@powerlines/plugin-unbuild
A package containing a Powerlines plugin to build projects using Unbuild.
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| provenance | publisher-changed | AI (provenance): stormie-bot is the Storm Software CI bot with 2775 approved packages; transition from GitHub Actions is expected automation account usage. | ai | |
| phantom-deps | phantom-dep:@stryke/helpers | AI (phantom-deps): Sibling org package used in config files; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@powerlines/unplugin | AI (phantom-deps): Same-org dependency; phantom detection is a false positive for this build-tool wrapper pattern. | ai | |
| dependencies | unvetted-dep:@storm-software/unbuild | AI (dependencies): @storm-software/unbuild is a first-party Storm Software dependency consistent with this package's purpose as a build plugin wrapper. Stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:powerlines | AI (phantom-deps): Build plugin pattern; deps referenced in config files passed to consumers rather than directly imported. Stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@stryke/types | AI (phantom-deps): Build plugin pattern; deps referenced in config files passed to consumers rather than directly imported. Stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@stryke/type-checks | AI (phantom-deps): Build plugin pattern; deps referenced in config files passed to consumers rather than directly imported. Stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@storm-software/unbuild | AI (phantom-deps): Intra-org dependency from same Storm Software organization; referenced in config files. Stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@stryke/path | AI (phantom-deps): Build plugin pattern; deps referenced in config files passed to consumers rather than directly imported. Stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:defu | AI (phantom-deps): Build plugin pattern; deps referenced in config files passed to consumers rather than directly imported. Stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:jiti | AI (phantom-deps): Build plugin pattern; deps referenced in config files passed to consumers rather than directly imported. Stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@stryke/fs | AI (phantom-deps): Build plugin pattern; deps referenced in config files passed to consumers rather than directly imported. Stable false positive for this package. | ai | |
| dependencies | unvetted-dep:@powerlines/plugin-rollup | AI (dependencies): Sibling package within the same Storm Software/powerlines monorepo; published via the same CI/CD pipeline with SLSA provenance. Not an independent supply chain risk. | ai | |
| dependencies | unvetted-dep:@powerlines/core | AI (dependencies): Sibling package within the same Storm Software/powerlines monorepo; published via the same CI/CD pipeline with SLSA provenance. Not an independent supply chain risk. | ai | |
| phantom-deps | phantom-dep:unplugin | AI (phantom-deps): unplugin is a declared runtime dep used in the plugin architecture; phantom detection is a false positive for this package's plugin pattern. | ai |
Versions (showing 100 of 579)
| Version | Deps | Published |
|---|---|---|
| 0.5.161 | 2 / 2 | |
| 0.5.160 | 2 / 2 | |
| 0.5.159 | 2 / 2 | |
| 0.5.158 | 2 / 2 | |
| 0.5.157 | 2 / 2 | |
| 0.5.156 | 2 / 2 | |
| 0.5.155 | 2 / 2 | |
| 0.5.154 | 2 / 2 | |
| 0.5.153 | 2 / 2 | |
| 0.5.152 | 2 / 2 | |
| 0.5.151 | 2 / 2 | |
| 0.5.150 | 2 / 2 | |
| 0.5.149 | 2 / 2 | |
| 0.5.148 | 2 / 2 | |
| 0.5.147 | 2 / 2 | |
| 0.5.146 | 2 / 2 | |
| 0.5.145 | 2 / 2 | |
| 0.5.144 | 2 / 2 | |
| 0.5.143 | 2 / 2 | |
| 0.5.142 | 2 / 2 | |
| 0.5.141 | 2 / 2 | |
| 0.5.140 | 2 / 2 | |
| 0.5.139 | 2 / 2 | |
| 0.5.138 | 9 / 3 | |
| 0.5.137 | 9 / 3 | |
| 0.5.136 | 9 / 3 | |
| 0.5.135 | 9 / 3 | |
| 0.5.134 | 9 / 3 | |
| 0.5.133 | 9 / 3 | |
| 0.5.132 | 9 / 3 | |
| 0.5.131 | 9 / 3 | |
| 0.5.130 | 9 / 3 | |
| 0.5.129 | 9 / 3 | |
| 0.5.128 | 9 / 3 | |
| 0.5.127 | 9 / 3 | |
| 0.5.126 | 9 / 3 | |
| 0.5.125 | 9 / 3 | |
| 0.5.124 | 9 / 3 | |
| 0.5.123 | 9 / 3 | |
| 0.5.122 | 9 / 3 | |
| 0.5.121 | 9 / 3 | |
| 0.5.120 | 9 / 3 | |
| 0.5.119 | 9 / 3 | |
| 0.5.118 | 9 / 3 | |
| 0.5.117 | 9 / 3 | |
| 0.5.116 | 9 / 3 | |
| 0.5.115 | 9 / 3 | |
| 0.5.114 | 9 / 3 | |
| 0.5.113 | 9 / 3 | |
| 0.5.112 | 9 / 3 | |
| 0.5.111 | 9 / 3 | |
| 0.5.110 | 9 / 3 | |
| 0.5.109 | 9 / 3 | |
| 0.5.108 | 9 / 3 | |
| 0.5.107 | 9 / 3 | |
| 0.5.106 | 9 / 3 | |
| 0.5.105 | 9 / 3 | |
| 0.5.104 | 9 / 3 | |
| 0.5.103 | 9 / 3 | |
| 0.5.102 | 9 / 3 | |
| 0.5.101 | 9 / 3 | |
| 0.5.100 | 9 / 3 | |
| 0.5.99 | 9 / 3 | |
| 0.5.98 | 9 / 3 | |
| 0.5.97 | 9 / 3 | |
| 0.5.96 | 9 / 3 | |
| 0.5.95 | 9 / 3 | |
| 0.5.94 | 9 / 3 | |
| 0.5.93 | 9 / 3 | |
| 0.5.92 | 9 / 3 | |
| 0.5.91 | 9 / 3 | |
| 0.5.90 | 9 / 3 | |
| 0.5.89 | 9 / 3 | |
| 0.5.88 | 9 / 3 | |
| 0.5.87 | 9 / 3 | |
| 0.5.86 | 9 / 3 | |
| 0.5.85 | 9 / 3 | |
| 0.5.84 | 9 / 3 | |
| 0.5.83 | 9 / 3 | |
| 0.5.82 | 9 / 3 | |
| 0.5.81 | 9 / 3 | |
| 0.5.80 | 9 / 3 | |
| 0.5.79 | 9 / 3 | |
| 0.5.78 | 9 / 3 | |
| 0.5.77 | 9 / 3 | |
| 0.5.76 | 9 / 3 | |
| 0.5.75 | 9 / 3 | |
| 0.5.74 | 9 / 3 | |
| 0.5.73 | 9 / 3 | |
| 0.5.72 | 9 / 3 | |
| 0.5.71 | 9 / 3 | |
| 0.5.70 | 9 / 3 | |
| 0.5.69 | 9 / 3 | |
| 0.5.68 | 9 / 3 | |
| 0.5.67 | 9 / 3 | |
| 0.5.66 | 9 / 3 | |
| 0.5.65 | 9 / 3 | |
| 0.5.64 | 9 / 3 | |
| 0.5.63 | 9 / 3 | |
| 0.5.62 | 9 / 3 |
v0.5.161
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.160
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.159
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.158
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.157
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.155
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.154
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.153
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.152
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.151
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.149
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.148
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.147
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.146
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.145
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.144
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.143
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.142
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.141
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.140
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.138
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.137
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.135
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.134
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.133
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.132
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.131
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.130
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.129
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.128
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.127
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.126
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.125
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.124
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.123
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.122
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.121
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.119
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.118
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.117
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.116
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.115
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.114
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.113
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.112
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.110
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.109
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.108
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.107
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.106
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.105
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.104
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.103
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.102
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.101
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.100
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.99
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.98
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.97
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.96
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.95
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.94
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.93
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.92
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.91
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.90
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.89
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.88
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.87
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.86
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.85
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.84
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.83
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.82
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.81
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.80
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.79
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.78
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.77
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.76
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.75
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.74
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.73
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.72
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.71
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.70
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.69
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.67
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.66
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.65
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.64
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.63
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.62
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.