@prisma-next/sql-runtime No license 15 versions

@prisma-next/sql-runtime

npm Repository Homepage

SQL runtime implementation for Prisma Next

15

Versions

—

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

tylerhogarthaqrlnwmadden-prisma

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
source-diff	source-size-tripled	AI (source-diff): Size increase explained by bundling of new internal @prisma-next/* scoped deps; no obfuscation detected.	ai	2026/05/17
source-diff	large-new-source-files	AI (source-diff): New files are build artifacts from bundling internal monorepo packages; no injected payloads.	ai	2026/05/17
maintainer-change	maintainer-removed	AI (maintainer-change): Removal of previous maintainer consistent with org-level CI publishing transition.	ai	2026/05/17
maintainer-change	maintainer-added	AI (maintainer-change): Maintainer change accompanies CI/CD migration; same official Prisma org.	ai	2026/05/17
provenance	publisher-changed	AI (provenance): Transition to GitHub Actions CI publishing with SLSA provenance; consistent with official prisma/prisma-next repo.	ai	2026/05/17
phantom-deps	phantom-dep:@prisma-next/ids	AI (phantom-deps): Same-org monorepo dep; may be re-exported rather than directly imported in this package.	ai	2026/05/17
phantom-deps	phantom-dep:@prisma-next/operations	AI (phantom-deps): Same-org monorepo dep; may be re-exported rather than directly imported in this package.	ai	2026/05/17

Versions (showing 15 of 15)

Version	Deps	Published
0.12.0	9 / 8	2026-06-02
0.11.0	9 / 8	2026-05-22
0.10.0	9 / 8	2026-05-20
0.9.0	9 / 8	2026-05-20
0.8.0	9 / 8	2026-05-16
0.7.0	9 / 8	2026-05-15
0.6.1	9 / 8	2026-05-14
0.5.1	9 / 8	2026-05-12
0.5.0	9 / 8	2026-05-12
0.4.4	9 / 8	2026-05-07
0.4.3	9 / 8	2026-05-06
0.4.2	10 / 8	2026-04-27
0.4.1	10 / 8	2026-04-25
0.3.0	10 / 8	2026-04-16
0.0.1	5 / 8	2025-12-09

v0.12.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.11.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.9.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.0

2 findings

HIGH Publisher changed: aqrln → GitHub Actions (on 2026-05-16) provenance

This version was published by a different npm account than previous versions on 2026-05-16. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.7.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.6.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.5.1

2 findings

HIGH Publisher changed: aqrln → GitHub Actions (on 2026-05-12) provenance

This version was published by a different npm account than previous versions on 2026-05-12. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.5.0

2 findings

HIGH Publisher changed: aqrln → GitHub Actions (on 2026-05-12) provenance

This version was published by a different npm account than previous versions on 2026-05-12. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.4.4

2 findings

HIGH Publisher changed: aqrln → GitHub Actions (on 2026-05-07) provenance

This version was published by a different npm account than previous versions on 2026-05-07. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.4.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.4.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.3.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.0.1

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.