@mandujs/ate
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| semgrep | semgrep:env-spread | AI (semgrep): Standard subprocess env-passing pattern in a test runner; not exfiltration. | ai | |
| semgrep | semgrep:shady-links-raw-ip | AI (semgrep): Hardcoded 127.0.0.1 localhost default in generated test code; not a remote exfiltration endpoint. | ai | |
| typosquat | typosquat.levenshtein:vite | AI (typosquat): Scoped package @mandujs/ate; not a plausible typosquat of vite. | ai | |
| typosquat | typosquat.levenshtein:ajv | AI (typosquat): Scoped package @mandujs/ate; not a plausible typosquat of ajv. | ai |
Versions (showing 22 of 22)
| Version | Deps | Published |
|---|---|---|
| 1.0.0 | 2 / 0 | |
| 0.26.1 | 2 / 0 | |
| 0.26.0 | 2 / 0 | |
| 0.25.2 | 2 / 0 | |
| 0.25.1 | 2 / 0 | |
| 0.25.0 | 2 / 0 | |
| 0.24.3 | 2 / 0 | |
| 0.24.2 | 2 / 0 | |
| 0.24.1 | 2 / 0 | |
| 0.24.0 | 2 / 0 | |
| 0.22.0 | 2 / 0 | |
| 0.21.0 | 2 / 0 | |
| 0.20.0 | 2 / 0 | |
| 0.19.2 | 2 / 0 | |
| 0.19.1 | 2 / 0 | |
| 0.19.0 | 2 / 0 | |
| 0.18.2 | 2 / 0 | |
| 0.18.1 | 2 / 0 | |
| 0.18.0 | 2 / 0 | |
| 0.17.3 | 2 / 0 | |
| 0.17.2 | 2 / 0 | |
| 0.17.0 | 2 / 0 |
v1.0.0
5 findingsSpreading entire process.env into an object — may capture all secrets Source: https://github.com/konamgil/mandu/blob/c46a8d5d00c6e11f9989c8bde9a9f2ff8ac31fb9/src/e2e-runner.ts#L195 193 | cmd, 194 | args, > 195 | env: { ...process.env, ...env } as Record<string, string>, 196 | cwd: input.repoRoot, 197 | timeoutMs: input.timeoutMs ?? DEFAULT_TIMEOUT_MS,
Spreading entire process.env into an object — may capture all secrets Source: https://github.com/konamgil/mandu/blob/c46a8d5d00c6e11f9989c8bde9a9f2ff8ac31fb9/src/e2e-runner.ts#L235 233 | cwd: input.repoRoot, 234 | stdio: "inherit", > 235 | env: { ...process.env, ...env }, 236 | }); 237 | } catch (err: unknown) {
Spreading entire process.env into an object — may capture all secrets Source: https://github.com/konamgil/mandu/blob/c46a8d5d00c6e11f9989c8bde9a9f2ff8ac31fb9/src/run.ts#L284 282 | runId: string, 283 | ): { command: string; args: string[]; env: NodeJS.ProcessEnv; specPath: string } { > 284 | const env: NodeJS.ProcessEnv = { ...process.env }; 285 | env.MANDU_ATE_RUN_ID = runId; 286 |
Spreading entire process.env into an object — may capture all secrets Source: https://github.com/konamgil/mandu/blob/c46a8d5d00c6e11f9989c8bde9a9f2ff8ac31fb9/src/runner.ts#L141 139 | } 140 | > 141 | const env = { 142 | ...process.env, 143 | CI: input.ci ? "true" : process.env.CI,
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.26.1
5 findingsSpreading entire process.env into an object — may capture all secrets Source: https://github.com/konamgil/mandu/blob/5dcb2fa32fe646f7b138439574b385f7c6084de1/src/e2e-runner.ts#L195 193 | cmd, 194 | args, > 195 | env: { ...process.env, ...env } as Record<string, string>, 196 | cwd: input.repoRoot, 197 | timeoutMs: input.timeoutMs ?? DEFAULT_TIMEOUT_MS,
Spreading entire process.env into an object — may capture all secrets Source: https://github.com/konamgil/mandu/blob/5dcb2fa32fe646f7b138439574b385f7c6084de1/src/e2e-runner.ts#L235 233 | cwd: input.repoRoot, 234 | stdio: "inherit", > 235 | env: { ...process.env, ...env }, 236 | }); 237 | } catch (err: unknown) {
Spreading entire process.env into an object — may capture all secrets Source: https://github.com/konamgil/mandu/blob/5dcb2fa32fe646f7b138439574b385f7c6084de1/src/run.ts#L284 282 | runId: string, 283 | ): { command: string; args: string[]; env: NodeJS.ProcessEnv; specPath: string } { > 284 | const env: NodeJS.ProcessEnv = { ...process.env }; 285 | env.MANDU_ATE_RUN_ID = runId; 286 |
