2026/05/30
phantom-deps	phantom-dep:google-protobuf	AI (phantom-deps): google-protobuf is a proto runtime dep used transitively; stable false positive for this package.	ai	2026/05/20
phantom-deps	phantom-dep:@noble/hashes	AI (phantom-deps): @noble/hashes is a declared runtime dep used by crypto utilities; phantom-dep heuristic misfires here.	ai	2026/05/20
phantom-deps	phantom-dep:graphql	AI (phantom-deps): graphql is an optional peer dep exposed via ./graphql export path; not directly imported in main bundle.	ai	2026/05/20
phantom-deps	phantom-dep:shx	AI (phantom-deps): shx is a build-time tool used in scripts, not a runtime import; stable false positive for this package.	ai	2026/05/20
source-diff	obfuscated-file:dist/esm/index-Hj2qOUud.d.ts	AI (source-diff): Same pattern — bundled .d.ts type declaration with long import lines; false positive for this package.	ai	2026/05/20
source-diff	obfuscated-file:dist/cjs/index-UE9sXMcw.d.cts	AI (source-diff): Bundled TypeScript declaration file with long import lines; not obfuscated code, stable pattern for this package.	ai	2026/05/20
source-diff	obfuscated-file:dist/cjs/index-B7UsSUbZ.d.cts	AI (source-diff): TypeScript declaration file with long import lines from bundled type rollup; not executable obfuscation.	ai	2026/04/30
publish-pattern	dormant-publish	AI (publish-pattern): Package has 1511 versions; active SDK with CI/CD publishing via GitHub Actions with SLSA provenance.	ai	2026/04/30
source-diff	obfuscated-file:dist/esm/index-RA5Nj5kd.d.ts	AI (source-diff): TypeScript declaration file with long import lines from bundled type rollup; not executable obfuscation.	ai	2026/04/30
phantom-deps	phantom-dep:@injectivelabs/grpc-web-react-native-transport	AI (phantom-deps): Same-org transport dep; declared for peer resolution, not directly imported in source.	ai	2026/04/29
phantom-deps	phantom-dep:@injectivelabs/grpc-web-node-http-transport	AI (phantom-deps): Same-org transport dep; declared for peer resolution, not directly imported in source.	ai	2026/04/29
phantom-deps	phantom-dep:@injectivelabs/grpc-web	AI (phantom-deps): Same-org transport dep; declared for peer resolution, not directly imported in source.	ai	2026/04/29
phantom-deps	phantom-dep:@protobuf-ts/runtime	AI (phantom-deps): Referenced in config files for type generation; stable false positive for this package.	ai	2026/04/29

Versions (showing 49 of 49)

Version	Deps	Published
1.19.27	32 / 0	2026-06-01
1.19.20	32 / 0	2026-05-26
1.19.13	31 / 0	2026-05-20
1.19.12	31 / 0	2026-05-15
1.19.11	31 / 0	2026-05-15
1.19.8	31 / 0	2026-05-12
1.19.6	31 / 0	2026-05-06
1.19.3	31 / 0	2026-05-01
1.19.2	31 / 0	2026-04-29
1.19.1	31 / 0	2026-04-29
1.18.21	31 / 0	2026-04-22
1.18.7	31 / 0	2026-03-03
1.18.5	31 / 0	2026-03-02
1.18.4	31 / 0	2026-03-02
1.17.6	30 / 0	2026-01-19
1.17.5	30 / 0	2026-01-14
1.17.3	30 / 0	2026-01-07
1.17.2	30 / 0	2025-12-22
1.16.35	32 / 3	2025-11-27
1.16.34	32 / 3	2025-11-26
1.16.32	32 / 3	2025-11-26
1.16.31	32 / 3	2025-11-25
1.16.30	32 / 3	2025-11-25
1.16.28	32 / 3	2025-11-19
1.16.27	32 / 3	2025-11-17
1.16.24	32 / 3	2025-11-10
1.16.21	32 / 3	2025-10-17
1.16.20	32 / 3	2025-10-13
1.16.19	32 / 3	2025-10-13
1.16.16	32 / 3	2025-10-06
1.16.9	34 / 2	2025-08-19
1.16.8	34 / 2	2025-08-19
1.16.6	33 / 2	2025-08-13
1.16.4	33 / 2	2025-08-08
1.16.1	33 / 2	2025-07-31
1.15.39	33 / 2	2025-07-01
1.15.37	33 / 2	2025-06-30
1.15.34	33 / 2	2025-06-23
1.15.33	33 / 2	2025-06-20
1.15.32	33 / 2	2025-06-18
1.15.30	33 / 2	2025-06-13
1.15.20	34 / 2	2025-05-29
1.15.18	34 / 2	2025-05-21
1.15.17	34 / 2	2025-05-20
1.15.14	34 / 2	2025-05-19
1.15.11	34 / 2	2025-05-19
1.15.8	34 / 2	2025-05-19
1.15.7	34 / 2	2025-05-19
1.15.6	34 / 2	2025-05-14

