@quenty/soundgroup — Greenflagged

Service and utility methods to working with sound groups and sounds in Roblox

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures gitHead linked

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

quenty

Keywords

RobloxNevermoreLuasoundgroup

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
dependencies	unvetted-dep:@quenty/rx	AI (dependencies): Same @quenty org monorepo scope; consistent with all other @quenty deps in this package.	ai	2026/05/28
phantom-deps	phantom-dep:@quenty/rx	AI (phantom-deps): Roblox/Lua monorepo; static import analysis doesn't apply to Lua modules loaded at runtime.	ai	2026/05/19
phantom-deps	phantom-dep:@quenty/tie	AI (phantom-deps): Same-org Lua monorepo; phantom-dep heuristic not applicable.	ai	2026/05/19
phantom-deps	phantom-dep:@quenty/brio	AI (phantom-deps): Same-org Lua monorepo; phantom-dep heuristic not applicable.	ai	2026/05/19
phantom-deps	phantom-dep:@quenty/maid	AI (phantom-deps): Same-org Lua monorepo; phantom-dep heuristic not applicable.	ai	2026/05/19
phantom-deps	phantom-dep:@quenty/table	AI (phantom-deps): Same-org Lua monorepo; phantom-dep heuristic not applicable.	ai	2026/05/19
phantom-deps	phantom-dep:@quenty/binder	AI (phantom-deps): Same-org Lua monorepo; phantom-dep heuristic not applicable.	ai	2026/05/19
phantom-deps	phantom-dep:@quenty/loader	AI (phantom-deps): Same-org Lua monorepo; phantom-dep heuristic not applicable.	ai	2026/05/19
phantom-deps	phantom-dep:@quenty/signal	AI (phantom-deps): Same-org Lua monorepo; phantom-dep heuristic not applicable.	ai	2026/05/19
phantom-deps	phantom-dep:@quenty/counter	AI (phantom-deps): Same-org Lua monorepo; phantom-dep heuristic not applicable.	ai	2026/05/19
install-scripts	install-script:preinstall	AI (install-scripts): npx only-allow pnpm is a standard pnpm-enforcement preinstall; stable pattern across this monorepo.	ai	2026/05/19
phantom-deps	phantom-dep:@quenty/baseobject	AI (phantom-deps): Same-org Lua monorepo; phantom-dep heuristic not applicable.	ai	2026/05/19
phantom-deps	phantom-dep:@quenty/servicebag	AI (phantom-deps): Same-org Lua monorepo; phantom-dep heuristic not applicable.	ai	2026/05/19
phantom-deps	phantom-dep:@quenty/valueobject	AI (phantom-deps): Same-org Lua monorepo; phantom-dep heuristic not applicable.	ai	2026/05/19
phantom-deps	phantom-dep:@quenty/instanceutils	AI (phantom-deps): Same-org Lua monorepo; phantom-dep heuristic not applicable.	ai	2026/05/19
phantom-deps	phantom-dep:@quentystudios/jest-lua	AI (phantom-deps): Referenced in config files; Lua test framework, not a JS import.	ai	2026/05/19
phantom-deps	phantom-dep:@quenty/rogue-properties	AI (phantom-deps): Same-org Lua monorepo; phantom-dep heuristic not applicable.	ai	2026/05/19
phantom-deps	phantom-dep:@quenty/observablecollection	AI (phantom-deps): Same-org Lua monorepo; phantom-dep heuristic not applicable.	ai	2026/05/19
phantom-deps	phantom-dep:@quenty/nevermore-test-runner	AI (phantom-deps): Same-org Lua monorepo; phantom-dep heuristic not applicable.	ai	2026/05/19
phantom-deps	phantom-dep:@quenty/promise	AI (phantom-deps): Same-org Lua monorepo; phantom-dep heuristic not applicable.	ai	2026/05/19

Versions (showing 6 of 6)

Version	Deps	Published
1.38.2	18 / 0	2026-04-30
1.32.0	16 / 0	2026-01-18
1.28.0	16 / 0	2026-01-08
1.27.0	16 / 0	2026-01-06
1.26.1	16 / 0	2026-01-05
1.21.0	9 / 0	2025-05-10