@maxim_mazurok/gapi.client.advisorynotifications-v1 MIT 12 versions

@maxim_mazurok/gapi.client.advisorynotifications-v1

npm Repository Homepage

TypeScript typings for Advisory Notifications API v1

12

Versions

MIT

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

maxim_mazurok

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
dependencies	unvetted-dep:@types/gapi.client.discovery-v1	AI (dependencies): Pure @types dependency for a TypeScript typings package; no runtime risk, stable pattern across all versions.	ai	2026/05/01
phantom-deps	phantom-dep:@types/gapi.client	AI (phantom-deps): @types packages are loaded by TypeScript convention, not direct import; stable false positive for this typings package.	ai	2026/04/29
phantom-deps	phantom-dep:@types/gapi.client.discovery-v1	AI (phantom-deps): @types packages are loaded by TypeScript convention, not direct import; stable false positive for this typings package.	ai	2026/04/29

Versions (showing 12 of 12)

Version	Deps	Published
0.3.20260531	2 / 0	2026-06-01
0.3.20260524	2 / 0	2026-05-25
0.3.20260517	2 / 0	2026-05-18
0.3.20260510	2 / 0	2026-05-11
0.3.20260503	2 / 0	2026-05-04
0.3.20260426	2 / 0	2026-04-27
0.3.20260419	2 / 0	2026-04-20
0.2.20260405	2 / 0	2026-04-06
0.2.20260329	2 / 0	2026-03-30
0.1.20251102	2 / 0	2025-11-03
0.0.20250504	2 / 0	2025-05-05
0.0.20250427	2 / 0	2025-04-28

v0.3.20260531

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.3.20260524

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.3.20260517

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.3.20260510

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.3.20260503

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.3.20260419

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.2.20260405

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.2.20260329

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.1.20251102

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.0.20250504

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.0.20250427

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.