@omnigraph/grpc MIT 9 versions

@omnigraph/grpc

npm Repository Homepage

9

Versions

MIT

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

dotansimhaurigoardatankamilkisielatheguild-bot

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
dependencies	unvetted-dep:@ardatan/grpc-reflection-js	AI (dependencies): First-party dep under the same author namespace (ardatan); consistent with the package's purpose.	ai	2026/05/08
npm-metadata	no-description	AI (npm-metadata): Part of graphql-mesh monorepo; missing description is a cosmetic issue, not a malice indicator.	ai	2026/05/05
phantom-deps	phantom-dep:@graphql-mesh/transport-common	AI (phantom-deps): @graphql-mesh/transport-common is listed in dependencies; phantom-dep heuristic is a false positive here.	ai	2026/05/05

Versions (showing 9 of 9)

Version	Deps	Published
0.2.23	13 / 0	2026-04-30
0.2.21	13 / 0	2026-04-14
0.2.20	13 / 0	2026-04-09
0.2.18	13 / 0	2026-03-23
0.2.14	13 / 0	2026-03-04
0.2.13	13 / 0	2026-02-10
0.2.12	13 / 0	2026-01-20
0.2.8	13 / 0	2025-12-04
0.2.7	13 / 0	2025-09-18

v0.2.23

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.2.21

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.2.20

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.2.18

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.2.14

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.2.13

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.2.12

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.2.8

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.2.7

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.