@ledgerhq/device-transport-kit-node-hid Apache-2.0 2 versions

@ledgerhq/device-transport-kit-node-hid

> [!CAUTION] > This is still under development and we are free to make new interfaces which may lead to breaking changes.

Versions

Apache-2.0

License

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

phenry-ledgersergii-shkolingbrahm-ledgerthomas.coudrayldg-github-civbouzonledger-releaser

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
dependencies	unvetted-dep:node-hid	AI (dependencies): node-hid is the standard Node.js HID library; its use is expected and appropriate for a Ledger hardware wallet transport package.	ai	2026/04/25
dependencies	unvetted-dep:purify-ts	AI (dependencies): purify-ts is a well-known functional programming library; its use is legitimate in Ledger's SDK codebase.	ai	2026/04/25

Version	Deps	Published
1.0.1	4 / 10	2026-04-14
1.0.0	4 / 10	2026-02-12

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v0.2). This is the strongest supply chain integrity signal.

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v0.2). This is the strongest supply chain integrity signal.