@quenty/hide — Greenflagged

Utility system that leverages the binder system to hide authored objects. Centralized here for cross-system communication.

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures gitHead linked

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

quenty

Keywords

RobloxNevermoreLuaAuthoringHide

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
publish-pattern	new-deps-added	AI (publish-pattern): All added deps are same-org @quenty/* packages from the NevermoreEngine monorepo; not a third-party injection risk.	ai	2026/05/28
dependencies	unvetted-dep:@quenty/rx	AI (dependencies): Same-org @quenty/* monorepo dep; consistent with all other deps in this package.	ai	2026/05/28
phantom-deps	phantom-dep:@quenty/rx	AI (phantom-deps): Monorepo workspace package; same-org deps resolved at workspace level, not direct imports.	ai	2026/05/19
phantom-deps	phantom-dep:@quenty/brio	AI (phantom-deps): Monorepo workspace package; same-org deps resolved at workspace level.	ai	2026/05/19
phantom-deps	phantom-dep:@quenty/binder	AI (phantom-deps): Monorepo workspace package; same-org deps resolved at workspace level.	ai	2026/05/19
phantom-deps	phantom-dep:@quenty/loader	AI (phantom-deps): Monorepo workspace package; same-org deps resolved at workspace level.	ai	2026/05/19
install-scripts	install-script:preinstall	AI (install-scripts): npx only-allow pnpm is a standard monorepo package-manager enforcement pattern, not malicious.	ai	2026/05/19
phantom-deps	phantom-dep:@quenty/servicebag	AI (phantom-deps): Monorepo workspace package; same-org deps resolved at workspace level.	ai	2026/05/19
phantom-deps	phantom-dep:@quenty/instanceutils	AI (phantom-deps): Monorepo workspace package; same-org deps resolved at workspace level.	ai	2026/05/19
phantom-deps	phantom-dep:@quenty/transparencyservice	AI (phantom-deps): Monorepo workspace package; same-org deps resolved at workspace level.	ai	2026/05/19
phantom-deps	phantom-dep:@quenty/baseobject	AI (phantom-deps): Monorepo workspace package; same-org deps resolved at workspace level.	ai	2026/05/19
typosquat	typosquat.levenshtein:vite	AI (typosquat): Scoped @quenty/hide is a Roblox utility package with no relation to vite; Levenshtein match is coincidental.	ai	2026/05/19

Versions (showing 27 of 27)

Version	Deps	Published
11.36.2	8 / 0	2026-04-30
11.36.1	8 / 0	2026-04-29
11.36.0	8 / 0	2026-04-23
11.35.0	8 / 0	2026-04-14
11.34.0	8 / 0	2026-02-20
11.32.0	8 / 0	2026-02-17
11.31.1	8 / 0	2026-01-18
11.31.0	7 / 0	2026-01-18
11.30.0	3 / 0	2026-01-13
11.29.2	3 / 0	2026-01-12
11.29.0	3 / 0	2026-01-08
11.28.1	3 / 0	2026-01-05
11.28.0	3 / 0	2026-01-04
11.27.7	3 / 0	2026-01-03
11.27.6	3 / 0	2025-12-31
11.27.5	3 / 0	2025-12-29
11.27.4	3 / 0	2025-12-29
11.27.3	3 / 0	2025-12-28
11.27.2	3 / 0	2025-11-22
11.27.1	3 / 0	2025-11-12
11.27.0	3 / 0	2025-10-08
11.26.0	3 / 0	2025-10-01
11.25.0	3 / 0	2025-09-26
11.24.0	3 / 0	2025-08-29
11.23.1	3 / 0	2025-08-12
11.23.0	3 / 0	2025-05-12
11.22.0	3 / 0	2025-05-10