@paretools/git MIT 31 versions

@paretools/git

npm Repository Homepage

MCP server for Git — structured status, log, diff, and branch data for AI agents

31

Versions

MIT

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

dave212

Keywords

mcpmcp-servermodel-context-protocolstructured-outputaiai-agentclaudecursorcopilottoken-efficientdevtoolscligitgithubversion-control

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
typosquat	typosquat.levenshtein:got	AI (typosquat): @paretools/git is a scoped Git MCP server; name is semantically correct, not a squatter on 'got'.	ai	2026/05/15
typosquat	typosquat.levenshtein:vite	AI (typosquat): 2-edit distance to 'vite' is coincidental; package is clearly a Git tooling server.	ai	2026/05/15

Versions (showing 31 of 31)

Version	Deps	Published
0.19.1	3 / 4	2026-05-07
0.18.1	3 / 4	2026-04-29
0.18.0	3 / 4	2026-04-12
0.17.0	3 / 4	2026-04-08
0.16.3	3 / 4	2026-04-08
0.16.2	3 / 4	2026-04-05
0.16.1	3 / 4	2026-03-27
0.16.0	3 / 4	2026-03-26
0.15.0	3 / 4	2026-03-13
0.14.2	3 / 4	2026-03-11
0.14.1	3 / 4	2026-03-07
0.14.0	3 / 4	2026-03-07
0.13.1	3 / 4	2026-03-05
0.13.0	3 / 4	2026-02-26
0.12.0	3 / 4	2026-02-23
0.11.0	3 / 4	2026-02-22
0.10.2	3 / 4	2026-02-19
0.10.1	3 / 4	2026-02-19
0.10.0	3 / 4	2026-02-19
0.9.0	3 / 4	2026-02-17
0.8.5	3 / 4	2026-02-16
0.8.4	3 / 4	2026-02-16
0.8.3	3 / 4	2026-02-15
0.8.2	3 / 4	2026-02-14
0.8.1	3 / 4	2026-02-14
0.8.0	3 / 4	2026-02-13
0.7.0	3 / 4	2026-02-13
0.6.0	3 / 4	2026-02-12
0.5.0	3 / 4	2026-02-10
0.3.0	3 / 4	2026-02-10
0.2.0	3 / 4	2026-02-10

v0.19.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.18.1

2 findings

HIGH typosquat.levenshtein: Possible typosquat of 'got' typosquat

Package name '@paretools/git' is 1 edit(s) away from popular package 'got'.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.18.0

2 findings

HIGH typosquat.levenshtein: Possible typosquat of 'got' typosquat

Package name '@paretools/git' is 1 edit(s) away from popular package 'got'.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.17.0

2 findings

HIGH typosquat.levenshtein: Possible typosquat of 'got' typosquat

Package name '@paretools/git' is 1 edit(s) away from popular package 'got'.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.16.3

2 findings

HIGH typosquat.levenshtein: Possible typosquat of 'got' typosquat

Package name '@paretools/git' is 1 edit(s) away from popular package 'got'.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.16.2

2 findings

HIGH typosquat.levenshtein: Possible typosquat of 'got' typosquat

Package name '@paretools/git' is 1 edit(s) away from popular package 'got'.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.16.1

2 findings

HIGH typosquat.levenshtein: Possible typosquat of 'got' typosquat

Package name '@paretools/git' is 1 edit(s) away from popular package 'got'.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.16.0

2 findings

HIGH typosquat.levenshtein: Possible typosquat of 'got' typosquat

Package name '@paretools/git' is 1 edit(s) away from popular package 'got'.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.15.0

2 findings

HIGH typosquat.levenshtein: Possible typosquat of 'got' typosquat

Package name '@paretools/git' is 1 edit(s) away from popular package 'got'.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.14.2

2 findings

HIGH typosquat.levenshtein: Possible typosquat of 'got' typosquat

Package name '@paretools/git' is 1 edit(s) away from popular package 'got'.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.14.1

