@powerlines/plugin-webpack
A package containing a Powerlines plugin to build projects using Webpack.
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:dist/powerlines/src/lib/contexts/api-context.mjs | AI (source-diff): Rolldown minified bundle output; readable logic, no obfuscation or exfiltration. | ai | |
| source-diff | obfuscated-file:dist/powerlines/src/lib/contexts/api-context.cjs | AI (source-diff): Rolldown minified bundle output; readable logic, no obfuscation or exfiltration. | ai | |
| phantom-deps | phantom-dep:@stryke/helpers | AI (phantom-deps): Declared dep used via config/re-export pattern in this monorepo; stable false positive. | ai | |
| source-diff | obfuscated-file:dist/powerlines/src/lib/contexts/environment-context.cjs | AI (source-diff): Rolldown-bundled CJS output. Content is readable environment context implementation. SLSA provenance confirmed. | ai | |
| source-diff | obfuscated-file:dist/powerlines/schemas/fs.cjs | AI (source-diff): Rolldown-bundled CJS output implementing Cap'n Proto schema structs. Legitimate build artifact. SLSA provenance confirmed. | ai | |
| source-diff | obfuscated-file:dist/powerlines/src/internal/helpers/resolve-tsconfig.cjs | AI (source-diff): Rolldown-bundled CJS output for TypeScript config resolution. Readable, legitimate code. SLSA provenance confirmed. | ai | |
| source-diff | obfuscated-file:dist/powerlines/src/lib/fs/vfs.cjs | AI (source-diff): Rolldown-bundled CJS output implementing virtual filesystem. Readable, legitimate code. SLSA provenance confirmed. | ai | |
| source-diff | obfuscated-file:dist/powerlines/src/api.cjs | AI (source-diff): Rolldown-bundled CJS output with readable identifiers and legitimate imports. SLSA provenance confirms CI/CD build origin. Standard for this package's build pipeline. | ai | |
| source-diff | obfuscated-file:dist/powerlines/src/lib/contexts/context.cjs | AI (source-diff): Rolldown-bundled CJS output. Content is readable plugin context implementation code. SLSA provenance confirmed. | ai | |
| publish-pattern | new-deps-added | AI (publish-pattern): unplugin is a well-known plugin framework; addition is semantically consistent with the new ./helpers/unplugin export path. Not a suspicious dependency. | ai | |
| provenance | publisher-changed | AI (provenance): Storm Software migrated publishing from stormie-bot to GitHub Actions with SLSA provenance attestation — a supply chain improvement, not a compromise. Stable for this package. | ai | |
| phantom-deps | phantom-dep:@stryke/types | AI (phantom-deps): Type definitions used in plugin implementation; legitimate for TypeScript-based plugins. | ai | |
| phantom-deps | phantom-dep:webpack | AI (phantom-deps): Webpack is the core framework for this plugin; referenced in config/plugin interface rather than direct imports. | ai | |
| phantom-deps | phantom-dep:jiti | AI (phantom-deps): jiti is used for dynamic imports in webpack plugin configuration; legitimate pattern for build tools. | ai | |
| phantom-deps | phantom-dep:defu | AI (phantom-deps): defu is used for config merging in webpack plugins; referenced in config files rather than direct imports. | ai | |
| phantom-deps | phantom-dep:powerlines | AI (phantom-deps): powerlines is the plugin framework; referenced in plugin interface rather than direct imports. | ai | |
| phantom-deps | phantom-dep:@stryke/fs | AI (phantom-deps): Utility dependency for file operations; referenced in config/plugin logic rather than direct imports. | ai | |
| phantom-deps | phantom-dep:@stryke/path | AI (phantom-deps): Utility dependency for path operations; referenced in config/plugin logic rather than direct imports. | ai | |
| phantom-deps | phantom-dep:@stryke/type-checks | AI (phantom-deps): Utility dependency for type checking; referenced in plugin logic rather than direct imports. | ai | |
| dependencies | unvetted-dep:@powerlines/core | AI (dependencies): @powerlines/core is a first-party dependency from the same Storm Software organization as this package; unvetted status reflects pipeline ordering, not a third-party risk. | ai | |
| dependencies | unvetted-dep:@stryke/path | AI (dependencies): @stryke/path is another Storm Software namespace package; consistent with same-publisher ecosystem dependency, not an external unknown. | ai |
Versions (showing 100 of 363)
| Version | Deps | Published |
|---|---|---|
| 0.5.578 | 7 / 2 | |
| 0.5.577 | 7 / 2 | |
| 0.5.576 | 7 / 2 | |
| 0.5.575 | 7 / 2 | |
| 0.5.574 | 7 / 2 | |
| 0.5.573 | 7 / 2 | |
| 0.5.572 | 7 / 2 | |
| 0.5.571 | 7 / 2 | |
| 0.5.570 | 7 / 2 | |
| 0.5.569 | 7 / 2 | |
| 0.5.568 | 7 / 2 | |
| 0.5.567 | 7 / 2 | |
| 0.5.566 | 7 / 2 | |
| 0.5.565 | 7 / 2 | |
| 0.5.564 | 7 / 2 | |
| 0.5.563 | 7 / 2 | |
| 0.5.562 | 7 / 2 | |
| 0.5.561 | 7 / 2 | |
| 0.5.560 | 7 / 2 | |
| 0.5.559 | 7 / 2 | |
| 0.5.558 | 7 / 2 | |
| 0.5.557 | 7 / 2 | |
| 0.5.556 | 7 / 2 | |
| 0.5.555 | 7 / 2 | |
| 0.5.554 | 7 / 2 | |
| 0.5.553 | 7 / 2 | |
| 0.5.552 | 7 / 2 | |
| 0.5.551 | 7 / 2 | |
| 0.5.550 | 7 / 2 | |
| 0.5.549 | 7 / 2 | |
| 0.5.548 | 7 / 2 | |
| 0.5.547 | 7 / 2 | |
| 0.5.546 | 7 / 2 | |
| 0.5.545 | 7 / 2 | |
| 0.5.544 | 7 / 2 | |
| 0.5.543 | 7 / 2 | |
| 0.5.542 | 7 / 2 | |
| 0.5.541 | 7 / 2 | |
| 0.5.540 | 7 / 2 | |
| 0.5.539 | 7 / 2 | |
| 0.5.538 | 7 / 2 | |
| 0.5.537 | 7 / 2 | |
| 0.5.536 | 7 / 2 | |
| 0.5.535 | 7 / 2 | |
| 0.5.533 | 7 / 2 | |
| 0.5.532 | 7 / 2 | |
| 0.5.531 | 7 / 2 | |
| 0.5.530 | 7 / 2 | |
| 0.5.529 | 7 / 2 | |
| 0.5.528 | 7 / 2 | |
| 0.5.527 | 7 / 2 | |
| 0.5.526 | 7 / 2 | |
| 0.5.525 | 7 / 2 | |
| 0.5.524 | 7 / 2 | |
| 0.5.523 | 7 / 2 | |
| 0.5.522 | 7 / 2 | |
| 0.5.521 | 7 / 2 | |
| 0.5.520 | 7 / 2 | |
| 0.5.519 | 7 / 2 | |
| 0.5.518 | 7 / 2 | |
| 0.5.517 | 7 / 2 | |
| 0.5.516 | 7 / 2 | |
| 0.5.515 | 7 / 2 | |
| 0.5.514 | 7 / 2 | |
| 0.5.513 | 7 / 2 | |
| 0.5.512 | 7 / 2 | |
| 0.5.511 | 7 / 2 | |
| 0.5.510 | 7 / 2 | |
| 0.5.509 | 7 / 2 | |
| 0.5.500 | 7 / 2 | |
| 0.5.499 | 7 / 2 | |
| 0.5.497 | 7 / 2 | |
| 0.5.496 | 7 / 2 | |
| 0.5.495 | 7 / 2 | |
| 0.5.494 | 7 / 2 | |
| 0.5.493 | 7 / 2 | |
| 0.5.492 | 6 / 2 | |
| 0.5.491 | 6 / 2 | |
| 0.5.490 | 6 / 2 | |
| 0.5.488 | 6 / 2 | |
| 0.5.487 | 6 / 2 | |
| 0.5.486 | 6 / 2 | |
| 0.5.485 | 6 / 2 | |
| 0.5.484 | 6 / 2 | |
| 0.5.483 | 6 / 2 | |
| 0.5.482 | 6 / 2 | |
| 0.5.481 | 6 / 2 | |
