@powerlines/plugin-hey-api
A Powerlines plugin to generate project code using Hey API.
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| provenance | publisher-changed | AI (provenance): Publisher changed from stormie-bot to GitHub Actions as part of a CI/CD migration; SLSA provenance attestation confirms legitimate automated publishing from the storm-software org. | ai | |
| phantom-deps | phantom-dep:defu | AI (phantom-deps): defu is a declared runtime dependency; phantom detection is a false positive likely due to indirect usage or bundling. | ai | |
| phantom-deps | phantom-dep:powerlines | AI (phantom-deps): powerlines is a declared runtime dependency from the same org; phantom detection is a false positive. | ai | |
| phantom-deps | phantom-dep:@stryke/path | AI (phantom-deps): @stryke/path is a declared runtime dependency; phantom detection is a false positive. | ai | |
| phantom-deps | phantom-dep:@stryke/type-checks | AI (phantom-deps): @stryke/type-checks is a declared runtime dependency; phantom detection is a false positive. | ai | |
| phantom-deps | phantom-dep:@stryke/string-format | AI (phantom-deps): @stryke/string-format is a declared runtime dependency; phantom detection is a false positive. | ai | |
| phantom-deps | phantom-dep:jiti | AI (phantom-deps): jiti is commonly referenced in config files for TypeScript config loading in build tooling; not a security concern. | ai | |
| dependencies | unvetted-dep:@stryke/path | AI (dependencies): @stryke/* packages are part of the Storm Software ecosystem; unvetted status is expected for this monorepo family. | ai | |
| phantom-deps | phantom-dep:@stryke/types | AI (phantom-deps): Type-only package referenced in config files; phantom dep finding is a false positive for type-only usage patterns. | ai | |
| dependencies | unvetted-dep:powerlines | AI (dependencies): powerlines is the parent framework package from the same Storm Software monorepo; unvetted status is expected for this ecosystem. | ai | |
| dependencies | unvetted-dep:@stryke/types | AI (dependencies): @stryke/* packages are part of the Storm Software ecosystem; unvetted status is expected for this monorepo family. | ai | |
| dependencies | unvetted-dep:@hey-api/openapi-ts | AI (dependencies): @hey-api/openapi-ts is a well-known OpenAPI code generation tool; legitimate dependency for this plugin's purpose. | ai | |
| dependencies | unvetted-dep:@stryke/type-checks | AI (dependencies): @stryke/* packages are part of the Storm Software ecosystem; unvetted status is expected for this monorepo family. | ai | |
| dependencies | unvetted-dep:@stryke/string-format | AI (dependencies): @stryke/* packages are part of the Storm Software ecosystem; unvetted status is expected for this monorepo family. | ai |
Versions (showing 51 of 509)
| Version | Deps | Published |
|---|---|---|
| 0.1.541 | 8 / 2 | |
| 0.1.540 | 8 / 2 | |
| 0.1.539 | 8 / 2 | |
| 0.1.538 | 8 / 2 | |
| 0.1.537 | 8 / 2 | |
| 0.1.536 | 8 / 2 | |
| 0.1.535 | 8 / 2 | |
| 0.1.534 | 8 / 2 | |
| 0.1.533 | 8 / 2 | |
| 0.1.532 | 8 / 2 | |
| 0.1.531 | 8 / 2 | |
| 0.1.530 | 8 / 2 | |
| 0.1.529 | 8 / 2 | |
| 0.1.528 | 8 / 2 | |
| 0.1.527 | 8 / 2 | |
| 0.1.526 | 8 / 2 | |
| 0.1.525 | 8 / 2 | |
| 0.1.524 | 8 / 2 | |
| 0.1.523 | 8 / 2 | |
| 0.1.522 | 8 / 2 | |
| 0.1.521 | 8 / 2 | |
| 0.1.520 | 8 / 2 | |
| 0.1.519 | 8 / 2 | |
| 0.1.518 | 8 / 2 | |
| 0.1.517 | 8 / 2 | |
| 0.1.515 | 8 / 2 | |
| 0.1.503 | 8 / 2 | |
| 0.1.502 | 8 / 2 | |
| 0.1.501 | 8 / 2 | |
| 0.1.500 | 8 / 2 | |
| 0.1.499 | 8 / 2 | |
| 0.1.498 | 8 / 2 | |
| 0.1.496 | 8 / 2 | |
| 0.1.495 | 8 / 2 | |
| 0.1.494 | 8 / 2 | |
| 0.1.493 | 8 / 2 | |
| 0.1.492 | 8 / 2 | |
| 0.1.491 | 8 / 2 | |
| 0.1.490 | 8 / 2 | |
| 0.1.489 | 8 / 2 | |
| 0.1.488 | 8 / 2 | |
| 0.1.487 | 8 / 2 | |
| 0.1.486 | 8 / 2 | |
| 0.1.485 | 8 / 2 | |
| 0.1.484 | 8 / 2 | |
| 0.1.483 | 8 / 2 | |
| 0.1.482 | 8 / 2 | |
| 0.1.481 | 8 / 2 | |
| 0.1.480 | 8 / 2 | |
| 0.1.479 | 8 / 2 | |
| 0.1.478 | 8 / 2 |
v0.1.541
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.540
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.539
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.538
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.537
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.536
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.535
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.534
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.533
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.532
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.531
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.530
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.529
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.528
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.527
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.526
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.525
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.524
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.523
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.522
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.521
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.520
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.519
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.518
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.517
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.515
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.503
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.502
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.501
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.500
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.499
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.498
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.496
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.495
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.494
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.493
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.492
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.491
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.490
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.489
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.488
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.487
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.486
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.485
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.484
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.483
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.482
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.481
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.480
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.479
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.478
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.