← Home

@spinajs/http-lazy-file-uploader

npm Repository Homepage

Incoming file uploader using queue

51
Versions
MIT
License
No
Install Scripts
Missing
Provenance

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures gitHead linked

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

gben-spina

Keywords

spinajshttp

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
phantom-deps phantom-dep:uuid AI (phantom-deps): Declared and used via @spinajs framework convention; stable pattern. ai
phantom-deps phantom-dep:luxon AI (phantom-deps): Declared and used via @spinajs framework convention; stable pattern. ai
phantom-deps phantom-dep:lodash AI (phantom-deps): Declared and used via @spinajs framework convention; stable pattern. ai
phantom-deps phantom-dep:formidable AI (phantom-deps): Declared and used via @spinajs framework convention; stable pattern. ai
phantom-deps phantom-dep:@spinajs/di AI (phantom-deps): Org-scoped framework dependency; used via DI container convention. ai
phantom-deps phantom-dep:@spinajs/fs AI (phantom-deps): Org-scoped framework dependency; used via DI container convention. ai
phantom-deps phantom-dep:@spinajs/util AI (phantom-deps): Org-scoped framework dependency; used via DI container convention. ai
phantom-deps phantom-dep:@spinajs/queue AI (phantom-deps): Org-scoped framework dependency; used via DI container convention. ai
phantom-deps phantom-dep:@types/express AI (phantom-deps): Framework-scoped type definitions; loaded by convention. ai
phantom-deps phantom-dep:@spinajs/exceptions AI (phantom-deps): Org-scoped framework dependency; used via DI container convention. ai
phantom-deps phantom-dep:@spinajs/log-common AI (phantom-deps): Org-scoped framework dependency; used via DI container convention. ai
phantom-deps phantom-dep:@spinajs/reflection AI (phantom-deps): Org-scoped framework dependency; used via DI container convention. ai
phantom-deps phantom-dep:@spinajs/configuration AI (phantom-deps): Org-scoped framework dependency; used via DI container convention. ai

Versions (showing 51 of 105)

View all versions
Version Deps Published
2.0.474 13 / 4
2.0.473 13 / 4
2.0.472 13 / 4
2.0.471 13 / 4
2.0.470 13 / 4
2.0.469 13 / 4
2.0.468 13 / 4
2.0.467 13 / 4
2.0.466 13 / 4
2.0.465 13 / 4
2.0.464 13 / 4
2.0.463 13 / 4
2.0.462 13 / 4
2.0.461 13 / 4
2.0.460 13 / 4
2.0.458 13 / 4
2.0.457 13 / 4
2.0.456 13 / 4
2.0.455 13 / 4
2.0.454 13 / 4
2.0.453 13 / 4
2.0.452 13 / 4
2.0.451 13 / 4
2.0.450 13 / 4
2.0.449 13 / 4
2.0.448 13 / 4
2.0.447 13 / 4
2.0.446 13 / 4
2.0.445 13 / 4
2.0.444 13 / 4
2.0.443 13 / 4
2.0.442 13 / 4
2.0.441 13 / 4
2.0.439 13 / 4
2.0.438 13 / 4
2.0.436 13 / 4
2.0.435 13 / 4
2.0.434 13 / 4
2.0.433 13 / 4
2.0.432 13 / 4
2.0.431 13 / 4
2.0.430 13 / 4
2.0.429 13 / 4
2.0.428 13 / 4
2.0.427 13 / 4
2.0.426 13 / 4
2.0.425 13 / 4
2.0.424 13 / 4
2.0.423 13 / 4
2.0.422 13 / 4
2.0.421 13 / 4

v2.0.474

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.473

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.472

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.471

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.470

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.469

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.468

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.467

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.466

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.465

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.464

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.462

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.0.461

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.0.460

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.0.458

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.0.457

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.0.456

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.0.455

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.0.454

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.0.453

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.0.452

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.0.451

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.0.450

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.0.449

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.0.448

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.0.447

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.446

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.445

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.444

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.442

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.441

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.439

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.438

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.436

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.435

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.434

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.433

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.432

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.431

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.430

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.429

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.428

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.427

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.426

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.425

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.424

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.423

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.422

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.421

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.