@memberjunction/core-actions
Library of generated and custom actions for the core MemberJunction framework. This library is maintained by MemberJunction and includes actions for use within the framework itself.
Supply chain provenance
Status for the latest visible version.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| dependencies | unvetted-dep:@memberjunction/react-linter | AI (dependencies): Same-org monorepo sibling released in lockstep; consistent with MemberJunction versioning pattern. | ai | |
| publish-pattern | new-deps-added | AI (publish-pattern): New deps are all same-org @memberjunction/* packages pinned to the same monorepo version; not third-party supply-chain risk. | ai | |
| phantom-deps | phantom-dep:node-sql-parser | AI (phantom-deps): node-sql-parser is explicitly declared as a runtime dep in package.json; phantom-dep heuristic false positive for this package. | ai | |
| dependencies | unvetted-dep:@memberjunction/lists | AI (dependencies): Same-org monorepo dep pinned to matching version; consistent with coordinated releases. | ai | |
| phantom-deps | phantom-dep:@memberjunction/lists-base | AI (phantom-deps): Same-org monorepo dep; phantom-dep heuristic is a stable false positive here. | ai | |
| dependencies | unvetted-dep:@memberjunction/core-entities-server | AI (dependencies): Same-org monorepo dep at matching version; coordinated release pattern. | ai | |
| dependencies | unvetted-dep:@memberjunction/generic-database-provider | AI (dependencies): Same-org monorepo dep at matching version; coordinated release pattern. | ai | |
| dependencies | unvetted-dep:@memberjunction/ai-prompts | AI (dependencies): Same-org monorepo dep at matching version; coordinated release pattern. | ai | |
| phantom-deps | phantom-dep:xml-name-validator | AI (phantom-deps): jsdom transitive dep; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:whatwg-mimetype | AI (phantom-deps): jsdom transitive dep declared for compatibility; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:http-proxy-agent | AI (phantom-deps): Proxy agent declared for config compatibility; stable false positive. | ai | |
| phantom-deps | phantom-dep:https-proxy-agent | AI (phantom-deps): Proxy agent declared for config compatibility; stable false positive. | ai | |
| phantom-deps | phantom-dep:w3c-xmlserializer | AI (phantom-deps): jsdom transitive dep; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:webidl-conversions | AI (phantom-deps): jsdom transitive dep; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@types/d3-hierarchy | AI (phantom-deps): Type package for d3-hierarchy which is a direct dep; stable false positive. | ai | |
| phantom-deps | phantom-dep:@asamuzakjp/css-color | AI (phantom-deps): CSS color utility declared as direct dep; stable false positive. | ai | |
| phantom-deps | phantom-dep:html-encoding-sniffer | AI (phantom-deps): jsdom transitive dep; stable false positive. | ai | |
| phantom-deps | phantom-dep:@memberjunction/ai-agents | AI (phantom-deps): Same-org monorepo package at matching version; stable false positive. | ai | |
| phantom-deps | phantom-dep:is-potential-custom-element-name | AI (phantom-deps): jsdom transitive dep; stable false positive. | ai | |
| phantom-deps | phantom-dep:@memberjunction/communication-types | AI (phantom-deps): Same-org monorepo package; stable false positive. | ai | |
| phantom-deps | phantom-dep:@memberjunction/content-autotagging | AI (phantom-deps): Same-org monorepo package; stable false positive. | ai | |
| phantom-deps | phantom-dep:saxes | AI (phantom-deps): Transitive dep of jsdom; stable false positive. | ai | |
| phantom-deps | phantom-dep:psl | AI (phantom-deps): Transitive dep of tough-cookie/jsdom; stable false positive. | ai | |
| phantom-deps | phantom-dep:ws | AI (phantom-deps): Transitive dep of jsdom; not directly imported, stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:data-urls | AI (phantom-deps): Listed in dependencies; stable false positive. | ai | |
| provenance | slsa-provenance | AI (provenance): Consistent CI/CD publishing with SLSA attestation across all MJ monorepo versions. | ai | |
| phantom-deps | phantom-dep:cssstyle | AI (phantom-deps): Listed in dependencies; stable false positive. | ai | |
| phantom-deps | phantom-dep:parse5 | AI (phantom-deps): Listed in dependencies; stable false positive. | ai | |
| phantom-deps | phantom-dep:nwsapi | AI (phantom-deps): Transitive dep of jsdom; stable false positive. | ai | |
| phantom-deps | phantom-dep:form-data | AI (phantom-deps): Listed in dependencies; stable false positive. | ai | |
| phantom-deps | phantom-dep:decimal.js | AI (phantom-deps): Listed in dependencies; stable false positive. | ai | |
| phantom-deps | phantom-dep:whatwg-url | AI (phantom-deps): Listed in dependencies; stable false positive. | ai | |
| phantom-deps | phantom-dep:rrweb-cssom | AI (phantom-deps): Listed in dependencies; stable false positive. | ai | |
| phantom-deps | phantom-dep:symbol-tree | AI (phantom-deps): Listed in dependencies; stable false positive. | ai | |
| phantom-deps | phantom-dep:tough-cookie | AI (phantom-deps): Listed in dependencies; stable false positive. | ai | |
| phantom-deps | phantom-dep:@types/d3-cloud | AI (phantom-deps): Type-only dep; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@types/d3-force | AI (phantom-deps): Type-only dep; stable false positive. | ai | |
| phantom-deps | phantom-dep:@types/d3-scale | AI (phantom-deps): Type-only dep; stable false positive. | ai | |
| phantom-deps | phantom-dep:@types/d3-shape | AI (phantom-deps): Type-only dep; stable false positive. | ai | |
| phantom-deps | phantom-dep:whatwg-encoding | AI (phantom-deps): Listed in dependencies; stable false positive. | ai | |
| phantom-deps | phantom-dep:marked | AI (phantom-deps): Listed in dependencies; phantom-dep heuristic mismatch, stable false positive. | ai |
Versions (showing 80 of 80)
| Version | Deps | Published |
|---|---|---|
| 5.39.0 | 93 / 4 | |
| 5.38.0 | 93 / 4 | |
| 5.37.0 | 91 / 4 | |
| 5.36.0 | 91 / 4 | |
| 5.35.0 | 89 / 4 | |
| 5.34.1 | 89 / 4 | |
| 5.34.0 | 89 / 4 | |
| 5.33.0 | 89 / 4 | |
