@powerlines/plugin-unimport
A Powerlines plugin to add imports to source code automatically via unimport.
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| phantom-deps | phantom-dep:@stryke/type-checks | AI (phantom-deps): Declared runtime dep used in config/plugin ecosystem context; phantom-dep false positive for this package's architecture. | ai | |
| phantom-deps | phantom-dep:defu | AI (phantom-deps): Declared runtime dep used in config/plugin ecosystem context; phantom-dep false positive for this package's architecture. | ai | |
| phantom-deps | phantom-dep:powerlines | AI (phantom-deps): Declared runtime dep used in config/plugin ecosystem context; phantom-dep false positive for this package's architecture. | ai | |
| phantom-deps | phantom-dep:@stryke/json | AI (phantom-deps): Declared runtime dep used in config/plugin ecosystem context; phantom-dep false positive for this package's architecture. | ai | |
| phantom-deps | phantom-dep:@stryke/path | AI (phantom-deps): Declared runtime dep used in config/plugin ecosystem context; phantom-dep false positive for this package's architecture. | ai | |
| phantom-deps | phantom-dep:@stryke/helpers | AI (phantom-deps): Declared runtime dep used in config/plugin ecosystem context; phantom-dep false positive for this package's architecture. | ai | |
| provenance | publisher-changed | AI (provenance): Transition from stormie-bot to GitHub Actions is a documented CI/CD migration for storm-software org; SLSA provenance attestation confirms legitimate pipeline publishing. | ai | |
| dependencies | unvetted-dep:powerlines | AI (dependencies): powerlines is the parent package in the same Storm Software monorepo ecosystem; this is an expected internal dependency for a Powerlines plugin. | ai | |
| dependencies | unvetted-dep:@stryke/json | AI (dependencies): @stryke/json is part of the Storm Software / Stryke internal ecosystem, consistent with this package's publisher and org. | ai | |
| dependencies | unvetted-dep:@stryke/path | AI (dependencies): @stryke/path is part of the Storm Software / Stryke internal ecosystem, consistent with this package's publisher and org. | ai | |
| dependencies | unvetted-dep:@stryke/helpers | AI (dependencies): @stryke/helpers is part of the Storm Software / Stryke internal ecosystem, consistent with this package's publisher and org. | ai | |
| phantom-deps | phantom-dep:magic-string | AI (phantom-deps): magic-string is a legitimate, well-known package listed as a runtime dep; phantom detection is a packaging hygiene issue, not a security risk for this package. | ai |
Versions (showing 51 of 564)
| Version | Deps | Published |
|---|---|---|
| 0.1.588 | 8 / 2 | |
| 0.1.587 | 8 / 2 | |
| 0.1.586 | 8 / 2 | |
| 0.1.585 | 8 / 2 | |
| 0.1.584 | 8 / 2 | |
| 0.1.583 | 8 / 2 | |
| 0.1.582 | 8 / 2 | |
| 0.1.581 | 8 / 2 | |
| 0.1.580 | 8 / 2 | |
| 0.1.579 | 8 / 2 | |
| 0.1.578 | 8 / 2 | |
| 0.1.577 | 8 / 2 | |
| 0.1.576 | 8 / 2 | |
| 0.1.575 | 8 / 2 | |
| 0.1.574 | 8 / 2 | |
| 0.1.573 | 8 / 2 | |
| 0.1.572 | 8 / 2 | |
| 0.1.571 | 8 / 2 | |
| 0.1.570 | 8 / 2 | |
| 0.1.569 | 8 / 2 | |
| 0.1.568 | 8 / 2 | |
| 0.1.567 | 8 / 2 | |
| 0.1.566 | 8 / 2 | |
| 0.1.565 | 8 / 2 | |
| 0.1.564 | 8 / 2 | |
| 0.1.563 | 8 / 2 | |
| 0.1.562 | 8 / 2 | |
| 0.1.561 | 8 / 2 | |
| 0.1.560 | 8 / 2 | |
| 0.1.559 | 8 / 2 | |
| 0.1.558 | 8 / 2 | |
| 0.1.557 | 8 / 2 | |
| 0.1.556 | 8 / 2 | |
| 0.1.555 | 8 / 2 | |
| 0.1.554 | 8 / 2 | |
| 0.1.553 | 8 / 2 | |
| 0.1.552 | 8 / 2 | |
| 0.1.551 | 8 / 2 | |
| 0.1.550 | 8 / 2 | |
| 0.1.549 | 8 / 2 | |
| 0.1.548 | 8 / 2 | |
| 0.1.547 | 8 / 2 | |
| 0.1.546 | 8 / 2 | |
| 0.1.545 | 8 / 2 | |
| 0.1.543 | 8 / 2 | |
| 0.1.542 | 8 / 2 | |
| 0.1.541 | 8 / 2 | |
| 0.1.540 | 8 / 2 | |
| 0.1.539 | 8 / 2 | |
| 0.1.538 | 8 / 2 | |
| 0.1.537 | 8 / 2 |
v0.1.588
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.587
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.586
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.585
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.584
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.583
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.582
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.581
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.580
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.579
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.578
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.577
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.576
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.575
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.574
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.573
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.572
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.571
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.570
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.569
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.568
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.567
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.566
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.565
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.564
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.563
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.562
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.561
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.560
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.559
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.558
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.557
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.556
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.555
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.554
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.553
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.552
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.551
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.550
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.549
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.548
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.547
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.546
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.545
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.543
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.542
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.541
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.540
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.539
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.538
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.537
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.