@mysten/sui No license 37 versions

@mysten/sui

npm Repository Homepage

37

Versions

—

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

ebmifahayespaul-mystenrushrs

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
typosquat	typosquat.levenshtein:uuid	AI (typosquat): @mysten/sui is the official Sui blockchain TypeScript SDK by Mysten Labs, not a typosquat of uuid. Scoped package name is intentional and well-established.	ai	2026/04/26
typosquat	typosquat.levenshtein:joi	AI (typosquat): @mysten/sui is the official Sui blockchain TypeScript SDK by Mysten Labs, not a typosquat of joi. Scoped package name is intentional and well-established.	ai	2026/04/26
typosquat	typosquat.levenshtein:yup	AI (typosquat): @mysten/sui is the official Sui blockchain TypeScript SDK by Mysten Labs, not a typosquat of yup. Scoped package name is intentional and well-established.	ai	2026/04/26
semgrep	semgrep:api-obfuscation-reflect	AI (semgrep): Reflect.get() is used in a standard Proxy trap pattern for SDK client API interception — legitimate and expected in a blockchain SDK client implementation.	ai	2026/04/26
semgrep	semgrep:shady-links-raw-ip	AI (semgrep): 127.0.0.1:9123 is the localnet faucet endpoint for local Sui node development — expected and benign for a blockchain SDK supporting local testing.	ai	2026/04/26
dependencies	unvetted-dep:gql.tada	AI (dependencies): gql.tada is a legitimate, well-known GraphQL TypeScript library. Its use is appropriate for a blockchain SDK with a GraphQL API layer.	ai	2026/04/26

Versions (showing 37 of 37)

Version	Deps	Published
2.17.0	15 / 22	2026-05-18
2.16.3	15 / 22	2026-05-15
2.16.2	15 / 22	2026-05-08
2.16.1	15 / 22	2026-05-08
2.16.0	15 / 23	2026-04-17
2.15.0	15 / 23	2026-04-07
2.14.1	15 / 21	2026-04-02
2.14.0	15 / 21	2026-04-02
2.13.4	15 / 21	2026-04-01
2.13.3	15 / 21	2026-04-01
2.13.2	15 / 21	2026-03-30
2.13.1	15 / 21	2026-03-30
2.13.0	15 / 21	2026-03-28
2.12.1	15 / 21	2026-03-27
2.12.0	15 / 21	2026-03-26
2.11.0	15 / 21	2026-03-24
2.10.0	15 / 23	2026-03-24
2.9.1	15 / 23	2026-03-18
2.9.0	15 / 23	2026-03-17
2.8.0	15 / 23	2026-03-13
2.7.0	15 / 23	2026-03-12
2.6.0	15 / 23	2026-03-04
2.5.1	15 / 23	2026-03-03
2.5.0	15 / 23	2026-02-23
2.4.0	15 / 23	2026-02-12
2.3.2	15 / 23	2026-02-10
2.3.1	15 / 23	2026-02-06
2.3.0	15 / 23	2026-02-05
2.2.0	15 / 23	2026-02-03
2.1.0	15 / 23	2026-01-30
2.0.1	15 / 23	2026-01-30
2.0.0	15 / 23	2026-01-29
1.45.2	15 / 24	2025-12-02
1.45.1	15 / 24	2025-12-01
1.45.0	15 / 24	2025-11-13
1.44.0	15 / 24	2025-10-31
1.43.2	15 / 24	2025-10-28

v2.17.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.16.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.16.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.16.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.16.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.15.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.14.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.14.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.13.4

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.13.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.13.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.13.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.13.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.12.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.12.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.