← Home

@testplane/webdriverio

npm Repository Homepage
7
Versions
License
No
Install Scripts
Missing
Provenance

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures No source commit

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

y-infrashadowusrkuznetsovromansipayrtdudagodmiripirunisonic16x

Keywords

webdriveriowebdriverseleniumappiumsaucelabssaucelabsmochanodeUnitbusterdevtoolspuppeteervowsjasmineassertcucumbertestingbot

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
phantom-deps phantom-dep:jszip AI (phantom-deps): Runtime dependency for archive handling; stable across versions. ai
phantom-deps phantom-dep:rgb2hex AI (phantom-deps): Runtime dependency for color conversion; stable across versions. ai
phantom-deps phantom-dep:archiver AI (phantom-deps): Runtime dependency for archive creation; stable across versions. ai
phantom-deps phantom-dep:css-value AI (phantom-deps): Runtime dependency for CSS parsing; stable across versions. ai
phantom-deps phantom-dep:minimatch AI (phantom-deps): Runtime dependency for pattern matching; stable across versions. ai
phantom-deps phantom-dep:aria-query AI (phantom-deps): Runtime dependency for accessibility queries; stable across versions. ai
phantom-deps phantom-dep:lodash.zip AI (phantom-deps): Runtime dependency for array operations; stable across versions. ai
phantom-deps phantom-dep:is-plain-obj AI (phantom-deps): Runtime dependency for object type checking; stable across versions. ai
phantom-deps phantom-dep:puppeteer-core AI (phantom-deps): Runtime dependency for browser automation; stable across versions. ai
phantom-deps phantom-dep:serialize-error AI (phantom-deps): Runtime dependency for error serialization; stable across versions. ai
phantom-deps phantom-dep:lodash.clonedeep AI (phantom-deps): Runtime dependency for deep cloning; stable across versions. ai
phantom-deps phantom-dep:devtools-protocol AI (phantom-deps): Runtime dependency for DevTools protocol; stable across versions. ai
phantom-deps phantom-dep:grapheme-splitter AI (phantom-deps): Runtime dependency for text processing; stable across versions. ai
phantom-deps phantom-dep:urlpattern-polyfill AI (phantom-deps): Runtime dependency for URL pattern support; stable across versions. ai
phantom-deps phantom-dep:@testplane/wdio-repl AI (phantom-deps): Scoped org dependency; stable across versions. ai
phantom-deps phantom-dep:@testplane/webdriver AI (phantom-deps): Scoped org dependency; stable across versions. ai
phantom-deps phantom-dep:@testplane/wdio-types AI (phantom-deps): Scoped org dependency; stable across versions. ai
phantom-deps phantom-dep:@testplane/wdio-config AI (phantom-deps): Scoped org dependency; stable across versions. ai
phantom-deps phantom-dep:@testplane/wdio-logger AI (phantom-deps): Scoped org dependency; stable across versions. ai
phantom-deps phantom-dep:css-shorthand-properties AI (phantom-deps): Runtime dependency for CSS parsing; stable across versions. ai
phantom-deps phantom-dep:resq AI (phantom-deps): Referenced in config/plugin files, not directly imported; stable false positive for this package. ai
phantom-deps phantom-dep:htmlfy AI (phantom-deps): Referenced in config files, not directly imported; stable false positive for this package. ai
phantom-deps phantom-dep:@types/node AI (phantom-deps): Framework-scoped type package; conventional phantom-dep false positive. ai
phantom-deps phantom-dep:query-selector-shadow-dom AI (phantom-deps): Referenced in config files, not directly imported; stable false positive for this package. ai
phantom-deps phantom-dep:@types/sinonjs__fake-timers AI (phantom-deps): Type package loaded by convention; stable false positive for this package. ai

Versions (showing 7 of 7)

Version Deps Published
9.5.25 27 / 6
9.5.24 27 / 6
9.5.23 27 / 6
9.5.22 27 / 6
9.5.20 27 / 6
9.5.19 27 / 6
9.5.18 27 / 6

v9.5.25

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v9.5.24

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v9.5.23

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v9.5.22

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v9.5.20

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v9.5.19

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v9.5.18

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.