@powerlines/plugin-plugin
A package containing a Powerlines plugin to assist in developing other Powerlines plugins.
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| phantom-deps | phantom-dep:@stryke/json | AI (phantom-deps): Config-file usage pattern; stable false positive for this build-tooling package. | ai | |
| phantom-deps | phantom-dep:@alloy-js/rollup-plugin | AI (phantom-deps): Config-file usage pattern; stable false positive for this build-tooling package. | ai | |
| dependencies | unvetted-dep:esbuild-plugin-babel | AI (dependencies): esbuild-plugin-babel is a standard build tool plugin; no malicious indicators and used consistently across this publisher's packages. | ai | |
| phantom-deps | phantom-dep:unplugin | AI (phantom-deps): unplugin is a build plugin framework referenced in config files; not directly imported in source is expected for this type of package. | ai | |
| phantom-deps | phantom-dep:@stryke/fs | AI (phantom-deps): Part of the Storm Software @stryke/* ecosystem; referenced in config files rather than direct imports is normal for this package type. | ai | |
| phantom-deps | phantom-dep:@stryke/path | AI (phantom-deps): Part of the Storm Software @stryke/* ecosystem; config-file reference pattern is expected. | ai | |
| phantom-deps | phantom-dep:jiti | AI (phantom-deps): jiti is declared as a runtime dep and used in config files; phantom-dep pattern is expected for this build-tool plugin package. | ai | |
| phantom-deps | phantom-dep:esbuild-plugin-babel | AI (phantom-deps): Declared dep used in config files; expected pattern for this build-tool plugin package. | ai | |
| phantom-deps | phantom-dep:@stryke/types | AI (phantom-deps): Part of Storm Software's own ecosystem; declared dep used in config files, not a security concern. | ai | |
| phantom-deps | phantom-dep:@alloy-js/json | AI (phantom-deps): Declared dep used in config files; expected pattern for this plugin package. | ai | |
| phantom-deps | phantom-dep:@alloy-js/markdown | AI (phantom-deps): Declared dep used in config files; expected pattern for this plugin package. | ai | |
| phantom-deps | phantom-dep:@stryke/type-checks | AI (phantom-deps): Part of Storm Software's own ecosystem; declared dep used in config files, not a security concern. | ai | |
| phantom-deps | phantom-dep:@alloy-js/typescript | AI (phantom-deps): Declared dep used in config files; expected pattern for this plugin package. | ai |
Versions (showing 34 of 545)
| Version | Deps | Published |
|---|---|---|
| 0.11.22 | 16 / 9 | |
| 0.11.21 | 16 / 9 | |
| 0.11.20 | 16 / 9 | |
| 0.11.19 | 16 / 9 | |
| 0.11.18 | 16 / 9 | |
| 0.11.17 | 16 / 9 | |
| 0.11.16 | 16 / 9 | |
| 0.11.15 | 16 / 9 | |
| 0.11.14 | 16 / 9 | |
| 0.11.13 | 16 / 9 | |
| 0.11.12 | 16 / 9 | |
| 0.11.11 | 16 / 9 | |
| 0.11.10 | 16 / 9 | |
| 0.11.9 | 16 / 9 | |
| 0.11.8 | 16 / 9 | |
| 0.11.7 | 16 / 9 | |
| 0.11.6 | 16 / 9 | |
| 0.11.5 | 16 / 9 | |
| 0.11.4 | 16 / 9 | |
| 0.11.3 | 16 / 9 | |
| 0.11.2 | 16 / 9 | |
| 0.11.1 | 16 / 9 | |
| 0.11.0 | 16 / 9 | |
| 0.10.3 | 16 / 9 | |
| 0.10.2 | 16 / 9 | |
| 0.10.1 | 16 / 9 | |
| 0.10.0 | 16 / 9 | |
| 0.9.0 | 16 / 9 | |
| 0.8.1 | 16 / 9 | |
| 0.8.0 | 16 / 9 | |
| 0.7.1 | 16 / 9 | |
| 0.7.0 | 16 / 9 | |
| 0.6.1 | 16 / 9 | |
| 0.6.0 | 16 / 9 |
v0.11.22
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.21
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.20
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.19
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.18
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.17
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.16
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.15
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.14
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.13
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.12
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.11
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.10
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.9
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.8
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.7
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.6
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.5
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.8.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.8.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.