| 0.5.480 | 6 / 2 | |
| 0.5.479 | 6 / 2 | |
| 0.5.478 | 6 / 2 | |
| 0.5.477 | 6 / 2 | |
| 0.5.476 | 6 / 2 | |
| 0.5.475 | 6 / 2 | |
| 0.5.474 | 6 / 2 | |
| 0.5.473 | 6 / 2 | |
| 0.5.472 | 6 / 2 | |
| 0.5.471 | 6 / 2 | |
| 0.5.470 | 6 / 2 | |
| 0.5.469 | 6 / 2 | |
| 0.5.468 | 6 / 2 |
v0.5.578
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.577
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.576
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.575
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.574
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.573
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.572
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.571
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.570
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.569
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.568
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.567
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.566
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.565
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.564
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.563
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.562
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.561
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.560
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.559
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.558
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.557
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.556
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.555
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.554
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.553
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.552
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.551
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.550
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.549
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.548
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.547
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.546
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.545
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.544
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.543
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.542
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.541
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.540
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.539
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.538
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.537
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.536
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.535
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.533
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.532
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.531
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.530
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.529
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.528
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.527
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.526
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.525
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.524
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.523
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.522
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.521
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.520
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.519
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.518
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.517
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.516
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.515
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.514
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.513
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.512
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.511
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.510
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.509
2 findingsPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
[Accepted risk] This version was published by a different npm account than previous versions on 2026-05-21. This could indicate a legitimate maintainer transition or an account compromise.
v0.5.500
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.499
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.497
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.496
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.495
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.494
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.493
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.492
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.491
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.490
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.488
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.487
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.486
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.485
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.484
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.483
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.482
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.481
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.480
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.479
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.478
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.477
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.476
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.475
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.474
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.473
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.472
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.471
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.470
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.469
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.468
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.