Spreading entire process.env into an object — may capture all secrets Source: https://github.com/konamgil/mandu/blob/5dcb2fa32fe646f7b138439574b385f7c6084de1/src/runner.ts#L142 140 | } 141 | > 142 | const env = { 143 | ...process.env, 144 | CI: input.ci ? "true" : process.env.CI,
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.26.0
5 findingsSpreading entire process.env into an object — may capture all secrets Source: https://github.com/konamgil/mandu/blob/f28b4298641875e6be2c033a0caac32bc0fb698b/src/e2e-runner.ts#L195 193 | cmd, 194 | args, > 195 | env: { ...process.env, ...env } as Record<string, string>, 196 | cwd: input.repoRoot, 197 | timeoutMs: input.timeoutMs ?? DEFAULT_TIMEOUT_MS,
Spreading entire process.env into an object — may capture all secrets Source: https://github.com/konamgil/mandu/blob/f28b4298641875e6be2c033a0caac32bc0fb698b/src/e2e-runner.ts#L235 233 | cwd: input.repoRoot, 234 | stdio: "inherit", > 235 | env: { ...process.env, ...env }, 236 | }); 237 | } catch (err: unknown) {
Spreading entire process.env into an object — may capture all secrets Source: https://github.com/konamgil/mandu/blob/f28b4298641875e6be2c033a0caac32bc0fb698b/src/run.ts#L284 282 | runId: string, 283 | ): { command: string; args: string[]; env: NodeJS.ProcessEnv; specPath: string } { > 284 | const env: NodeJS.ProcessEnv = { ...process.env }; 285 | env.MANDU_ATE_RUN_ID = runId; 286 |
Spreading entire process.env into an object — may capture all secrets Source: https://github.com/konamgil/mandu/blob/f28b4298641875e6be2c033a0caac32bc0fb698b/src/runner.ts#L141 139 | } 140 | > 141 | const env = { 142 | ...process.env, 143 | CI: input.ci ? "true" : process.env.CI,
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.25.2
5 findingsSpreading entire process.env into an object — may capture all secrets 193 | cmd, 194 | args, > 195 | env: { ...process.env, ...env } as Record<string, string>, 196 | cwd: input.repoRoot, 197 | timeoutMs: input.timeoutMs ?? DEFAULT_TIMEOUT_MS,
Spreading entire process.env into an object — may capture all secrets 233 | cwd: input.repoRoot, 234 | stdio: "inherit", > 235 | env: { ...process.env, ...env }, 236 | }); 237 | } catch (err: unknown) {
Spreading entire process.env into an object — may capture all secrets 282 | runId: string, 283 | ): { command: string; args: string[]; env: NodeJS.ProcessEnv; specPath: string } { > 284 | const env: NodeJS.ProcessEnv = { ...process.env }; 285 | env.MANDU_ATE_RUN_ID = runId; 286 |
Spreading entire process.env into an object — may capture all secrets 139 | } 140 | > 141 | const env = { 142 | ...process.env, 143 | CI: input.ci ? "true" : process.env.CI,
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.25.1
5 findingsSpreading entire process.env into an object — may capture all secrets 193 | cmd, 194 | args, > 195 | env: { ...process.env, ...env } as Record<string, string>, 196 | cwd: input.repoRoot, 197 | timeoutMs: input.timeoutMs ?? DEFAULT_TIMEOUT_MS,
Spreading entire process.env into an object — may capture all secrets 233 | cwd: input.repoRoot, 234 | stdio: "inherit", > 235 | env: { ...process.env, ...env }, 236 | }); 237 | } catch (err: unknown) {
Spreading entire process.env into an object — may capture all secrets 282 | runId: string, 283 | ): { command: string; args: string[]; env: NodeJS.ProcessEnv; specPath: string } { > 284 | const env: NodeJS.ProcessEnv = { ...process.env }; 285 | env.MANDU_ATE_RUN_ID = runId; 286 |
Spreading entire process.env into an object — may capture all secrets 139 | } 140 | > 141 | const env = { 142 | ...process.env, 143 | CI: input.ci ? "true" : process.env.CI,
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.25.0