| 5.32.0 | 88 / 4 | |
| 5.31.0 | 88 / 4 | |
| 5.30.1 | 88 / 4 | |
| 5.30.0 | 88 / 4 | |
| 5.29.0 | 88 / 4 | |
| 5.28.0 | 88 / 4 | |
| 5.27.1 | 88 / 4 | |
| 5.27.0 | 88 / 4 | |
| 5.26.0 | 88 / 4 | |
| 5.25.0 | 87 / 4 | |
| 5.24.0 | 83 / 4 | |
| 5.23.0 | 83 / 4 | |
| 5.22.0 | 83 / 4 | |
| 5.21.0 | 83 / 4 | |
| 5.20.0 | 83 / 4 | |
| 5.19.0 | 83 / 4 | |
| 5.18.0 | 83 / 4 | |
| 5.17.0 | 83 / 4 | |
| 5.16.0 | 83 / 4 | |
| 5.15.0 | 83 / 4 | |
| 5.14.0 | 84 / 4 | |
| 5.13.0 | 82 / 4 | |
| 5.12.0 | 82 / 4 | |
| 5.11.0 | 82 / 4 | |
| 5.10.1 | 82 / 4 | |
| 5.10.0 | 82 / 4 | |
| 5.9.0 | 82 / 4 | |
| 5.8.0 | 82 / 4 | |
| 5.7.0 | 82 / 4 | |
| 5.6.0 | 82 / 4 | |
| 5.5.0 | 82 / 4 | |
| 5.4.1 | 82 / 4 | |
| 5.4.0 | 82 / 4 | |
| 5.3.1 | 82 / 4 | |
| 5.3.0 | 82 / 4 | |
| 5.2.0 | 82 / 4 | |
| 5.1.0 | 82 / 4 | |
| 4.4.0 | 82 / 4 | |
| 4.3.1 | 82 / 4 | |
| 4.3.0 | 82 / 4 | |
| 4.2.0 | 82 / 4 | |
| 4.1.0 | 82 / 4 | |
| 3.4.0 | 82 / 4 | |
| 3.3.0 | 81 / 4 | |
| 3.2.0 | 81 / 4 | |
| 3.1.1 | 81 / 4 | |
| 3.1.0 | 81 / 4 | |
| 2.133.0 | 58 / 2 | |
| 2.132.0 | 57 / 2 | |
| 2.131.0 | 57 / 2 | |
| 2.130.1 | 57 / 2 | |
| 2.130.0 | 57 / 2 | |
| 2.129.0 | 57 / 2 | |
| 2.128.0 | 57 / 2 | |
| 2.127.0 | 57 / 2 | |
| 2.126.1 | 57 / 2 | |
| 2.126.0 | 57 / 2 | |
| 2.125.0 | 57 / 2 | |
| 2.124.0 | 57 / 2 | |
| 2.123.1 | 57 / 2 | |
| 2.123.0 | 57 / 2 | |
| 2.122.2 | 57 / 2 | |
| 2.122.1 | 51 / 2 | |
| 2.122.0 | 51 / 2 | |
| 2.121.0 | 51 / 2 | |
| 2.120.0 | 51 / 2 | |
| 2.119.0 | 51 / 2 | |
| 2.118.0 | 51 / 2 | |
| 2.117.0 | 51 / 2 | |
| 2.116.0 | 51 / 2 | |
| 2.115.0 | 51 / 2 | |
| 2.114.0 | 51 / 2 |
v5.39.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.38.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.37.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.36.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.35.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.34.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.34.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.33.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.32.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.31.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.30.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.30.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.29.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.28.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.27.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.27.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.26.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.25.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.24.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.23.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.22.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.21.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.20.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.19.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.18.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.17.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.16.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.15.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.14.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.13.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.12.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.11.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.10.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.10.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.9.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.8.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.7.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.6.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.5.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.4.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.4.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.3.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.3.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.2.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.1.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.4.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.3.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.3.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.2.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.1.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.4.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.3.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.2.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.1.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.1.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.133.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.132.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.131.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.130.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.130.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.129.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.128.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.127.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.126.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.126.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.125.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.124.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.123.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.123.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.122.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.122.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.122.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.121.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.120.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.119.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.118.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.117.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.116.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.115.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.114.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.