← Home

@powerlines/plugin-esbuild

npm Repository Homepage

A package containing a Powerlines plugin to build projects using esbuild.

51
Versions
Apache-2.0
License
No
Install Scripts
Verified
Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

stormie-botsullivanpj

Keywords

esbuildpowerlinesstorm-softwarepowerlines-plugin

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
source-diff obfuscated-file:dist/powerlines/src/lib/contexts/api-context.mjs AI (source-diff): Rolldown-bundled output; minified but readable, no obfuscation or exfiltration patterns. ai
source-diff obfuscated-file:dist/powerlines/src/lib/contexts/api-context.cjs AI (source-diff): Rolldown-bundled output; minified but readable, no obfuscation or exfiltration patterns. ai
source-diff obfuscated-file:dist/unplugin-BPYypLp5.mjs AI (source-diff): Standard bundler-generated minified ESM chunk; content shows normal imports, no malicious patterns. ai
source-diff obfuscated-file:dist/unplugin-B6foST-E.cjs AI (source-diff): Standard bundler-generated minified chunk; content shows normal imports, no malicious patterns. ai
dependencies unvetted-dep:@powerlines/unplugin AI (dependencies): First-party @powerlines org dep from same Storm Software monorepo; consistent naming and publisher. ai
provenance publisher-changed AI (provenance): Transition from stormie-bot to GitHub Actions is a legitimate CI/CD migration, corroborated by SLSA provenance attestation on this and subsequent versions. ai
source-diff obfuscated-file:dist/powerlines/src/lib/contexts/context.cjs AI (source-diff): Bundler output; code is readable plugin/context lifecycle logic using known packages. No malicious indicators. ai
source-diff obfuscated-file:dist/powerlines/src/api.cjs AI (source-diff): Bundler (rolldown) output — long lines are minified CJS modules with readable require() calls and no malicious patterns. Consistent with Storm Software's build toolchain. ai
source-diff obfuscated-file:dist/powerlines/src/lib/contexts/environment-context.cjs AI (source-diff): Bundler output; implements plugin environment context with standard patterns. No malicious indicators. ai
source-diff obfuscated-file:dist/powerlines/schemas/fs.cjs AI (source-diff): Bundler output; implements Cap'n Proto schema structs using @stryke/capnp. No malicious indicators. ai
source-diff obfuscated-file:dist/powerlines/src/internal/helpers/resolve-tsconfig.cjs AI (source-diff): Bundler output; implements TypeScript config resolution logic. No malicious indicators. ai
source-diff obfuscated-file:dist/powerlines/src/lib/fs/vfs.cjs AI (source-diff): Bundler output; implements virtual filesystem abstraction. No malicious indicators. ai
phantom-deps phantom-dep:@stryke/path AI (phantom-deps): @stryke/path is a utility dependency used transitively; phantom-dep pattern acceptable for utility libraries. ai
phantom-deps phantom-dep:@stryke/type-checks AI (phantom-deps): @stryke/type-checks is a utility dependency used transitively; phantom-dep pattern acceptable for utility libraries. ai
phantom-deps phantom-dep:powerlines AI (phantom-deps): powerlines is the core framework this plugin extends; phantom-dep pattern expected for plugin architecture. ai
phantom-deps phantom-dep:defu AI (phantom-deps): defu is a legitimate dependency used in config merging; phantom-dep pattern is expected for plugin/config tools. ai
phantom-deps phantom-dep:jiti AI (phantom-deps): jiti is declared as a runtime dependency and used in config files; phantom-dep flag is a false positive for this package's usage pattern. ai
phantom-deps phantom-dep:@stryke/fs AI (phantom-deps): @stryke/fs is a sibling Storm Software package declared as a dependency; phantom-dep flag reflects indirect/config usage, not a security concern. ai
provenance slsa-provenance AI (provenance): Package consistently published via CI/CD with Sigstore SLSA provenance attestation — strong supply chain integrity signal for this package. ai

Versions (showing 51 of 431)

View all versions
Version Deps Published
0.13.582 11 / 2
0.13.581 11 / 2
0.13.580 11 / 2
0.13.579 11 / 2
0.13.578 11 / 2
0.13.577 11 / 2
0.13.576 11 / 2
0.13.575 11 / 2
0.13.574 11 / 2
0.13.573 11 / 2
0.13.572 11 / 2
0.13.571 11 / 2
0.13.570 11 / 2
0.13.569 11 / 2
0.13.568 11 / 2
0.13.567 11 / 2
0.13.566 11 / 2
0.13.565 11 / 2
0.13.564 11 / 2
0.13.563 11 / 2
0.13.562 11 / 2
0.13.561 11 / 2
0.13.560 11 / 2
0.13.559 11 / 2
0.13.558 11 / 2
0.13.557 11 / 2
0.13.556 11 / 2
0.13.555 11 / 2
0.13.554 11 / 2
0.13.553 11 / 2
0.13.552 11 / 2
0.13.551 11 / 2
0.13.550 11 / 2
0.13.549 11 / 2
0.13.548 11 / 2
0.13.547 11 / 2
0.13.546 11 / 2
0.13.545 11 / 2
0.13.544 11 / 2
0.13.543 11 / 2
0.13.542 11 / 2
0.13.541 11 / 2
0.13.540 11 / 2
0.13.539 11 / 2
0.13.538 11 / 2
0.13.536 11 / 2
0.13.535 11 / 2
0.13.534 11 / 2
0.13.533 11 / 2
0.13.532 11 / 2
0.13.531 11 / 2

v0.13.582

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.581

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.580

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.579

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.578

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.577

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.576

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.575

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.574

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.573

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.572

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.571

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.570

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.569

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.568

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.567

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.566

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.565

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.564

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.563

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.562

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.561

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.560

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.559

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.558

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.557

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.556

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.555

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.554

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.553

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.552

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.551

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.550

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.549

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.548

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.547

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.546

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.545

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.544

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.543

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.542

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.541

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.540

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.539

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.538

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.536

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.535

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.534

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.533

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.532

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.531

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.