← Home

@sap-ux/annotation-generator

npm Repository

Library that provides API for generation of annotations by SAP Fiori App Generator

8
Versions
Apache-2.0
License
No
Install Scripts
Verified
Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

tqueckkranthie.sapsap_extncrepossap-ospo-admindevinea

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
dependencies unvetted-dep:@sap-ux/odata-annotation-core-types AI (dependencies): Same-org @sap-ux scoped package; consistent with this package's ecosystem. ai
dependencies unvetted-dep:@sap-ux/odata-entity-model AI (dependencies): Same-org @sap-ux scoped package; consistent with this package's ecosystem. ai
dependencies unvetted-dep:@sap-ux/vocabularies-types AI (dependencies): Same-org @sap-ux scoped package; consistent with this package's ecosystem. ai
dependencies unvetted-dep:@sap-ux/annotation-converter AI (dependencies): Same-org @sap-ux scoped package; consistent with this package's ecosystem. ai
dependencies unvetted-dep:mem-fs-editor AI (dependencies): mem-fs-editor is a well-known Yeoman ecosystem package; stable dependency for this package. ai
phantom-deps phantom-dep:@sap-ux/vocabularies-types AI (phantom-deps): Same-org monorepo dep; declared as transitive type dependency, not directly imported. ai
phantom-deps phantom-dep:@sap-ux/odata-annotation-core-types AI (phantom-deps): Same-org monorepo dep; declared as transitive type dependency, not directly imported. ai
phantom-deps phantom-dep:@sap-ux/odata-entity-model AI (phantom-deps): Same-org monorepo dep; declared as transitive type dependency, not directly imported. ai

Versions (showing 8 of 8)

Version Deps Published
0.4.56 7 / 4
0.4.55 7 / 4
0.4.54 7 / 4
0.4.53 7 / 4
0.4.52 7 / 4
0.4.46 7 / 4
0.3.39 7 / 4
0.3.38 7 / 4

v0.4.56

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.4.55

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.4.54

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.4.53

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.4.46

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.3.39

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.3.38

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.