2 findings

HIGH typosquat.levenshtein: Possible typosquat of 'got' typosquat

Package name '@paretools/git' is 1 edit(s) away from popular package 'got'.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.14.0

2 findings

HIGH typosquat.levenshtein: Possible typosquat of 'got' typosquat

Package name '@paretools/git' is 1 edit(s) away from popular package 'got'.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.1

2 findings

HIGH typosquat.levenshtein: Possible typosquat of 'got' typosquat

Package name '@paretools/git' is 1 edit(s) away from popular package 'got'.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.0

2 findings

HIGH typosquat.levenshtein: Possible typosquat of 'got' typosquat

Package name '@paretools/git' is 1 edit(s) away from popular package 'got'.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.12.0

2 findings

HIGH typosquat.levenshtein: Possible typosquat of 'got' typosquat

Package name '@paretools/git' is 1 edit(s) away from popular package 'got'.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.0

2 findings

HIGH typosquat.levenshtein: Possible typosquat of 'got' typosquat

Package name '@paretools/git' is 1 edit(s) away from popular package 'got'.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.2

2 findings

HIGH typosquat.levenshtein: Possible typosquat of 'got' typosquat

Package name '@paretools/git' is 1 edit(s) away from popular package 'got'.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.1

2 findings

HIGH typosquat.levenshtein: Possible typosquat of 'got' typosquat

Package name '@paretools/git' is 1 edit(s) away from popular package 'got'.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.0

2 findings

HIGH typosquat.levenshtein: Possible typosquat of 'got' typosquat

Package name '@paretools/git' is 1 edit(s) away from popular package 'got'.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.9.0

2 findings

HIGH typosquat.levenshtein: Possible typosquat of 'got' typosquat

Package name '@paretools/git' is 1 edit(s) away from popular package 'got'.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.5

2 findings

HIGH typosquat.levenshtein: Possible typosquat of 'got' typosquat

Package name '@paretools/git' is 1 edit(s) away from popular package 'got'.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.4

2 findings

HIGH typosquat.levenshtein: Possible typosquat of 'got' typosquat

Package name '@paretools/git' is 1 edit(s) away from popular package 'got'.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.3

2 findings

HIGH typosquat.levenshtein: Possible typosquat of 'got' typosquat

Package name '@paretools/git' is 1 edit(s) away from popular package 'got'.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.2

2 findings

HIGH typosquat.levenshtein: Possible typosquat of 'got' typosquat

Package name '@paretools/git' is 1 edit(s) away from popular package 'got'.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.1

2 findings

HIGH typosquat.levenshtein: Possible typosquat of 'got' typosquat

Package name '@paretools/git' is 1 edit(s) away from popular package 'got'.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.0

2 findings

HIGH typosquat.levenshtein: Possible typosquat of 'got' typosquat

Package name '@paretools/git' is 1 edit(s) away from popular package 'got'.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.7.0

2 findings

HIGH typosquat.levenshtein: Possible typosquat of 'got' typosquat

Package name '@paretools/git' is 1 edit(s) away from popular package 'got'.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.6.0

2 findings

HIGH typosquat.levenshtein: Possible typosquat of 'got' typosquat

Package name '@paretools/git' is 1 edit(s) away from popular package 'got'.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.5.0

2 findings

HIGH typosquat.levenshtein: Possible typosquat of 'got' typosquat

Package name '@paretools/git' is 1 edit(s) away from popular package 'got'.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.3.0

2 findings

HIGH typosquat.levenshtein: Possible typosquat of 'got' typosquat

Package name '@paretools/git' is 1 edit(s) away from popular package 'got'.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.2.0

2 findings

HIGH typosquat.levenshtein: Possible typosquat of 'got' typosquat

Package name '@paretools/git' is 1 edit(s) away from popular package 'got'.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.