@prisma-next/cli No license 16 versions

@prisma-next/cli

npm Repository Homepage

> **For the CLI command, install [`prisma-next`](https://www.npmjs.com/package/prisma-next).** > The public `prisma-next` package ships the `prisma-next` binary and nothing > else — it has no library exports. > > This package (`@prisma-next/cli`) is both

16

Versions

—

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

tylerhogarthaqrlnwmadden-prisma

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
publish-pattern	new-deps-added	AI (publish-pattern): New deps are same-org pinned sibling and well-known ci-info; consistent with monorepo release pattern.	ai	2026/05/25
dependencies	unvetted-dep:closest-match	AI (dependencies): closest-match is a small utility dep used legitimately in CLI tooling for fuzzy command matching.	ai	2026/05/17
phantom-deps	phantom-dep:@prisma-next/emitter	AI (phantom-deps): Same-org internal package; phantom-dep heuristic unreliable for monorepo siblings.	ai	2026/05/17
typosquat	typosquat.levenshtein:joi	AI (typosquat): Scoped package under @prisma-next org; Levenshtein match to 'joi' is coincidental, not a squatting attempt.	ai	2026/05/17
phantom-deps	phantom-dep:arktype	AI (phantom-deps): arktype is a declared runtime dependency used in config files; phantom-dep heuristic is a false positive here.	ai	2026/05/17

Versions (showing 16 of 16)

Version	Deps	Published
0.12.0	25 / 12	2026-06-02
0.11.0	25 / 12	2026-05-22
0.10.0	23 / 12	2026-05-20
0.9.0	23 / 12	2026-05-20
0.8.0	23 / 12	2026-05-16
0.7.0	23 / 12	2026-05-15
0.6.1	23 / 12	2026-05-14
0.5.1	23 / 12	2026-05-12
0.5.0	23 / 12	2026-05-12
0.4.4	23 / 12	2026-05-07
0.4.3	23 / 12	2026-05-06
0.4.2	22 / 12	2026-04-27
0.4.1	21 / 12	2026-04-25
0.3.0	21 / 12	2026-04-16
0.2.0	13 / 12	2026-01-02
0.0.1	12 / 11	2025-12-09

v0.12.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.9.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.7.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.6.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.5.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.5.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.4.4

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.4.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.4.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.3.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.2.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.0.1

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.