5 findingsSpreading entire process.env into an object — may capture all secrets 193 | cmd, 194 | args, > 195 | env: { ...process.env, ...env } as Record<string, string>, 196 | cwd: input.repoRoot, 197 | timeoutMs: input.timeoutMs ?? DEFAULT_TIMEOUT_MS,
Spreading entire process.env into an object — may capture all secrets 233 | cwd: input.repoRoot, 234 | stdio: "inherit", > 235 | env: { ...process.env, ...env }, 236 | }); 237 | } catch (err: unknown) {
Spreading entire process.env into an object — may capture all secrets 275 | runId: string, 276 | ): { command: string; args: string[]; env: NodeJS.ProcessEnv; specPath: string } { > 277 | const env: NodeJS.ProcessEnv = { ...process.env }; 278 | env.MANDU_ATE_RUN_ID = runId; 279 |
Spreading entire process.env into an object — may capture all secrets 65 | } 66 | > 67 | const env = { 68 | ...process.env, 69 | CI: input.ci ? "true" : process.env.CI,
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.24.3
5 findingsSpreading entire process.env into an object — may capture all secrets 193 | cmd, 194 | args, > 195 | env: { ...process.env, ...env } as Record<string, string>, 196 | cwd: input.repoRoot, 197 | timeoutMs: input.timeoutMs ?? DEFAULT_TIMEOUT_MS,
Spreading entire process.env into an object — may capture all secrets 233 | cwd: input.repoRoot, 234 | stdio: "inherit", > 235 | env: { ...process.env, ...env }, 236 | }); 237 | } catch (err: unknown) {
Spreading entire process.env into an object — may capture all secrets 203 | runId: string, 204 | ): { command: string; args: string[]; env: NodeJS.ProcessEnv; specPath: string } { > 205 | const env: NodeJS.ProcessEnv = { ...process.env }; 206 | env.MANDU_ATE_RUN_ID = runId; 207 |
Spreading entire process.env into an object — may capture all secrets 65 | } 66 | > 67 | const env = { 68 | ...process.env, 69 | CI: input.ci ? "true" : process.env.CI,
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.24.2
5 findingsSpreading entire process.env into an object — may capture all secrets 193 | cmd, 194 | args, > 195 | env: { ...process.env, ...env } as Record<string, string>, 196 | cwd: input.repoRoot, 197 | timeoutMs: input.timeoutMs ?? DEFAULT_TIMEOUT_MS,
Spreading entire process.env into an object — may capture all secrets 233 | cwd: input.repoRoot, 234 | stdio: "inherit", > 235 | env: { ...process.env, ...env }, 236 | }); 237 | } catch (err: unknown) {
Spreading entire process.env into an object — may capture all secrets 203 | runId: string, 204 | ): { command: string; args: string[]; env: NodeJS.ProcessEnv; specPath: string } { > 205 | const env: NodeJS.ProcessEnv = { ...process.env }; 206 | env.MANDU_ATE_RUN_ID = runId; 207 |
Spreading entire process.env into an object — may capture all secrets 65 | } 66 | > 67 | const env = { 68 | ...process.env, 69 | CI: input.ci ? "true" : process.env.CI,
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.24.1
5 findingsSpreading entire process.env into an object — may capture all secrets 193 | cmd, 194 | args, > 195 | env: { ...process.env, ...env } as Record<string, string>, 196 | cwd: input.repoRoot, 197 | timeoutMs: input.timeoutMs ?? DEFAULT_TIMEOUT_MS,
Spreading entire process.env into an object — may capture all secrets 233 | cwd: input.repoRoot, 234 | stdio: "inherit", > 235 | env: { ...process.env, ...env }, 236 | }); 237 | } catch (err: unknown) {
Spreading entire process.env into an object — may capture all secrets 203 | runId: string, 204 | ): { command: string; args: string[]; env: NodeJS.ProcessEnv; specPath: string } { > 205 | const env: NodeJS.ProcessEnv = { ...process.env }; 206 | env.MANDU_ATE_RUN_ID = runId; 207 |
Spreading entire process.env into an object — may capture all secrets 65 | } 66 | > 67 | const env = { 68 | ...process.env, 69 | CI: input.ci ? "true" : process.env.CI,
