@socialgouv/kali-data-types
[![License][img-license]][link-license] [![NPM Version][img-npm]][link-npm] [![Code Coverage][img-coverage]][link-coverage]
Supply chain provenance
Status for the latest visible version.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| provenance | publisher-changed | AI (provenance): Transition to GitHub Actions CI publisher is confirmed by SLSA/Sigstore attestation; stable for this package going forward. | ai | |
| semgrep | semgrep:dynamic-require | AI (semgrep): Pattern loads local JSON data files by agreement ID; not arbitrary module loading. Stable for this package. | ai | |
| bogus-package | bogus-package | AI (bogus-package): Data-types library for French labor law data; link-heavy README and no keywords are expected for this type of package. | ai |
Versions (showing 100 of 170)
| Version | Deps | Published |
|---|---|---|
| 3.458.0 | 0 / 24 | |
| 3.457.0 | 0 / 24 | |
| 3.456.0 | 0 / 24 | |
| 3.455.0 | 0 / 24 | |
| 3.454.0 | 0 / 24 | |
| 3.453.0 | 0 / 24 | |
| 3.452.0 | 0 / 24 | |
| 3.451.0 | 0 / 24 | |
| 3.450.0 | 0 / 24 | |
| 3.449.0 | 0 / 24 | |
| 3.448.0 | 0 / 24 | |
| 3.447.0 | 0 / 24 | |
| 3.446.0 | 0 / 24 | |
| 3.445.0 | 0 / 24 | |
| 3.444.0 | 0 / 24 | |
| 3.443.0 | 0 / 24 | |
| 3.442.0 | 0 / 24 | |
| 3.441.0 | 0 / 24 | |
| 3.440.0 | 0 / 24 | |
| 3.439.0 | 0 / 24 | |
| 3.438.0 | 0 / 24 | |
| 3.437.0 | 0 / 24 | |
| 3.436.0 | 0 / 24 | |
| 3.435.0 | 0 / 24 | |
| 3.434.0 | 0 / 24 | |
| 3.433.0 | 0 / 24 | |
| 3.432.0 | 0 / 24 | |
| 3.431.0 | 0 / 24 | |
| 3.430.0 | 0 / 24 | |
| 3.429.0 | 0 / 24 | |
| 3.428.0 | 0 / 24 | |
| 3.427.0 | 0 / 24 | |
| 3.426.0 | 0 / 24 | |
| 3.425.0 | 0 / 24 | |
| 3.424.0 | 0 / 24 | |
| 3.423.0 | 0 / 24 | |
| 3.422.0 | 0 / 24 | |
| 3.421.0 | 0 / 24 | |
| 3.420.0 | 0 / 24 | |
| 3.419.0 | 0 / 24 | |
| 3.418.0 | 0 / 24 | |
| 3.417.0 | 0 / 24 | |
| 3.416.0 | 0 / 24 | |
| 3.415.0 | 0 / 24 | |
| 3.414.1 | 0 / 24 | |
| 3.414.0 | 0 / 24 | |
| 3.413.0 | 0 / 24 | |
| 3.412.0 | 0 / 24 | |
| 3.411.0 | 0 / 24 | |
| 3.410.0 | 0 / 24 | |
| 3.409.0 | 0 / 24 | |
| 3.408.0 | 0 / 24 | |
| 3.407.0 | 0 / 24 | |
| 3.406.0 | 0 / 24 | |
| 3.405.0 | 0 / 24 | |
| 3.404.0 | 0 / 24 | |
| 3.403.0 | 0 / 24 | |
| 3.402.0 | 0 / 24 | |
| 3.401.0 | 0 / 24 | |
| 3.400.0 | 0 / 24 | |
| 3.399.0 | 0 / 24 | |
| 3.398.0 | 0 / 24 | |
| 3.397.0 | 0 / 24 | |
| 3.396.0 | 0 / 24 | |
| 3.395.0 | 0 / 24 | |
| 3.394.0 | 0 / 24 | |
| 3.393.0 | 0 / 24 | |
| 3.392.8 | 0 / 24 | |
| 3.392.7 | 0 / 24 | |
| 3.392.4 | 0 / 24 | |
| 3.392.0 | 0 / 24 | |
| 3.391.0 | 0 / 24 | |
| 3.390.0 | 0 / 24 | |
| 3.389.0 | 0 / 24 | |
| 3.388.0 | 0 / 24 | |
| 3.387.0 | 0 / 24 | |
| 3.386.0 | 0 / 24 | |
| 3.385.0 | 0 / 24 | |
| 3.384.0 | 0 / 24 | |
| 3.383.0 | 0 / 24 | |
| 3.382.0 | 0 / 24 | |
| 3.381.0 | 0 / 24 | |
| 3.380.0 | 0 / 24 | |
| 3.379.0 | 0 / 24 | |
| 3.378.0 | 0 / 24 | |
| 3.377.0 | 0 / 24 | |
| 3.376.0 | 0 / 24 | |
| 3.375.0 | 0 / 24 | |
| 3.374.0 | 0 / 24 | |
| 3.373.0 | 0 / 24 | |
| 3.372.0 | 0 / 24 | |
| 3.371.0 | 0 / 24 | |
| 3.370.0 | 0 / 24 | |
| 3.369.0 | 0 / 24 | |
| 3.368.0 | 0 / 24 | |
| 3.367.0 | 0 / 24 | |
| 3.366.0 | 0 / 24 | |
| 3.365.0 | 0 / 24 | |
| 3.364.0 | 0 / 24 | |
| 3.363.0 | 0 / 24 |
v3.458.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.457.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.456.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.455.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.454.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.453.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.452.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.451.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.450.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.449.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.448.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.447.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.446.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.445.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.444.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.443.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.442.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.441.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.440.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.439.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.438.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.437.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.436.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.435.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.434.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.433.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.432.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.431.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.430.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.429.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.428.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.427.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.426.0
2 findingsThis version was published by a different npm account than previous versions on 2026-03-28. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.425.0
2 findingsThis version was published by a different npm account than previous versions on 2026-03-17. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.424.0
2 findingsThis version was published by a different npm account than previous versions on 2026-03-13. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.423.0
2 findingsThis version was published by a different npm account than previous versions on 2026-03-11. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.422.0
2 findingsThis version was published by a different npm account than previous versions on 2026-02-27. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.421.0
2 findingsThis version was published by a different npm account than previous versions on 2026-02-22. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.420.0
2 findingsThis version was published by a different npm account than previous versions on 2026-02-21. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.419.0
2 findingsThis version was published by a different npm account than previous versions on 2026-02-20. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.418.0
2 findingsThis version was published by a different npm account than previous versions on 2026-02-19. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.417.0
