← Home

@meego-harness/gateway

npm

Gateway server and dashboard for meego-harness

12
Versions
MIT
License
No
Install Scripts
Missing
Provenance

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures No source commit

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

boenfumeego-horse

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
phantom-deps phantom-dep:clsx AI (phantom-deps): Used via Tailwind/component config; stable pattern for this package. ai
phantom-deps phantom-dep:react AI (phantom-deps): Re-exported by Radix UI and lucide-react; stable for this package. ai
phantom-deps phantom-dep:react-dom AI (phantom-deps): Re-exported by Radix UI components; stable for this package. ai
phantom-deps phantom-dep:@radix-ui/react-slot AI (phantom-deps): Used via Radix UI component config; stable for this package. ai
phantom-deps phantom-dep:@radix-ui/react-tabs AI (phantom-deps): Used via Radix UI component config; stable for this package. ai
phantom-deps phantom-dep:@radix-ui/react-dialog AI (phantom-deps): Used via Radix UI component config; stable for this package. ai
phantom-deps phantom-dep:@radix-ui/react-select AI (phantom-deps): Used via Radix UI component config; stable for this package. ai
phantom-deps phantom-dep:@radix-ui/react-separator AI (phantom-deps): Used via Radix UI component config; stable for this package. ai
phantom-deps phantom-dep:@radix-ui/react-radio-group AI (phantom-deps): Used via Radix UI component config; stable for this package. ai
phantom-deps phantom-dep:@radix-ui/react-scroll-area AI (phantom-deps): Used via Radix UI component config; stable for this package. ai
phantom-deps phantom-dep:lucide-react AI (phantom-deps): Used via component config; stable for this package. ai
phantom-deps phantom-dep:tailwind-merge AI (phantom-deps): Used via Tailwind config; stable for this package. ai
phantom-deps phantom-dep:tw-animate-css AI (phantom-deps): Used via Tailwind config; stable for this package. ai
phantom-deps phantom-dep:class-variance-authority AI (phantom-deps): Used via component config; stable for this package. ai
phantom-deps phantom-dep:@hono/node-server AI (phantom-deps): Re-exported by hono; stable for this package. ai
phantom-deps phantom-dep:@ngrok/ngrok AI (phantom-deps): Declared and used; stable for this package. ai
phantom-deps phantom-dep:@meego-harness/hitl-mcp AI (phantom-deps): Same-org dependency; stable for this package. ai
phantom-deps phantom-dep:@meego-harness/manager-contract AI (phantom-deps): Same-org dependency; stable for this package. ai

Versions (showing 12 of 12)

Version Deps Published
0.9.0 29 / 11
0.8.0 29 / 11
0.7.0 27 / 11
0.6.1 27 / 11
0.6.0 27 / 11
0.5.0 27 / 11
0.4.0 27 / 11
0.3.5 13 / 7
0.1.0 8 / 6
0.0.3 6 / 5
0.0.2 6 / 5
0.0.1 6 / 5

v0.9.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.8.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.7.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.6.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.6.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.5.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.4.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.3.5

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.3

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.2

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.0.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.