@mastra/agent-builder
This package is currently experimental and only meant to be used internally to Mastra at the moment, the APIs are subject to change in this period.
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| dependencies | unvetted-dep:@ai-sdk/xai-v5 | AI (dependencies): npm alias for @ai-sdk/[email protected] — legitimate Vercel AI SDK package, stable pattern for this package. | ai | |
| dependencies | unvetted-dep:@ai-sdk/groq-v5 | AI (dependencies): npm alias for @ai-sdk/[email protected] — legitimate Vercel AI SDK package, stable pattern for this package. | ai | |
| dependencies | unvetted-dep:@ai-sdk/google-v5 | AI (dependencies): npm alias for @ai-sdk/[email protected] — legitimate Vercel AI SDK package, stable pattern for this package. | ai | |
| dependencies | unvetted-dep:@ai-sdk/openai-v5 | AI (dependencies): npm alias for @ai-sdk/[email protected] — legitimate Vercel AI SDK package, stable pattern for this package. | ai | |
| dependencies | unvetted-dep:@ai-sdk/anthropic-v5 | AI (dependencies): npm alias for @ai-sdk/[email protected] — legitimate Vercel AI SDK package, stable pattern for this package. | ai | |
| phantom-deps | phantom-dep:@ai-sdk/google-v5 | AI (phantom-deps): npm alias for versioned AI SDK; declared for peer resolution, not directly imported. | ai | |
| phantom-deps | phantom-dep:@ai-sdk/anthropic-v5 | AI (phantom-deps): npm alias for versioned AI SDK; declared for peer resolution, not directly imported. | ai | |
| phantom-deps | phantom-dep:@ai-sdk/openai-v5 | AI (phantom-deps): npm alias for versioned AI SDK; declared for peer resolution, not directly imported. | ai | |
| phantom-deps | phantom-dep:swpm | AI (phantom-deps): Build tooling dependency; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:semver | AI (phantom-deps): Utility dep referenced in config; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@ai-sdk/xai-v5 | AI (phantom-deps): npm alias for versioned AI SDK; declared for peer resolution, not directly imported. | ai | |
| phantom-deps | phantom-dep:@ai-sdk/groq-v5 | AI (phantom-deps): npm alias for versioned AI SDK; declared for peer resolution, not directly imported. | ai |
Versions (showing 21 of 21)
| Version | Deps | Published |
|---|---|---|
| 1.0.36 | 14 / 15 | |
| 1.0.35 | 14 / 15 | |
| 1.0.32 | 15 / 15 | |
| 1.0.31 | 15 / 15 | |
| 1.0.27 | 15 / 15 | |
| 1.0.24 | 15 / 15 | |
| 1.0.21 | 15 / 15 | |
| 1.0.20 | 15 / 15 | |
| 1.0.19 | 15 / 15 | |
| 1.0.18 | 15 / 15 | |
| 1.0.16 | 15 / 15 | |
| 1.0.13 | 15 / 15 | |
| 1.0.7 | 14 / 15 | |
| 1.0.6 | 14 / 15 | |
| 1.0.5 | 14 / 15 | |
| 1.0.3 | 14 / 15 | |
| 1.0.2 | 14 / 15 | |
| 1.0.1 | 14 / 15 | |
| 1.0.0 | 14 / 15 | |
| 0.2.5 | 15 / 11 | |
| 0.2.4 | 15 / 11 |
v1.0.36
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.0.35
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.0.32
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.0.27
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.0.24
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.0.21
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.0.20
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.0.19
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.0.18
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.0.16
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.0.13
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.0.7
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.0.6
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.0.5
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.0.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.0.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.0.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.0.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.5
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.