@sap-ux/backend-proxy-middleware

SAP backend proxy middleware

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

tqueckkranthie.sapsap_extncrepossap-ospo-admindevinea

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
provenance	publisher-changed	AI (provenance): SAP org migrated publishing to GitHub Actions CI/CD; SLSA attestation confirms legitimate pipeline origin.	ai	2026/05/27
dependencies	unvetted-dep:@sap-ux/btp-utils	AI (dependencies): SAP monorepo sibling package; co-released with this package from SAP/open-ux-tools.	ai	2026/05/02
dependencies	unvetted-dep:@sap-ux/axios-extension	AI (dependencies): SAP monorepo sibling package; co-released with this package from SAP/open-ux-tools.	ai	2026/05/02

Versions (showing 97 of 97)

Version	Deps	Published
1.0.1	11 / 12	2026-06-04
1.0.0	11 / 12	2026-05-30
0.13.3	11 / 11	2026-05-29
0.13.2	11 / 11	2026-05-27
0.13.1	11 / 11	2026-05-26
0.13.0	11 / 11	2026-05-15
0.12.9	11 / 11	2026-05-13
0.12.8	11 / 11	2026-05-06
0.12.7	11 / 11	2026-04-30
0.12.6	11 / 11	2026-04-29
0.12.5	11 / 11	2026-04-23
0.12.4	11 / 11	2026-04-15
0.12.3	11 / 11	2026-04-14
0.12.2	11 / 11	2026-04-14
0.12.1	11 / 11	2026-04-08
0.12.0	11 / 11	2026-03-30
0.11.3	11 / 11	2026-03-27
0.11.2	11 / 11	2026-03-26
0.11.1	11 / 11	2026-03-23
0.11.0	11 / 11	2026-03-20
0.10.56	11 / 11	2026-03-17
0.10.55	11 / 11	2026-03-17
0.10.54	11 / 11	2026-03-06
0.10.53	11 / 11	2026-03-05
0.10.52	11 / 11	2026-03-05
0.10.51	11 / 11	2026-03-04
0.10.50	11 / 11	2026-03-03
0.10.49	11 / 11	2026-02-27
0.10.48	11 / 11	2026-02-26
0.10.47	11 / 11	2026-02-23
0.10.46	11 / 11	2026-02-21
0.10.45	11 / 11	2026-02-20
0.10.44	11 / 11	2026-02-18
0.10.43	11 / 11	2026-02-16
0.10.41	11 / 11	2026-02-13
0.10.40	11 / 11	2026-02-11
0.10.39	11 / 11	2026-02-05
0.10.38	11 / 11	2026-02-05
0.10.37	11 / 11	2026-02-04
0.10.36	11 / 11	2026-02-03
0.10.35	11 / 11	2026-01-30
0.10.34	11 / 11	2026-01-28
0.10.33	11 / 11	2026-01-26
0.10.32	11 / 11	2026-01-24
0.10.30	11 / 11	2026-01-23
0.10.29	11 / 11	2026-01-16
0.10.28	11 / 11	2026-01-14
0.10.27	11 / 11	2026-01-09
0.10.26	11 / 11	2026-01-08
0.10.25	11 / 11	2026-01-07
0.10.24	11 / 11	2025-12-22
0.10.23	11 / 11	2025-12-19
0.10.22	11 / 11	2025-12-18
0.10.21	11 / 11	2025-12-18
0.10.20	11 / 11	2025-12-16
0.10.19	11 / 11	2025-12-15
0.10.18	11 / 11	2025-12-09
0.10.17	11 / 11	2025-12-08
0.10.16	11 / 11	2025-12-02
0.10.15	12 / 10	2025-11-28
0.10.14	12 / 10	2025-11-27
0.10.13	11 / 11	2025-11-26
0.10.12	11 / 11	2025-11-05
0.10.11	11 / 11	2025-10-31
0.10.10	11 / 11	2025-10-30
0.10.9	11 / 11	2025-10-30
0.10.8	11 / 11	2025-10-29
0.10.7	11 / 11	2025-10-29
0.10.6	11 / 11	2025-10-28
0.10.5	11 / 11	2025-10-22
0.10.4	11 / 11	2025-10-17
0.10.3	11 / 11	2025-10-14
0.10.2	11 / 11	2025-10-08
0.10.1	11 / 11	2025-10-07
0.10.0	11 / 11	2025-09-30
0.9.19	11 / 9	2025-09-23
0.9.18	11 / 9	2025-09-19
0.9.17	11 / 9	2025-09-02
0.9.16	11 / 9	2025-09-02
0.9.15	11 / 9	2025-09-01
0.9.14	11 / 9	2025-08-28
0.9.13	11 / 9	2025-08-21
0.9.12	11 / 9	2025-08-01
0.9.11	11 / 9	2025-07-28
0.9.10	11 / 9	2025-07-04
0.9.9	11 / 9	2025-06-27
0.9.8	11 / 9	2025-06-24
0.9.7	11 / 9	2025-06-23
0.9.6	11 / 9	2025-06-19
0.9.5	11 / 9	2025-06-19
0.9.4	11 / 9	2025-06-11
0.9.3	11 / 9	2025-06-10
0.9.2	11 / 9	2025-06-04
0.9.1	11 / 9	2025-05-23
0.9.0	11 / 9	2025-05-14
0.8.44	11 / 9	2025-05-13
0.8.43	11 / 9	2025-05-02

v1.0.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.0.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.13.0

2 findings

HIGH Publisher changed: devinea → GitHub Actions (on 2026-05-15) provenance

This version was published by a different npm account than previous versions on 2026-05-15. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.