v1.19.27

5 findings

HIGH New obfuscated file: dist/cjs/index-DJm-qDcY.d.cts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/esm/MsgSetDenomMetadata-CCP5OcIu.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/esm/utils-D-LVHEfQ.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/esm/index-C4ebvHUB.d.ts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.19.20

6 findings

HIGH Missing gitHead — previous versions had it provenance

This version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: GitHub Actions.

HIGH New obfuscated file: dist/cjs/index-BU32_7AB.d.cts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/esm/MsgSetDenomMetadata-Bl5qIcb9.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/esm/utils-D-LVHEfQ.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/esm/index-53Nc40Ah.d.ts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.19.13

5 findings

HIGH Missing gitHead — previous versions had it provenance

This version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: GitHub Actions.

HIGH New obfuscated file: dist/cjs/index-ByRa2IE-.d.cts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/esm/MsgSetDenomMetadata-BWUlFM6L.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/esm/index-DFreudT5.d.ts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.19.12

4 findings

HIGH New obfuscated file: dist/cjs/index-DGHZJt7G.d.cts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/esm/MsgSetDenomMetadata-BWUlFM6L.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/esm/index-B7rS5iIF.d.ts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.19.11

4 findings

HIGH New obfuscated file: dist/cjs/index-ByRa2IE-.d.cts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/esm/MsgSetDenomMetadata-BWUlFM6L.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/esm/index-DFreudT5.d.ts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.19.8

4 findings

HIGH New obfuscated file: dist/cjs/index-CDh-fE3h.d.cts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/esm/MsgSetDenomMetadata-CnbW6OG0.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/esm/index-DLvkfrR5.d.ts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.19.6

4 findings

HIGH New obfuscated file: dist/cjs/index-DYNILG8y.d.cts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/esm/MsgSetDenomMetadata-CWhjd9Yp.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/esm/index-DvOw3RHi.d.ts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.19.3

3 findings

HIGH New obfuscated file: dist/cjs/index-UE9sXMcw.d.cts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/esm/index-Hj2qOUud.d.ts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.19.2

3 findings

HIGH New obfuscated file: dist/cjs/index-B7UsSUbZ.d.cts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/esm/index-RA5Nj5kd.d.ts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.18.21

3 findings

HIGH New obfuscated file: dist/cjs/index-d95UiY0V.d.cts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/esm/MsgSetDenomMetadata-tIx6OFg9.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.18.7

3 findings

HIGH New obfuscated file: dist/cjs/index-D1bWAXoi.d.cts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/esm/MsgSetDenomMetadata-BpZGNLUP.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.18.5

3 findings

HIGH New obfuscated file: dist/cjs/index-Cz0vkasG.d.cts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/esm/MsgSetDenomMetadata-BN6xAObK.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.18.4

3 findings

HIGH New obfuscated file: dist/cjs/index-Cz0vkasG.d.cts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/esm/MsgSetDenomMetadata-BN6xAObK.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.17.6

3 findings

HIGH New obfuscated file: dist/cjs/index-Dz6elmkG.d.cts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/esm/MsgSetDenomMetadata-CeD0R82a.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.17.5

3 findings

HIGH New obfuscated file: dist/cjs/index-YmLrS29a.d.cts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/esm/MsgSetDenomMetadata-CeD0R82a.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.17.3

4 findings

HIGH New obfuscated file: dist/cjs/index-C_ioefRg.d.cts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/esm/MsgSetDenomMetadata-BNYIha2C.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/esm/index-Bn3JkjMQ.d.ts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.17.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.16.35

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.16.34

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.16.32

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.16.31

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.16.30

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.16.28

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.16.27

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.16.24

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.16.21

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.16.20

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.16.19

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.16.16

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.16.9

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.16.8

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.16.6

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.16.4

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.16.1

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.15.39

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.15.37

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.15.34

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.15.33

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.15.32

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.15.30

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.15.20

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.15.18

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.15.17

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.15.14

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.15.11

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.15.8

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.15.7

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.15.6

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.