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.24.0
5 findingsSpreading entire process.env into an object — may capture all secrets 193 | cmd, 194 | args, > 195 | env: { ...process.env, ...env } as Record<string, string>, 196 | cwd: input.repoRoot, 197 | timeoutMs: input.timeoutMs ?? DEFAULT_TIMEOUT_MS,
Spreading entire process.env into an object — may capture all secrets 233 | cwd: input.repoRoot, 234 | stdio: "inherit", > 235 | env: { ...process.env, ...env }, 236 | }); 237 | } catch (err: unknown) {
Spreading entire process.env into an object — may capture all secrets 203 | runId: string, 204 | ): { command: string; args: string[]; env: NodeJS.ProcessEnv; specPath: string } { > 205 | const env: NodeJS.ProcessEnv = { ...process.env }; 206 | env.MANDU_ATE_RUN_ID = runId; 207 |
Spreading entire process.env into an object — may capture all secrets 65 | } 66 | > 67 | const env = { 68 | ...process.env, 69 | CI: input.ci ? "true" : process.env.CI,
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.22.0
5 findingsSpreading entire process.env into an object — may capture all secrets 193 | cmd, 194 | args, > 195 | env: { ...process.env, ...env } as Record<string, string>, 196 | cwd: input.repoRoot, 197 | timeoutMs: input.timeoutMs ?? DEFAULT_TIMEOUT_MS,
Spreading entire process.env into an object — may capture all secrets 233 | cwd: input.repoRoot, 234 | stdio: "inherit", > 235 | env: { ...process.env, ...env }, 236 | }); 237 | } catch (err: unknown) {
Spreading entire process.env into an object — may capture all secrets 203 | runId: string, 204 | ): { command: string; args: string[]; env: NodeJS.ProcessEnv; specPath: string } { > 205 | const env: NodeJS.ProcessEnv = { ...process.env }; 206 | env.MANDU_ATE_RUN_ID = runId; 207 |
Spreading entire process.env into an object — may capture all secrets 65 | } 66 | > 67 | const env = { 68 | ...process.env, 69 | CI: input.ci ? "true" : process.env.CI,
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.21.0
5 findingsSpreading entire process.env into an object — may capture all secrets 193 | cmd, 194 | args, > 195 | env: { ...process.env, ...env } as Record<string, string>, 196 | cwd: input.repoRoot, 197 | timeoutMs: input.timeoutMs ?? DEFAULT_TIMEOUT_MS,
Spreading entire process.env into an object — may capture all secrets 233 | cwd: input.repoRoot, 234 | stdio: "inherit", > 235 | env: { ...process.env, ...env }, 236 | }); 237 | } catch (err: unknown) {
Spreading entire process.env into an object — may capture all secrets 203 | runId: string, 204 | ): { command: string; args: string[]; env: NodeJS.ProcessEnv; specPath: string } { > 205 | const env: NodeJS.ProcessEnv = { ...process.env }; 206 | env.MANDU_ATE_RUN_ID = runId; 207 |
Spreading entire process.env into an object — may capture all secrets 65 | } 66 | > 67 | const env = { 68 | ...process.env, 69 | CI: input.ci ? "true" : process.env.CI,
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.20.0
4 findingsSpreading entire process.env into an object — may capture all secrets 193 | cmd, 194 | args, > 195 | env: { ...process.env, ...env } as Record<string, string>, 196 | cwd: input.repoRoot, 197 | timeoutMs: input.timeoutMs ?? DEFAULT_TIMEOUT_MS,
Spreading entire process.env into an object — may capture all secrets 233 | cwd: input.repoRoot, 234 | stdio: "inherit", > 235 | env: { ...process.env, ...env }, 236 | }); 237 | } catch (err: unknown) {
Spreading entire process.env into an object — may capture all secrets 65 | } 66 | > 67 | const env = { 68 | ...process.env, 69 | CI: input.ci ? "true" : process.env.CI,
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.19.2
