@serenity-js/core Apache-2.0 27 versions

@serenity-js/core

npm Repository Homepage

The core Serenity/JS framework, providing the Screenplay Pattern interfaces, as well as the test reporting and integration infrastructure

27

Versions

Apache-2.0

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

jan-molak

Keywords

automationintegrationserenityserenity-jsscreenplayscreenplay-patternbddtddtesttesting

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
semgrep	semgrep:dynamic-require	AI (semgrep): ModuleLoader is a documented plugin/module loading mechanism; dynamic require is intentional and stable across versions.	ai	2026/05/31
dependencies	unvetted-dep:tiny-types	AI (dependencies): tiny-types is a companion library in the serenity-js ecosystem, pinned to exact version.	ai	2026/05/14
typosquat	typosquat.levenshtein:cors	AI (typosquat): @serenity-js/core is a long-established scoped package; Levenshtein match to 'cors' is a false positive.	ai	2026/04/29
semgrep	semgrep:base64-decode	AI (semgrep): Base64 decode is used for JSON artifact deserialization (JSONData model), not obfuscation.	ai	2026/04/29
semgrep	semgrep:api-obfuscation-reflect	AI (semgrep): Reflect.get is used in a Proxy handler for Screenplay Pattern question chaining — legitimate pattern.	ai	2026/04/29

Versions (showing 27 of 27)

Version	Deps	Published
3.43.3	11 / 12	2026-06-06
3.43.2	11 / 12	2026-05-13
3.43.1	11 / 12	2026-05-11
3.43.0	11 / 12	2026-05-11
3.42.2	11 / 12	2026-04-26
3.42.1	11 / 12	2026-04-08
3.39.0	11 / 12	2026-01-30
3.38.0	11 / 12	2026-01-29
3.37.2	11 / 12	2026-01-23
3.37.0	11 / 12	2025-12-02
3.35.2	11 / 12	2025-10-06
3.35.1	11 / 12	2025-09-28
3.35.0	11 / 12	2025-09-07
3.34.2	11 / 13	2025-09-07
3.34.1	11 / 13	2025-08-20
3.34.0	11 / 13	2025-08-01
3.33.1	11 / 13	2025-07-28
3.32.5	11 / 13	2025-07-28
3.32.4	11 / 13	2025-07-13
3.32.3	11 / 13	2025-07-07
3.32.2	11 / 13	2025-06-21
3.32.1	11 / 13	2025-06-20
3.32.0	11 / 13	2025-06-20
3.31.17	11 / 13	2025-06-16
3.31.16	11 / 13	2025-06-05
3.31.15	11 / 13	2025-05-06
3.31.14	11 / 13	2025-04-28

v3.43.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.43.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.43.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.43.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.42.2

2 findings

HIGH typosquat.levenshtein: Possible typosquat of 'cors' typosquat

Package name '@serenity-js/core' is 1 edit(s) away from popular package 'cors'.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.39.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.38.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.37.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.37.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.35.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.35.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.35.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.34.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.34.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.34.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.33.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.32.5

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.32.4

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.32.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.32.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.32.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.32.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.31.17

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.31.16

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.31.15

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.31.14

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.