@telperion/ng-pack
Collection of Angular utilities and libraries organized as secondary entry points. Includes signal-based storage (localStorage/sessionStorage/cookieStorage), SSE client with HttpClient-inspired interceptors, event modifier plugins, and more. Built with Ty
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| semgrep | semgrep:api-obfuscation-reflect | AI (semgrep): Reflect.get() is used in a Proxy get trap for storage signal interception — idiomatic JS, not obfuscation. | ai | |
| phantom-deps | phantom-dep:tslib | AI (phantom-deps): tslib is a known implicit runtime dependency for Angular/TypeScript compiled packages. | ai | |
| phantom-deps | phantom-dep:@telperion/extra-ts-types | AI (phantom-deps): Type-only dependency from same org; not imported at runtime by design. | ai |
Versions (showing 29 of 29)
| Version | Deps | Published |
|---|---|---|
| 3.1.0 | 5 / 0 | |
| 3.0.1 | 5 / 0 | |
| 3.0.0 | 5 / 0 | |
| 2.3.3 | 4 / 0 | |
| 2.3.2 | 4 / 0 | |
| 2.3.0 | 4 / 0 | |
| 2.2.0 | 4 / 0 | |
| 2.1.0 | 4 / 0 | |
| 2.0.1 | 4 / 0 | |
| 2.0.0 | 4 / 0 | |
| 1.8.3 | 4 / 0 | |
| 1.8.2 | 4 / 0 | |
| 1.8.1 | 4 / 0 | |
| 1.8.0 | 4 / 0 | |
| 1.7.1 | 4 / 0 | |
| 1.7.0 | 4 / 0 | |
| 1.6.1 | 4 / 0 | |
| 1.6.0 | 4 / 0 | |
| 1.5.0 | 4 / 0 | |
| 1.4.2 | 4 / 0 | |
| 1.4.1 | 4 / 0 | |
| 1.3.2 | 4 / 0 | |
| 1.3.1 | 4 / 0 | |
| 1.3.0 | 4 / 0 | |
| 1.2.2 | 4 / 0 | |
| 1.2.1 | 4 / 0 | |
| 1.1.1 | 2 / 0 | |
| 1.0.0 | 2 / 0 | |
| 0.1.3 | 2 / 0 |
v3.1.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v3.0.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v3.0.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.3.3
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.3.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.3.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.2.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.1.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.0.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.0.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.8.3
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.8.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.8.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.8.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.7.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.7.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.6.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.6.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.5.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.4.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.4.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.3.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.3.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.3.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.1.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.3
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.