@memberjunction/server
MemberJunction: This project provides API access via GraphQL to the common data store.
Supply chain provenance
Status for the latest visible version.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| dependencies | unvetted-dep:@memberjunction/integration-progress-artifacts | AI (dependencies): Same-org package pinned to matching monorepo version; consistent with normal MemberJunction release cadence. | ai | |
| dependencies | unvetted-dep:@memberjunction/lists | AI (dependencies): Same-org monorepo package pinned to matching version; consistent with all other @memberjunction/* deps in this package. | ai | |
| dependencies | unvetted-dep:type-graphql | AI (dependencies): type-graphql 2.0.0-beta.3 is a legitimate GraphQL framework beta; stable dependency for this package across many versions. | ai | |
| publish-pattern | new-deps-added | AI (publish-pattern): New deps are same-org @memberjunction/* packages at matching version, consistent with monorepo release pattern. | ai | |
| phantom-deps | phantom-dep:@memberjunction/data-context-server | AI (phantom-deps): Same-org plugin loaded by convention; stable pattern for this package. | ai | |
| phantom-deps | phantom-dep:@memberjunction/scheduling-base-types | AI (phantom-deps): Same-org plugin loaded by convention; stable pattern for this package. | ai | |
| phantom-deps | phantom-dep:@memberjunction/actions-bizapps-social | AI (phantom-deps): Same-org plugin loaded by convention; stable pattern for this package. | ai | |
| phantom-deps | phantom-dep:@memberjunction/communication-ms-graph | AI (phantom-deps): Same-org plugin loaded by convention; stable pattern for this package. | ai | |
| phantom-deps | phantom-dep:@memberjunction/tag-engine-base | AI (phantom-deps): Same-org plugin loaded by convention; consistent with this package's established pattern of convention-loaded MJ deps. | ai | |
| phantom-deps | phantom-dep:@memberjunction/scheduling-engine-base | AI (phantom-deps): Same-org plugin loaded by convention; stable pattern for this package. | ai | |
| phantom-deps | phantom-dep:@memberjunction/ai-agent-manager-actions | AI (phantom-deps): Same-org plugin loaded by convention; stable pattern for this package. | ai | |
| phantom-deps | phantom-dep:@memberjunction/actions-bizapps-accounting | AI (phantom-deps): Same-org plugin loaded by convention; stable pattern for this package. | ai | |
| phantom-deps | phantom-dep:@memberjunction/actions-bizapps-formbuilders | AI (phantom-deps): Same-org plugin loaded by convention; stable pattern for this package. | ai | |
| phantom-deps | phantom-dep:@memberjunction/communication-sendgrid | AI (phantom-deps): Same-org plugin loaded by convention; stable pattern for this package. | ai | |
| phantom-deps | phantom-dep:@memberjunction/computer-use-engine | AI (phantom-deps): Same-org plugin loaded by convention; stable pattern for this package. | ai | |
| phantom-deps | phantom-dep:@memberjunction/ai-agent-manager | AI (phantom-deps): Same-org monorepo package loaded by convention. | ai | |
| phantom-deps | phantom-dep:@memberjunction/ai-provider-bundle | AI (phantom-deps): Same-org monorepo package loaded by convention. | ai | |
| phantom-deps | phantom-dep:@memberjunction/actions-bizapps-crm | AI (phantom-deps): Same-org monorepo package loaded by convention. | ai | |
| phantom-deps | phantom-dep:@memberjunction/actions-bizapps-lms | AI (phantom-deps): Same-org monorepo package loaded by convention. | ai | |
| phantom-deps | phantom-dep:@memberjunction/ai-vectors-pinecone | AI (phantom-deps): Same-org monorepo package loaded by convention. | ai | |
| phantom-deps | phantom-dep:@memberjunction/scheduling-actions | AI (phantom-deps): Same-org monorepo package loaded by convention. | ai | |
| phantom-deps | phantom-dep:typedi | AI (phantom-deps): Same-ecosystem plugin loaded by convention in this monorepo server package. | ai | |
| phantom-deps | phantom-dep:jwks-rsa | AI (phantom-deps): Auth library loaded by convention; stable false positive for this server package. | ai | |
| phantom-deps | phantom-dep:@types/pg | AI (phantom-deps): Framework-scoped @types package; stable false positive. | ai | |
| phantom-deps | phantom-dep:@types/ws | AI (phantom-deps): Framework-scoped @types package; stable false positive. | ai | |
| phantom-deps | phantom-dep:@types/cors | AI (phantom-deps): Framework-scoped @types package; stable false positive. | ai | |
| phantom-deps | phantom-dep:@types/node | AI (phantom-deps): Framework-scoped @types package; stable false positive. | ai | |
| phantom-deps | phantom-dep:graphql-scalars | AI (phantom-deps): Config-convention loaded plugin in this monorepo server package. | ai | |
| phantom-deps | phantom-dep:@types/compression | AI (phantom-deps): Framework-scoped @types package; stable false positive. | ai | |
| phantom-deps | phantom-dep:@types/jsonwebtoken | AI (phantom-deps): Framework-scoped @types package; stable false positive. | ai | |
| phantom-deps | phantom-dep:@memberjunction/queue | AI (phantom-deps): Same-org monorepo package loaded by convention. | ai | |
| phantom-deps | phantom-dep:@memberjunction/doc-utils | AI (phantom-deps): Same-org monorepo package loaded by convention. | ai | |
| phantom-deps | phantom-dep:@memberjunction/sql-dialect | AI (phantom-deps): Same-org monorepo package loaded by convention. | ai | |
| phantom-deps | phantom-dep:@memberjunction/core-actions | AI (phantom-deps): Same-org monorepo package loaded by convention. | ai | |
| phantom-deps | phantom-dep:@memberjunction/actions-apollo | AI (phantom-deps): Same-org monorepo package loaded by convention. | ai | |
| typosquat | typosquat.levenshtein:semver | AI (typosquat): Scoped @memberjunction/server is a legitimate monorepo server package, not a typosquat of semver. | ai |
Versions (showing 21 of 21)
| Version | Deps | Published |
|---|---|---|
| 5.39.0 | 109 / 3 | |
| 5.38.0 | 108 / 3 | |
| 5.36.0 | 108 / 3 | |
| 5.35.0 | 106 / 3 | |
| 5.34.1 | 106 / 3 | |
| 5.34.0 | 106 / 3 | |
| 5.33.0 | 106 / 3 | |
| 5.32.0 | 106 / 3 | |
| 5.31.0 | 106 / 3 | |
| 5.30.1 | 104 / 3 | |
| 5.30.0 | 104 / 3 | |
| 5.29.0 | 104 / 3 | |
| 5.28.0 | 102 / 3 | |
| 5.27.1 | 102 / 3 | |
| 5.27.0 | 102 / 3 | |
| 5.26.0 | 102 / 3 | |
| 5.25.0 | 99 / 3 | |
| 5.24.0 | 99 / 3 | |
| 5.23.0 | 99 / 3 | |
| 5.22.0 | 99 / 3 | |
| 5.21.0 | 98 / 3 |
v5.39.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.38.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.36.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.35.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.34.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.34.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.33.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.32.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.31.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.30.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.29.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.28.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.27.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.27.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.26.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.25.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.24.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.23.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.22.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.21.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.