← Home

@shell-shock/plugin-changelog

npm Repository Homepage

A package containing a Shell Shock plugin to manage upgrading the local application's version.

18
Versions
Apache-2.0
License
No
Install Scripts
Verified
Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

stormie-bot

Keywords

shell-shockshell-shock-pluginpowerlinesstorm-software

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
phantom-deps phantom-dep:defu AI (phantom-deps): Referenced in config files, not directly imported; consistent with plugin architecture pattern. ai
phantom-deps phantom-dep:@stryke/path AI (phantom-deps): Config-referenced transitive dep; stable false positive for this package. ai
phantom-deps phantom-dep:@powerlines/deepkit AI (phantom-deps): Config-referenced transitive dep; stable false positive for this package. ai
phantom-deps phantom-dep:@stryke/type-checks AI (phantom-deps): Config-referenced transitive dep; stable false positive for this package. ai
phantom-deps phantom-dep:@alloy-js/typescript AI (phantom-deps): Config-referenced transitive dep; stable false positive for this package. ai
phantom-deps phantom-dep:@shell-shock/unified AI (phantom-deps): Same-org scope dep; config-referenced pattern consistent across this package family. ai
phantom-deps phantom-dep:@powerlines/plugin-alloy AI (phantom-deps): Config-referenced transitive dep; stable false positive for this package. ai
phantom-deps phantom-dep:@powerlines/plugin-plugin AI (phantom-deps): Config-referenced transitive dep; stable false positive for this package. ai

Versions (showing 18 of 18)

Version Deps Published
0.1.18 10 / 2
0.1.17 10 / 2
0.1.16 10 / 2
0.1.15 10 / 2
0.1.14 10 / 2
0.1.13 12 / 2
0.1.11 12 / 2
0.1.10 12 / 2
0.1.9 12 / 2
0.1.8 12 / 2
0.1.7 12 / 2
0.1.6 12 / 2
0.1.5 12 / 2
0.1.4 12 / 2
0.1.3 12 / 2
0.1.2 12 / 2
0.1.1 12 / 2
0.1.0 12 / 2

v0.1.18

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.1.17

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.1.16

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.1.15

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.1.14

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.1.13

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.1.11

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.1.10

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.1.9

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.1.8

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.1.7

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.1.6

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.1.5

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.1.4

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.1.3

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.1.2

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.1.1

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.1.0

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.