@stamhoofd/backend-backup
The backup service is a service that periodically creates a backup of the local MySQL server and stores it in encrypted form to an external object storage like S3.
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| phantom-deps | phantom-dep:mysql2 | AI (phantom-deps): Declared in dependencies; used in test/config context. | ai | |
| phantom-deps | phantom-dep:mockdate | AI (phantom-deps): Declared in dependencies; used in test/config context. | ai | |
| phantom-deps | phantom-dep:formidable | AI (phantom-deps): Declared in dependencies; used in test/config context. | ai | |
| phantom-deps | phantom-dep:@simonbackx/simple-logging | AI (phantom-deps): Declared in dependencies; used in test/config context. | ai | |
| bogus-package | bogus-package | AI (bogus-package): Internal monorepo package; sparse metadata is expected for non-public packages. | ai |
Versions (showing 51 of 83)
| Version | Deps | Published |
|---|---|---|
| 2.121.0 | 7 / 4 | |
| 2.120.6 | 7 / 4 | |
| 2.120.5 | 7 / 4 | |
| 2.120.4 | 7 / 4 | |
| 2.120.3 | 7 / 4 | |
| 2.120.2 | 7 / 4 | |
| 2.120.1 | 7 / 4 | |
| 2.120.0 | 7 / 4 | |
| 2.119.0 | 7 / 4 | |
| 2.118.1 | 7 / 4 | |
| 2.118.0 | 7 / 4 | |
| 2.117.1 | 7 / 4 | |
| 2.117.0 | 7 / 4 | |
| 2.116.0 | 7 / 4 | |
| 2.115.1 | 7 / 4 | |
| 2.115.0 | 7 / 4 | |
| 2.114.1 | 7 / 4 | |
| 2.114.0 | 7 / 4 | |
| 2.113.0 | 7 / 4 | |
| 2.112.0 | 7 / 4 | |
| 2.111.0 | 7 / 4 | |
| 2.110.0 | 7 / 4 | |
| 2.109.0 | 7 / 4 | |
| 2.108.0 | 7 / 4 | |
| 2.107.3 | 7 / 4 | |
| 2.107.2 | 7 / 4 | |
| 2.107.1 | 7 / 4 | |
| 2.107.0 | 7 / 4 | |
| 2.106.1 | 7 / 4 | |
| 2.106.0 | 7 / 4 | |
| 2.105.0 | 7 / 4 | |
| 2.104.0 | 7 / 4 | |
| 2.103.1 | 7 / 4 | |
| 2.103.0 | 7 / 4 | |
| 2.102.0 | 7 / 4 | |
| 2.101.0 | 7 / 4 | |
| 2.100.1 | 7 / 4 | |
| 2.100.0 | 7 / 4 | |
| 2.99.1 | 7 / 4 | |
| 2.99.0 | 7 / 4 | |
| 2.98.0 | 7 / 4 | |
| 2.97.3 | 7 / 4 | |
| 2.97.2 | 7 / 4 | |
| 2.97.1 | 7 / 4 | |
| 2.97.0 | 7 / 4 | |
| 2.96.3 | 7 / 4 | |
| 2.96.2 | 7 / 4 | |
| 2.96.1 | 7 / 4 | |
| 2.96.0 | 7 / 4 | |
| 2.95.3 | 7 / 4 | |
| 2.95.2 | 7 / 4 |
v2.121.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.120.6
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.120.5
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.120.4
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.120.3
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.120.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.120.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.119.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.118.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.118.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.117.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.117.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.116.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.115.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.115.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.114.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.114.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.113.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.112.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.111.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.110.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.109.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.108.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.107.3
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.107.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.107.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.107.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.106.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.106.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.105.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.104.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.103.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.103.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.102.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.101.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.100.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.100.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.99.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.99.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.98.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.97.3
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.97.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.97.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.97.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.96.3
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.96.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.96.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.96.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.95.3
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.95.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.