@powerlines/plugin-unbuild
A package containing a Powerlines plugin to build projects using Unbuild.
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| provenance | publisher-changed | AI (provenance): stormie-bot is the Storm Software CI bot with 2775 approved packages; transition from GitHub Actions is expected automation account usage. | ai | |
| phantom-deps | phantom-dep:@stryke/helpers | AI (phantom-deps): Sibling org package used in config files; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@powerlines/unplugin | AI (phantom-deps): Same-org dependency; phantom detection is a false positive for this build-tool wrapper pattern. | ai | |
| dependencies | unvetted-dep:@storm-software/unbuild | AI (dependencies): @storm-software/unbuild is a first-party Storm Software dependency consistent with this package's purpose as a build plugin wrapper. Stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:powerlines | AI (phantom-deps): Build plugin pattern; deps referenced in config files passed to consumers rather than directly imported. Stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@stryke/types | AI (phantom-deps): Build plugin pattern; deps referenced in config files passed to consumers rather than directly imported. Stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@stryke/type-checks | AI (phantom-deps): Build plugin pattern; deps referenced in config files passed to consumers rather than directly imported. Stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@storm-software/unbuild | AI (phantom-deps): Intra-org dependency from same Storm Software organization; referenced in config files. Stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@stryke/path | AI (phantom-deps): Build plugin pattern; deps referenced in config files passed to consumers rather than directly imported. Stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:defu | AI (phantom-deps): Build plugin pattern; deps referenced in config files passed to consumers rather than directly imported. Stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:jiti | AI (phantom-deps): Build plugin pattern; deps referenced in config files passed to consumers rather than directly imported. Stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@stryke/fs | AI (phantom-deps): Build plugin pattern; deps referenced in config files passed to consumers rather than directly imported. Stable false positive for this package. | ai | |
| dependencies | unvetted-dep:@powerlines/plugin-rollup | AI (dependencies): Sibling package within the same Storm Software/powerlines monorepo; published via the same CI/CD pipeline with SLSA provenance. Not an independent supply chain risk. | ai | |
| dependencies | unvetted-dep:@powerlines/core | AI (dependencies): Sibling package within the same Storm Software/powerlines monorepo; published via the same CI/CD pipeline with SLSA provenance. Not an independent supply chain risk. | ai | |
| phantom-deps | phantom-dep:unplugin | AI (phantom-deps): unplugin is a declared runtime dep used in the plugin architecture; phantom detection is a false positive for this package's plugin pattern. | ai |
Versions (showing 100 of 567)
| Version | Deps | Published |
|---|---|---|
| 0.5.582 | 9 / 2 | |
| 0.5.581 | 9 / 2 | |
| 0.5.580 | 9 / 2 | |
| 0.5.579 | 9 / 2 | |
| 0.5.578 | 9 / 2 | |
| 0.5.577 | 9 / 2 | |
| 0.5.576 | 9 / 2 | |
| 0.5.575 | 9 / 2 | |
| 0.5.574 | 9 / 2 | |
| 0.5.573 | 9 / 2 | |
| 0.5.572 | 9 / 2 | |
| 0.5.571 | 9 / 2 | |
| 0.5.570 | 9 / 2 | |
| 0.5.569 | 9 / 2 | |
| 0.5.568 | 9 / 2 | |
| 0.5.567 | 9 / 2 | |
| 0.5.566 | 9 / 2 | |
| 0.5.565 | 9 / 2 | |
| 0.5.564 | 9 / 2 | |
| 0.5.563 | 9 / 2 | |
| 0.5.562 | 9 / 2 | |
| 0.5.561 | 9 / 2 | |
| 0.5.560 | 9 / 2 | |
| 0.5.559 | 9 / 2 | |
| 0.5.558 | 9 / 2 | |
| 0.5.557 | 9 / 2 | |
| 0.5.556 | 9 / 2 | |
| 0.5.555 | 9 / 2 | |
| 0.5.554 | 9 / 2 | |
| 0.5.553 | 9 / 2 | |
| 0.5.552 | 9 / 2 | |
| 0.5.551 | 9 / 2 | |
| 0.5.550 | 9 / 2 | |
| 0.5.549 | 9 / 2 | |
| 0.5.548 | 9 / 2 | |
| 0.5.547 | 9 / 2 | |
| 0.5.546 | 9 / 2 | |
| 0.5.545 | 9 / 2 | |
| 0.5.544 | 9 / 2 | |
| 0.5.543 | 9 / 2 | |
| 0.5.542 | 9 / 2 | |
| 0.5.541 | 9 / 2 | |
| 0.5.540 | 9 / 2 | |
| 0.5.539 | 9 / 2 | |
| 0.5.537 | 9 / 2 | |
| 0.5.536 | 9 / 2 | |
| 0.5.535 | 9 / 2 | |
| 0.5.534 | 9 / 2 | |
| 0.5.533 | 9 / 2 | |
| 0.5.532 | 9 / 2 | |
| 0.5.531 | 9 / 2 | |
| 0.5.530 | 9 / 2 | |
| 0.5.529 | 9 / 2 | |
| 0.5.528 | 9 / 2 | |
| 0.5.527 | 9 / 2 | |
| 0.5.526 | 9 / 2 | |
| 0.5.525 | 9 / 2 | |
| 0.5.524 | 9 / 2 | |
| 0.5.523 | 9 / 2 | |
| 0.5.522 | 9 / 2 | |
| 0.5.521 | 9 / 2 | |
| 0.5.520 | 9 / 2 | |
| 0.5.519 | 9 / 2 | |
| 0.5.518 | 9 / 2 | |
| 0.5.517 | 9 / 2 | |
| 0.5.516 | 9 / 2 | |
| 0.5.515 | 9 / 2 | |
| 0.5.514 | 9 / 2 | |
| 0.5.513 | 9 / 2 | |
| 0.5.504 | 9 / 2 | |
| 0.5.503 | 9 / 2 | |
| 0.5.501 | 9 / 2 | |
| 0.5.500 | 9 / 2 | |
| 0.5.499 | 9 / 2 | |
| 0.5.498 | 9 / 2 | |
| 0.5.497 | 9 / 2 | |
| 0.5.496 | 9 / 2 | |
| 0.5.495 | 9 / 2 | |
| 0.5.494 | 9 / 2 | |
| 0.5.492 | 9 / 2 | |
| 0.5.491 | 9 / 2 | |
| 0.5.490 | 9 / 2 | |
| 0.5.489 | 9 / 2 | |
| 0.5.488 | 9 / 2 | |
| 0.5.487 | 9 / 2 | |
| 0.5.486 | 9 / 2 | |
| 0.5.485 | 9 / 2 | |
| 0.5.484 | 9 / 2 | |
| 0.5.483 | 9 / 2 | |
| 0.5.482 | 9 / 2 | |
| 0.5.481 | 9 / 2 | |
| 0.5.480 | 9 / 2 | |
| 0.5.479 | 9 / 2 | |
| 0.5.478 | 9 / 2 | |
| 0.5.477 | 9 / 2 | |
| 0.5.476 | 9 / 2 | |
| 0.5.475 | 9 / 2 | |
| 0.5.474 | 9 / 2 | |
| 0.5.473 | 9 / 2 | |
| 0.5.472 | 9 / 2 |
v0.5.582
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.581
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.580
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.579
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.578
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.577
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.576
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.575
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.574
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.573
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.572
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.571
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.570
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.569
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.568
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.567
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.566
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.565
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.564
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.563
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.562
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.561
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.560
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.559
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.558
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.557
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.556
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.555
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.554
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.553
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.552
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.551
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.550
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.549
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.548
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.547
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.546
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.545
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.544
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.543
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.542
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.541
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.540
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.539
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.537
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.536
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.535
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.534
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.533
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.532
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.531
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.530
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.529
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.528
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.527
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.526
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.525
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.524
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.523
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.522
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.521
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.520
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.519
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.518
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.517
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.516
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.515
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.514
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.513
2 findingsThis version was published by a different npm account than previous versions on 2026-05-21. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.504
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.503
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.501
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.500
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.499
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.498
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.497
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.496
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.495
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.494
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.492
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.491
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.490
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.489
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.488
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.487
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.486
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.485
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.484
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.483
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.482
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.481
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.480
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.479
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.478
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.477
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.476
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.475
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.474
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.473
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.472
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.