@keplr-wallet/hooks-starknet Apache-2.0 15 versions

@keplr-wallet/hooks-starknet

npm Repository Homepage

15

Versions

Apache-2.0

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

chainapsis

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
provenance	publisher-changed	AI (provenance): Transition from chainapsis account to GitHub Actions CI/CD with SLSA attestation; consistent repo URL and monorepo pattern.	ai	2026/05/20
phantom-deps	phantom-dep:long	AI (phantom-deps): Transitive/config-referenced dep in monorepo; stable false positive for this package.	ai	2026/05/16
phantom-deps	phantom-dep:utility-types	AI (phantom-deps): TypeScript utility types used in type declarations, not direct imports; stable false positive.	ai	2026/05/16
phantom-deps	phantom-dep:@ethersproject/address	AI (phantom-deps): Referenced in config/type context in monorepo; stable false positive.	ai	2026/05/16
phantom-deps	phantom-dep:@ethersproject/providers	AI (phantom-deps): Referenced in config/type context in monorepo; stable false positive.	ai	2026/05/16
semgrep	semgrep:hex-decode	AI (semgrep): Hex decode is used for Starknet address validation (strip 0x, check 32-byte length); not a malicious payload pattern.	ai	2026/05/16
phantom-deps	phantom-dep:@keplr-wallet/proto-types	AI (phantom-deps): Same-org monorepo sibling; phantom-dep heuristic unreliable for monorepo peer/type usage.	ai	2026/05/16
phantom-deps	phantom-dep:@keplr-wallet/background	AI (phantom-deps): Same-org monorepo sibling; phantom-dep heuristic unreliable for monorepo peer/type usage.	ai	2026/05/16
phantom-deps	phantom-dep:@keplr-wallet/stores-etc	AI (phantom-deps): Same-org monorepo sibling; phantom-dep heuristic unreliable for monorepo peer/type usage.	ai	2026/05/16
phantom-deps	phantom-dep:@keplr-wallet/stores-eth	AI (phantom-deps): Same-org monorepo sibling; phantom-dep heuristic unreliable for monorepo peer/type usage.	ai	2026/05/16
phantom-deps	phantom-dep:@keplr-wallet/crypto	AI (phantom-deps): Same-org monorepo sibling; phantom-dep heuristic unreliable for monorepo peer/type usage.	ai	2026/05/16

Versions (showing 15 of 115)

Version	Deps	Published
0.12.245	17 / 0	2025-06-24
0.12.244	17 / 0	2025-06-24
0.12.243	17 / 0	2025-06-20
0.12.242	17 / 0	2025-06-20
0.12.241	17 / 0	2025-06-19
0.12.240	17 / 0	2025-06-16
0.12.239	17 / 0	2025-06-10
0.12.238	17 / 0	2025-06-02
0.12.237	17 / 0	2025-05-28
0.12.236	17 / 0	2025-05-27
0.12.235	17 / 0	2025-05-19
0.12.234	17 / 0	2025-05-15
0.12.233	17 / 0	2025-05-13
0.12.232	17 / 0	2025-05-08
0.12.231	17 / 0	2025-05-07

v0.12.245

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.12.244

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.12.243

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.12.242

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.12.241

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.12.240

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.12.239

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.12.238

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.12.237

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.12.236

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.12.235

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.12.234

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.12.233

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.12.232

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.12.231

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.