@solana/codecs-strings No license 18 versions

@solana/codecs-strings

npm Repository Homepage

18

Versions

—

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

solana-devs

Keywords

blockchainsolanaweb3

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
semgrep	semgrep:base64-decode	AI (semgrep): Package is a string codec library; base64 encode/decode is core functionality. The flagged code is standard Buffer.from(value, 'base64') usage with no obfuscation or payload hiding.	ai	2026/04/25
dependencies	unvetted-dep:@solana/errors	AI (dependencies): First-party sibling dependency from the same anza-xyz/kit monorepo at matching version. Expected and legitimate.	ai	2026/04/25
dependencies	unvetted-dep:@solana/codecs-core	AI (dependencies): First-party sibling dependency from the same anza-xyz/kit monorepo at matching version. Expected and legitimate.	ai	2026/04/25
dependencies	unvetted-dep:@solana/codecs-numbers	AI (dependencies): First-party sibling dependency from the same anza-xyz/kit monorepo at matching version. Expected and legitimate.	ai	2026/04/25
phantom-deps	phantom-dep:@solana/codecs-numbers	AI (phantom-deps): Same-org sibling package declared as a dependency; phantom-dep finding is a packaging nuance, not a security concern.	ai	2026/04/25

Versions (showing 18 of 18)

Version	Deps	Published
6.9.0	3 / 0	2026-05-06
6.8.0	3 / 0	2026-04-10
6.7.0	3 / 0	2026-04-02
6.6.0	3 / 0	2026-04-01
6.5.0	3 / 0	2026-03-19
6.4.0	3 / 0	2026-03-18
6.3.1	3 / 0	2026-03-12
6.3.0	3 / 0	2026-03-11
6.2.0	3 / 0	2026-03-09
6.1.0	3 / 0	2026-02-16
6.0.1	3 / 0	2026-02-05
6.0.0	3 / 0	2026-02-04
5.5.1	3 / 0	2026-01-28
5.5.0	3 / 0	2026-01-27
5.4.0	3 / 0	2026-01-13
5.3.0	3 / 0	2026-01-07
5.2.0	3 / 0	2026-01-07
5.1.0	3 / 0	2025-12-12

v6.9.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.8.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.7.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.6.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.5.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.4.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.3.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.3.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.2.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.1.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.0.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.0.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v5.5.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v5.5.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v5.4.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v5.3.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v5.2.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v5.1.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.