2 findingsThis version was published by a different npm account than previous versions on 2026-02-18. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.416.0
2 findingsThis version was published by a different npm account than previous versions on 2026-02-14. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.415.0
2 findingsThis version was published by a different npm account than previous versions on 2026-02-13. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.414.1
2 findingsThis version was published by a different npm account than previous versions on 2026-02-10. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.414.0
2 findingsThis version was published by a different npm account than previous versions on 2026-02-10. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.413.0
2 findingsThis version was published by a different npm account than previous versions on 2026-02-07. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.412.0
2 findingsThis version was published by a different npm account than previous versions on 2026-02-05. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.411.0
2 findingsThis version was published by a different npm account than previous versions on 2026-02-03. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.410.0
2 findingsThis version was published by a different npm account than previous versions on 2026-01-31. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.409.0
2 findingsThis version was published by a different npm account than previous versions on 2026-01-28. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.408.0
2 findingsThis version was published by a different npm account than previous versions on 2026-01-27. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.407.0
2 findingsThis version was published by a different npm account than previous versions on 2026-01-24. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.406.0
2 findingsThis version was published by a different npm account than previous versions on 2026-01-22. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.405.0
2 findingsThis version was published by a different npm account than previous versions on 2026-01-20. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.404.0
2 findingsThis version was published by a different npm account than previous versions on 2026-01-15. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.403.0
2 findingsThis version was published by a different npm account than previous versions on 2026-01-14. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.402.0
2 findingsThis version was published by a different npm account than previous versions on 2026-01-13. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.401.0
2 findingsThis version was published by a different npm account than previous versions on 2026-01-10. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.400.0
2 findingsThis version was published by a different npm account than previous versions on 2026-01-09. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.399.0
2 findingsThis version was published by a different npm account than previous versions on 2026-01-08. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.398.0
2 findingsThis version was published by a different npm account than previous versions on 2026-01-07. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.397.0
2 findingsThis version was published by a different npm account than previous versions on 2025-12-31. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.396.0
2 findingsThis version was published by a different npm account than previous versions on 2025-12-30. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.395.0
2 findingsThis version was published by a different npm account than previous versions on 2025-12-24. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.394.0
2 findingsThis version was published by a different npm account than previous versions on 2025-12-23. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.393.0
2 findingsThis version was published by a different npm account than previous versions on 2025-12-19. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.392.8
2 findingsThis version was published by a different npm account than previous versions on 2025-12-17. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.392.7
2 findingsThis version was published by a different npm account than previous versions on 2025-12-11. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.392.4
2 findingsThis version was published by a different npm account than previous versions on 2025-12-11. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.392.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.391.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.390.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.389.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.388.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.387.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.386.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.385.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.384.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.383.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.382.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.381.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.380.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.379.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.378.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v3.377.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v3.376.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v3.375.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v3.374.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v3.373.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.372.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.371.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.370.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.369.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.368.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.367.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.366.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.365.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.364.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.363.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.