@teamkeel/functions-runtime
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| phantom-deps | phantom-dep:vite | AI (phantom-deps): vite is a devDependency used in test/build tooling; not a runtime import concern for this package. | ai | |
| phantom-deps | phantom-dep:@types/jsonwebtoken | AI (phantom-deps): @types/jsonwebtoken is a type-only package; stable false positive for this package. | ai |
Versions (showing 51 of 92)
| Version | Deps | Published |
|---|---|---|
| 0.455.2 | 21 / 10 | |
| 0.455.1 | 21 / 10 | |
| 0.455.0 | 21 / 10 | |
| 0.454.3 | 21 / 10 | |
| 0.454.2 | 21 / 10 | |
| 0.453.0 | 20 / 10 | |
| 0.452.1 | 20 / 10 | |
| 0.452.0 | 20 / 10 | |
| 0.451.2 | 20 / 10 | |
| 0.451.1 | 20 / 10 | |
| 0.451.0 | 20 / 10 | |
| 0.450.0 | 20 / 10 | |
| 0.449.3 | 20 / 10 | |
| 0.449.2 | 20 / 10 | |
| 0.449.1 | 20 / 10 | |
| 0.449.0 | 20 / 10 | |
| 0.448.1 | 20 / 10 | |
| 0.447.0 | 20 / 10 | |
| 0.446.1 | 20 / 10 | |
| 0.446.0 | 20 / 10 | |
| 0.445.0 | 20 / 10 | |
| 0.444.0 | 20 / 10 | |
| 0.443.0 | 20 / 10 | |
| 0.442.0 | 20 / 10 | |
| 0.441.0 | 20 / 10 | |
| 0.440.1 | 20 / 10 | |
| 0.440.0 | 20 / 10 | |
| 0.439.0 | 20 / 10 | |
| 0.438.1 | 20 / 10 | |
| 0.438.0 | 20 / 10 | |
| 0.437.0 | 20 / 10 | |
| 0.436.1 | 20 / 10 | |
| 0.436.0 | 20 / 10 | |
| 0.435.0 | 20 / 10 | |
| 0.434.1 | 20 / 10 | |
| 0.434.0 | 20 / 10 | |
| 0.433.0 | 20 / 10 | |
| 0.432.0 | 20 / 10 | |
| 0.431.0 | 20 / 10 | |
| 0.430.0 | 20 / 10 | |
| 0.429.2 | 20 / 10 | |
| 0.429.1 | 20 / 10 | |
| 0.429.0 | 20 / 10 | |
| 0.428.2 | 18 / 10 | |
| 0.427.0 | 18 / 10 | |
| 0.426.0 | 18 / 10 | |
| 0.425.1 | 18 / 10 | |
| 0.425.0 | 18 / 10 | |
| 0.424.0 | 18 / 10 | |
| 0.423.3 | 18 / 10 | |
| 0.423.2 | 18 / 10 |
v0.455.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.455.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.455.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.454.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.454.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.453.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.452.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.452.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.451.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.451.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.451.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.450.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.449.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.449.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.449.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.449.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.448.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.447.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.446.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.446.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.445.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.444.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.443.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.442.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.441.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.440.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.440.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.439.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.438.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.438.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.437.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.436.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.436.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.435.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.434.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.434.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.433.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.432.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.431.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.430.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.429.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.429.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.429.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.428.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.427.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.426.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.425.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.425.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.424.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.423.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.423.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.