@memberjunction/ai-mcp-server
MemberJunction: Model Context Protocol (MCP) - Server Implementation
Supply chain provenance
Status for the latest visible version.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:dist/auth/ConsentPage.js | AI (source-diff): Long lines are SVG path data in an inline SVG constant, not obfuscation. Well-commented readable ESM source. | ai | |
| dependencies | unvetted-dep:@memberjunction/ai-agents | AI (dependencies): Same-org monorepo sibling pinned to matching version; expected pattern for @memberjunction releases. | ai | |
| dependencies | unvetted-dep:@memberjunction/ai-prompts | AI (dependencies): Same-org monorepo sibling pinned to matching version; expected pattern for @memberjunction releases. | ai | |
| dependencies | unvetted-dep:@memberjunction/ai-provider-bundle | AI (dependencies): Same-org monorepo sibling pinned to matching version; expected pattern for @memberjunction releases. | ai | |
| dependencies | unvetted-dep:@memberjunction/server-bootstrap-lite | AI (dependencies): Same-org monorepo sibling pinned to matching version; expected pattern for @memberjunction releases. | ai | |
| phantom-deps | phantom-dep:@memberjunction/ai | AI (phantom-deps): Same-org sibling dep; likely loaded via side-effect/re-export pattern in monorepo. | ai | |
| phantom-deps | phantom-dep:@memberjunction/encryption | AI (phantom-deps): Same-org sibling dep; likely loaded via side-effect/re-export pattern in monorepo. | ai | |
| phantom-deps | phantom-dep:@memberjunction/actions-base | AI (phantom-deps): Same-org sibling dep; likely loaded via side-effect/re-export pattern in monorepo. | ai | |
| phantom-deps | phantom-dep:@memberjunction/core-entities | AI (phantom-deps): Same-org sibling dep; likely loaded via side-effect/re-export pattern in monorepo. | ai | |
| phantom-deps | phantom-dep:@memberjunction/ai-provider-bundle | AI (phantom-deps): Same-org sibling dep; likely loaded via side-effect/re-export pattern in monorepo. | ai |
Versions (showing 51 of 56)
| Version | Deps | Published |
|---|---|---|
| 5.39.0 | 28 / 7 | |
| 5.38.0 | 28 / 7 | |
| 5.37.0 | 28 / 7 | |
| 5.36.0 | 28 / 7 | |
| 5.35.0 | 28 / 7 | |
| 5.34.1 | 28 / 7 | |
| 5.34.0 | 28 / 7 | |
| 5.33.0 | 28 / 7 | |
| 5.32.0 | 28 / 7 | |
| 5.31.0 | 28 / 7 | |
| 5.30.1 | 28 / 7 | |
| 5.30.0 | 28 / 7 | |
| 5.29.0 | 28 / 7 | |
| 5.28.0 | 28 / 7 | |
| 5.27.1 | 28 / 7 | |
| 5.27.0 | 28 / 7 | |
| 5.26.0 | 28 / 7 | |
| 5.25.0 | 28 / 7 | |
| 5.24.0 | 28 / 7 | |
| 5.23.0 | 28 / 7 | |
| 5.22.0 | 28 / 7 | |
| 5.21.0 | 28 / 7 | |
| 5.15.0 | 27 / 7 | |
| 5.10.1 | 27 / 7 | |
| 5.7.0 | 27 / 7 | |
| 4.1.0 | 27 / 5 | |
| 3.4.0 | 26 / 5 | |
| 3.3.0 | 24 / 5 | |
| 3.2.0 | 17 / 4 | |
| 3.1.1 | 17 / 4 | |
| 3.1.0 | 17 / 4 | |
| 2.133.0 | 15 / 4 | |
| 2.132.0 | 15 / 4 | |
| 2.131.0 | 15 / 4 | |
| 2.130.1 | 15 / 4 | |
| 2.130.0 | 15 / 4 | |
| 2.129.0 | 15 / 4 | |
| 2.128.0 | 14 / 4 | |
| 2.127.0 | 14 / 4 | |
| 2.126.1 | 14 / 4 | |
| 2.126.0 | 14 / 4 | |
| 2.125.0 | 14 / 4 | |
| 2.124.0 | 14 / 4 | |
| 2.123.1 | 14 / 4 | |
| 2.123.0 | 14 / 4 | |
| 2.122.2 | 14 / 4 | |
| 2.122.1 | 12 / 4 | |
| 2.122.0 | 12 / 4 | |
| 2.121.0 | 11 / 3 | |
| 2.120.0 | 11 / 3 | |
| 2.119.0 | 11 / 3 |
v5.39.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.38.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.37.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.36.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.35.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.34.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.34.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.33.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.32.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.31.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.30.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.29.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.28.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.27.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.27.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.26.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.25.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.24.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.23.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.22.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.21.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.15.0
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.10.1
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.7.0
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.1.0
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.4.0
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.3.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.2.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.1.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.1.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.133.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.132.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.131.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.130.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.130.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.129.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.128.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.127.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.126.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.126.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.125.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.124.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.123.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.123.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.122.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.122.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.122.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.121.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.120.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.119.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.