@kubernetes-models/longhorn
Longhorn models
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:_schemas/ComGithubLonghornLonghornManagerK8sPkgApisLonghornV1beta2AttachmentTicket.js | AI (source-diff): AJV-compiled JSON Schema validator; minified by build tooling, not obfuscated malware. Stable pattern for this package. | ai | |
| source-diff | obfuscated-file:_schemas/ComGithubLonghornLonghornManagerK8sPkgApisLonghornV1beta2AttachmentTicketStatus.js | AI (source-diff): AJV-compiled JSON Schema validator; minified by build tooling. | ai | |
| source-diff | obfuscated-file:_schemas/ComGithubLonghornLonghornManagerK8sPkgApisLonghornV1beta2BackingImage.js | AI (source-diff): AJV-compiled JSON Schema validator; minified by build tooling. | ai | |
| source-diff | obfuscated-file:_schemas/ComGithubLonghornLonghornManagerK8sPkgApisLonghornV1beta2BackingImageDataSource.js | AI (source-diff): AJV-compiled JSON Schema validator; minified by build tooling. | ai | |
| source-diff | obfuscated-file:_schemas/ComGithubLonghornLonghornManagerK8sPkgApisLonghornV1beta2BackingImageDataSourceList.js | AI (source-diff): AJV-compiled JSON Schema validator; minified by build tooling. | ai | |
| source-diff | obfuscated-file:_schemas/ComGithubLonghornLonghornManagerK8sPkgApisLonghornV1beta2BackingImageDataSourceSpec.js | AI (source-diff): AJV-compiled JSON Schema validator; minified by build tooling. | ai | |
| source-diff | obfuscated-file:_schemas/ComGithubLonghornLonghornManagerK8sPkgApisLonghornV1beta2BackingImageDataSourceStatus.js | AI (source-diff): AJV-compiled JSON Schema validator; minified by build tooling. | ai | |
| source-diff | obfuscated-file:_schemas/ComGithubLonghornLonghornManagerK8sPkgApisLonghornV1beta2BackingImageDiskFileStatus.js | AI (source-diff): AJV-compiled JSON Schema validator; minified by build tooling. | ai | |
| source-diff | obfuscated-file:_schemas/ComGithubLonghornLonghornManagerK8sPkgApisLonghornV1beta2BackingImageFileInfo.js | AI (source-diff): AJV-compiled JSON Schema validator; minified by build tooling. | ai | |
| source-diff | obfuscated-file:_schemas/ComGithubLonghornLonghornManagerK8sPkgApisLonghornV1beta2BackingImageList.js | AI (source-diff): AJV-compiled JSON Schema validator; minified by build tooling. | ai | |
| phantom-deps | phantom-dep:kubernetes-models | AI (phantom-deps): kubernetes-models is a peer/transitive dep used by the build system; not directly imported in source but legitimately declared. | ai | |
| phantom-deps | phantom-dep:@kubernetes-models/validate | AI (phantom-deps): Used by generated _schemas files at runtime; same-org dep legitimately declared. | ai |
v2.0.0
11 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.0.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.0.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.