@livekit/rtc-ffi-bindings-darwin-arm64 Apache-2.0 9 versions

@livekit/rtc-ffi-bindings-darwin-arm64

npm Repository Homepage

LiveKit RTC Node FFI bindings for internal use only

9

Versions

Apache-2.0

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

rdsathedavidzhaofeepslkmatkam_livekitraja-livekitlivekitherzoglukasiopaulwedliulkdanm_livekitocupe_livekitcacheonlysfkatbcherrylkrektdeckardtom.ezquerrothomasyuill-livekitlk-toubatbrianrgauslivekit

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
npm-metadata	bundled-binaries	AI (npm-metadata): Platform-specific native FFI binding; .node binary is the entire purpose of this package, published with SLSA provenance.	ai	2026/05/09
bogus-package	bogus-package	AI (bogus-package): Platform-specific sub-package; minimal README/no deps/no keywords is expected for this type of package.	ai	2026/05/09

Versions (showing 9 of 9)

Version	Deps	Published
0.12.61	0 / 0	2026-05-29
0.12.60	0 / 0	2026-05-21
0.12.59	0 / 0	2026-05-20
0.12.58	0 / 0	2026-05-18
0.12.57	0 / 0	2026-05-14
0.12.56	0 / 0	2026-05-12
0.12.55	0 / 0	2026-05-11
0.12.54	0 / 0	2026-05-10
0.12.53	0 / 0	2026-04-23

v0.12.61

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.12.60

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.12.59

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.12.58

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.12.57

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.12.56

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.12.55

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.12.54

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.12.53

2 findings

HIGH Bundled binary files (1) npm-metadata

Package contains compiled binaries that could be backdoors: • rtc-node.darwin-arm64.node

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.