4 findingsSpreading entire process.env into an object — may capture all secrets 193 | cmd, 194 | args, > 195 | env: { ...process.env, ...env } as Record<string, string>, 196 | cwd: input.repoRoot, 197 | timeoutMs: input.timeoutMs ?? DEFAULT_TIMEOUT_MS,
Spreading entire process.env into an object — may capture all secrets 233 | cwd: input.repoRoot, 234 | stdio: "inherit", > 235 | env: { ...process.env, ...env }, 236 | }); 237 | } catch (err: unknown) {
Spreading entire process.env into an object — may capture all secrets 65 | } 66 | > 67 | const env = { 68 | ...process.env, 69 | CI: input.ci ? "true" : process.env.CI,
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.19.1
4 findingsSpreading entire process.env into an object — may capture all secrets 193 | cmd, 194 | args, > 195 | env: { ...process.env, ...env } as Record<string, string>, 196 | cwd: input.repoRoot, 197 | timeoutMs: input.timeoutMs ?? DEFAULT_TIMEOUT_MS,
Spreading entire process.env into an object — may capture all secrets 233 | cwd: input.repoRoot, 234 | stdio: "inherit", > 235 | env: { ...process.env, ...env }, 236 | }); 237 | } catch (err: unknown) {
Spreading entire process.env into an object — may capture all secrets 65 | } 66 | > 67 | const env = { 68 | ...process.env, 69 | CI: input.ci ? "true" : process.env.CI,
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.19.0
4 findingsSpreading entire process.env into an object — may capture all secrets 193 | cmd, 194 | args, > 195 | env: { ...process.env, ...env } as Record<string, string>, 196 | cwd: input.repoRoot, 197 | timeoutMs: input.timeoutMs ?? DEFAULT_TIMEOUT_MS,
Spreading entire process.env into an object — may capture all secrets 233 | cwd: input.repoRoot, 234 | stdio: "inherit", > 235 | env: { ...process.env, ...env }, 236 | }); 237 | } catch (err: unknown) {
Spreading entire process.env into an object — may capture all secrets 65 | } 66 | > 67 | const env = { 68 | ...process.env, 69 | CI: input.ci ? "true" : process.env.CI,
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.18.2
2 findingsSpreading entire process.env into an object — may capture all secrets 65 | } 66 | > 67 | const env = { 68 | ...process.env, 69 | CI: input.ci ? "true" : process.env.CI,
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.18.1
2 findingsSpreading entire process.env into an object — may capture all secrets Source: https://github.com/konamgil/mandu/blob/b68d28f731b8e5c43f0fb95d60c79344150be208/src/runner.ts#L67 65 | } 66 | > 67 | const env = { 68 | ...process.env, 69 | CI: input.ci ? "true" : process.env.CI,
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.18.0
2 findingsSpreading entire process.env into an object — may capture all secrets Source: https://github.com/konamgil/mandu/blob/ab898c3f9580fac92a0c5a84cc58623016ba1fa8/src/runner.ts#L67 65 | } 66 | > 67 | const env = { 68 | ...process.env, 69 | CI: input.ci ? "true" : process.env.CI,
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.17.3
2 findingsSpreading entire process.env into an object — may capture all secrets Source: https://github.com/konamgil/mandu/blob/59fbc4aa641cfc447eac3dc3bd28d395a74d876c/src/runner.ts#L59 57 | ]; 58 | > 59 | const env = { 60 | ...process.env, 61 | CI: input.ci ? "true" : process.env.CI,
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.17.2
2 findingsSpreading entire process.env into an object — may capture all secrets 45 | ]; 46 | > 47 | const env = { 48 | ...process.env, 49 | CI: input.ci ? "true" : process.env.CI,
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.17.0
2 findingsSpreading entire process.env into an object — may capture all secrets 45 | ]; 46 | > 47 | const env = { 48 | ...process.env, 49 | CI: input.ci ? "true" : process.env.CI,
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.