@storm-software/config — Greenflagged

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

stormie-botsullivanpj

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
provenance	publisher-changed	AI (provenance): Publisher changed from stormie-bot to GitHub Actions as part of a legitimate CI/CD migration; SLSA provenance attestation confirms builds are tied to the official GitHub Actions pipeline.	ai	2026/04/27
bogus-package	bogus-package	AI (bogus-package): Minor cosmetic signals (off-topic README, no keywords) in an 810-day-old established package with 620 versions; not indicative of spam or malicious intent.	ai	2026/04/27

Versions (showing 100 of 386)

Version	Deps	Published
1.135.16	1 / 1	2026-03-06
1.135.15	1 / 1	2026-03-06
1.135.14	1 / 1	2026-03-04
1.135.13	1 / 1	2026-03-04
1.135.12	1 / 1	2026-03-02
1.135.11	1 / 1	2026-02-28
1.135.10	1 / 1	2026-02-24
1.135.9	1 / 1	2026-02-23
1.135.8	1 / 1	2026-02-21
1.135.7	1 / 1	2026-02-20
1.135.6	1 / 1	2026-02-19
1.135.5	1 / 1	2026-02-19
1.135.4	1 / 1	2026-02-19
1.135.3	1 / 1	2026-02-18
1.135.2	1 / 1	2026-02-18
1.135.1	1 / 1	2026-01-22
1.135.0	1 / 1	2026-01-14
1.134.75	1 / 1	2025-12-30
1.134.74	1 / 1	2025-12-23
1.134.73	1 / 1	2025-12-19
1.134.72	1 / 1	2025-12-18
1.134.71	1 / 1	2025-12-18
1.134.70	1 / 1	2025-12-17
1.134.69	1 / 1	2025-12-17
1.134.68	1 / 1	2025-12-16
1.134.67	1 / 1	2025-12-15
1.134.66	1 / 1	2025-12-15
1.134.65	1 / 1	2025-12-08
1.134.64	1 / 1	2025-12-08
1.134.63	1 / 1	2025-12-08
1.134.62	1 / 1	2025-12-08
1.134.61	1 / 1	2025-12-08
1.134.60	1 / 1	2025-12-08
1.134.59	1 / 1	2025-12-06
1.134.58	1 / 1	2025-12-06
1.134.57	1 / 1	2025-12-06
1.134.56	1 / 1	2025-12-05
1.134.55	1 / 1	2025-12-05
1.134.54	1 / 1	2025-12-05
1.134.53	1 / 1	2025-12-05
1.134.52	1 / 1	2025-12-05
1.134.51	1 / 1	2025-12-05
1.134.50	1 / 1	2025-11-27
1.134.49	1 / 1	2025-11-25
1.134.48	1 / 1	2025-11-21
1.134.47	1 / 1	2025-11-20
1.134.46	1 / 1	2025-11-20
1.134.45	1 / 1	2025-11-20
1.134.44	1 / 1	2025-11-20
1.134.43	1 / 1	2025-11-19
1.134.42	1 / 1	2025-11-19
1.134.41	1 / 1	2025-11-19
1.134.40	1 / 1	2025-11-16
1.134.39	1 / 1	2025-11-16
1.134.38	1 / 1	2025-11-14
1.134.37	1 / 1	2025-11-14
1.134.36	1 / 1	2025-11-13
1.134.35	1 / 1	2025-11-13
1.134.34	1 / 1	2025-11-13
1.134.33	1 / 1	2025-11-13
1.134.32	1 / 1	2025-11-13
1.134.31	1 / 1	2025-11-13
1.134.30	1 / 1	2025-11-13
1.134.29	1 / 1	2025-11-12
1.134.28	1 / 1	2025-11-12
1.134.27	1 / 1	2025-11-12
1.134.26	1 / 1	2025-11-12
1.134.25	1 / 1	2025-11-12
1.134.24	1 / 1	2025-11-10
1.134.23	1 / 1	2025-11-09
1.134.22	1 / 1	2025-11-08
1.134.21	1 / 1	2025-11-08
1.134.20	1 / 1	2025-11-08
1.134.19	1 / 1	2025-11-05
1.134.18	1 / 1	2025-11-05
1.134.16	1 / 1	2025-10-31
1.134.15	1 / 1	2025-10-31
1.134.14	1 / 1	2025-10-30
1.134.13	1 / 1	2025-10-28
1.134.12	1 / 1	2025-10-28
1.134.11	1 / 1	2025-10-23
1.134.10	1 / 1	2025-10-22
1.134.9	1 / 1	2025-10-22
1.134.8	1 / 1	2025-10-22
1.134.7	1 / 1	2025-10-22
1.134.6	1 / 1	2025-10-17
1.134.5	1 / 1	2025-10-17
1.134.4	1 / 1	2025-10-17
1.134.3	1 / 1	2025-10-17
1.134.2	1 / 1	2025-10-14
1.134.1	1 / 1	2025-10-14
1.134.0	1 / 1	2025-10-08
1.133.10	1 / 1	2025-10-08
1.133.9	1 / 1	2025-10-05
1.133.8	0 / 2	2025-10-05
1.133.7	0 / 2	2025-10-05
1.133.6	0 / 2	2025-10-05
1.133.5	0 / 2	2025-10-03
1.133.4	0 / 2	2025-09-22
1.133.3	0 / 2	2025-09-21

Showing 100 of 386 Next page →

v1.134.63

2 findings

HIGH Publisher changed: stormie-bot → GitHub Actions (on 2025-12-08) provenance

This version was published by a different npm account than previous versions on 2025-12-08. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance