← Home

@powerlines/plugin-deepkit

npm Repository Homepage

A package containing a Powerlines plugin to assist in developing other Powerlines plugins.

100
Versions
Apache-2.0
License
No
Install Scripts
Verified
Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

stormie-botsullivanpj

Keywords

deepkitpowerlinespowerlines-plugin

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
phantom-deps phantom-dep:defu AI (phantom-deps): Config-referenced dependency; stable pattern for this plugin package. ai
phantom-deps phantom-dep:@storm-software/config-tools AI (phantom-deps): Config-referenced dependency; stable pattern for this plugin package. ai
phantom-deps phantom-dep:@stryke/type-checks AI (phantom-deps): Config-referenced dependency; stable pattern for this plugin package. ai
phantom-deps phantom-dep:@stryke/types AI (phantom-deps): Config-referenced dependency; stable pattern for this plugin package. ai
phantom-deps phantom-dep:@stryke/path AI (phantom-deps): Config-referenced dependency; stable pattern for this plugin package. ai
phantom-deps phantom-dep:@stryke/fs AI (phantom-deps): Config-referenced dependency; stable pattern for this plugin package. ai
phantom-deps phantom-dep:unplugin AI (phantom-deps): Config-referenced dependency; stable pattern for this plugin package. ai
phantom-deps phantom-dep:chalk AI (phantom-deps): Config-referenced dependency; stable pattern for this plugin package. ai
phantom-deps phantom-dep:jiti AI (phantom-deps): Config-referenced dependency; stable pattern for this plugin package. ai
source-diff obfuscated-file:dist/index.cjs AI (source-diff): Minified build output from CI/CD pipeline with SLSA provenance. Code is readable path utilities + plugin wiring, not obfuscated. Stable pattern for this package. ai
source-diff obfuscated-file:dist/index.mjs AI (source-diff): Minified build output from CI/CD pipeline with SLSA provenance. Code is readable path utilities + plugin wiring, not obfuscated. Stable pattern for this package. ai
phantom-deps phantom-dep:@powerlines/deepkit AI (phantom-deps): Same org scope sibling dependency in a monorepo plugin; referenced in config files, not a direct import risk. ai
phantom-deps phantom-dep:powerlines AI (phantom-deps): Monorepo plugin package; powerlines is a peer/config-level dependency not directly imported in plugin code. Stable pattern for this package. ai
provenance publisher-changed AI (provenance): Publisher changed from stormie-bot to GitHub Actions — a legitimate CI/CD migration. SLSA provenance attestation confirms builds are from the verified GitHub Actions environment. ai
phantom-deps phantom-dep:@powerlines/plugin-tsc AI (phantom-deps): Same org scope sibling dependency in a monorepo plugin; referenced in config files, not a direct import risk. ai
dependencies unvetted-dep:@powerlines/deepkit AI (dependencies): First-party Storm Software (@powerlines scope) sibling package; consistent with the publisher's monorepo ecosystem. ai
dependencies unvetted-dep:@stryke/json AI (dependencies): First-party Storm Software (@stryke scope) package; consistent with the publisher's ecosystem pattern. ai
phantom-deps phantom-dep:@stryke/json AI (phantom-deps): Phantom dep pattern is a packaging artifact of the Storm Software monorepo build; not a security concern. ai
dependencies unvetted-dep:powerlines AI (dependencies): First-party Storm Software monorepo package; consistent with the publisher's ecosystem pattern across all versions. ai
phantom-deps phantom-dep:typescript AI (phantom-deps): TypeScript declared as dep but used only in config files; packaging hygiene issue, not a security concern for this package. ai
dependencies unvetted-dep:@powerlines/plugin-tsc AI (dependencies): First-party Storm Software (@powerlines scope) sibling package; consistent with the publisher's monorepo ecosystem. ai
provenance slsa-provenance AI (provenance): Storm Software consistently publishes with SLSA provenance via CI/CD; this is a stable positive signal for all versions of this package. ai

Versions (showing 100 of 607)

Version Deps Published
0.11.359 5 / 2
0.11.358 5 / 2
0.11.357 5 / 2
0.11.356 5 / 2
0.11.355 5 / 2
0.11.354 5 / 2
0.11.353 5 / 2
0.11.352 5 / 2
0.11.351 5 / 2
0.11.350 5 / 2
0.11.347 5 / 2
0.11.346 5 / 2
0.11.345 5 / 2
0.11.344 5 / 2
0.11.343 5 / 2
0.11.341 5 / 2
0.11.340 5 / 2
0.11.339 5 / 2
0.11.338 5 / 2
0.11.337 5 / 2
0.11.336 5 / 2
0.11.335 5 / 2
0.11.334 5 / 2
0.11.333 5 / 2
0.11.332 5 / 2
0.11.331 5 / 2
0.11.330 5 / 2
0.11.329 5 / 2
0.11.328 5 / 2
0.11.327 5 / 2
0.11.326 5 / 2
0.11.325 5 / 2
0.11.324 5 / 2
0.11.323 5 / 2
0.11.322 5 / 2
0.11.321 5 / 2
0.11.320 5 / 2
0.11.319 5 / 2
0.11.318 5 / 2
0.11.317 5 / 2
0.11.316 5 / 2
0.11.314 5 / 2
0.11.313 5 / 2
0.11.312 5 / 2
0.11.311 5 / 2
0.11.310 5 / 2
0.11.309 5 / 2
0.11.308 5 / 2
0.11.307 5 / 2
0.11.306 5 / 2
0.11.305 5 / 2
0.11.304 5 / 2
0.11.303 5 / 2
0.11.302 5 / 2
0.11.301 5 / 2
0.11.300 5 / 2
0.11.299 5 / 2
0.11.298 5 / 2
0.11.297 5 / 2
0.11.296 5 / 2
0.11.295 5 / 2
0.11.294 5 / 2
0.11.293 5 / 2
0.11.292 5 / 2
0.11.291 5 / 2
0.11.290 5 / 2
0.11.289 5 / 2
0.11.287 5 / 2
0.11.286 5 / 2
0.11.285 5 / 2
0.11.284 5 / 2
0.11.283 5 / 2
0.11.282 5 / 2
0.11.281 5 / 2
0.11.280 5 / 2
0.11.279 5 / 2
0.11.278 5 / 2
0.11.277 5 / 2
0.11.276 5 / 2
0.11.275 5 / 2
0.11.274 5 / 2
0.11.273 5 / 2
0.11.272 5 / 2
0.11.271 5 / 2
0.11.270 5 / 2
0.11.269 5 / 2
0.11.268 5 / 2
0.11.267 5 / 2
0.11.266 5 / 2
0.11.265 5 / 2
0.11.264 5 / 2
0.11.263 5 / 2
0.11.262 5 / 2
0.11.261 5 / 2
0.11.260 5 / 2
0.11.259 5 / 2
0.11.258 5 / 2
0.11.257 5 / 2
0.11.256 5 / 2
0.11.255 5 / 2
Showing 100 of 607 Next page →

v0.11.359

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.358

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.357

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.356

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.355

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.354

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.353

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.352

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.351

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.350

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.347

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.346

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.345

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.344

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.343

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.341

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.340

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.339

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.338

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.337

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.336

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.335

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.334

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.333

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.332

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.331

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.317

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.316

3 findings
HIGH New obfuscated file: dist/index.cjs source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/index.mjs source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.314

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.313

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.312

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.311

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.310

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.309

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.308

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.307

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.306

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.305

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.304

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.303

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.302

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.257

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.256

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.255

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.