@tombi-toml/cli-win32-arm64
Supply chain provenance
Status for the latest visible version.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| npm-metadata | bundled-binaries | AI (npm-metadata): This package's sole purpose is to distribute tombi.exe for win32-arm64. The binary is built via SLSA-attested CI/CD from the official tombi-toml/tombi repo. Stable for this package. | ai | |
| bogus-package | bogus-package | AI (bogus-package): Platform-specific binary sub-packages legitimately have no description, keywords, or deps — they exist only to deliver a native binary. Pattern is stable across all versions of this package. | ai | |
| npm-metadata | no-description | AI (npm-metadata): No description is expected for platform-specific binary distribution sub-packages; not a malicious indicator here. | ai |
Versions (showing 100 of 188)
| Version | Deps | Published |
|---|---|---|
| 1.1.2 | 0 / 0 | |
| 1.1.1 | 0 / 0 | |
| 1.1.0 | 0 / 0 | |
| 1.0.0 | 0 / 0 | |
| 0.11.7 | 0 / 0 | |
| 0.11.6 | 0 / 0 | |
| 0.11.5 | 0 / 0 | |
| 0.11.4 | 0 / 0 | |
| 0.11.3 | 0 / 0 | |
| 0.11.2 | 0 / 0 | |
| 0.11.1 | 0 / 0 | |
| 0.11.0 | 0 / 0 | |
| 0.10.6 | 0 / 0 | |
| 0.10.5 | 0 / 0 | |
| 0.10.4 | 0 / 0 | |
| 0.10.3 | 0 / 0 | |
| 0.10.2 | 0 / 0 | |
| 0.10.1 | 0 / 0 | |
| 0.10.0 | 0 / 0 | |
| 0.9.26 | 0 / 0 | |
| 0.9.25 | 0 / 0 | |
| 0.9.24 | 0 / 0 | |
| 0.9.23 | 0 / 0 | |
| 0.9.22 | 0 / 0 | |
| 0.9.21 | 0 / 0 | |
| 0.9.20 | 0 / 0 | |
| 0.9.19 | 0 / 0 | |
| 0.9.18 | 0 / 0 | |
| 0.9.17 | 0 / 0 | |
| 0.9.16 | 0 / 0 | |
| 0.9.15 | 0 / 0 | |
| 0.9.14 | 0 / 0 | |
| 0.9.13 | 0 / 0 | |
| 0.9.12 | 0 / 0 | |
| 0.9.11 | 0 / 0 | |
| 0.9.10 | 0 / 0 | |
| 0.9.9 | 0 / 0 | |
| 0.9.8 | 0 / 0 | |
| 0.9.7 | 0 / 0 | |
| 0.9.6 | 0 / 0 | |
| 0.9.5 | 0 / 0 | |
| 0.9.4 | 0 / 0 | |
| 0.9.3 | 0 / 0 | |
| 0.9.2 | 0 / 0 | |
| 0.9.1 | 0 / 0 | |
| 0.9.0 | 0 / 0 | |
| 0.8.0 | 0 / 0 | |
| 0.7.33 | 0 / 0 | |
| 0.7.32 | 0 / 0 | |
| 0.7.31 | 0 / 0 | |
| 0.7.30 | 0 / 0 | |
| 0.7.29 | 0 / 0 | |
| 0.7.28 | 0 / 0 | |
| 0.7.27 | 0 / 0 | |
| 0.7.26 | 0 / 0 | |
| 0.7.25 | 0 / 0 | |
| 0.7.24 | 0 / 0 | |
| 0.7.23 | 0 / 0 | |
| 0.7.22 | 0 / 0 | |
| 0.7.21 | 0 / 0 | |
| 0.7.20 | 0 / 0 | |
| 0.7.19 | 0 / 0 | |
| 0.7.18 | 0 / 0 | |
| 0.7.17 | 0 / 0 | |
| 0.7.16 | 0 / 0 | |
| 0.7.15 | 0 / 0 | |
| 0.7.14 | 0 / 0 | |
| 0.7.13 | 0 / 0 | |
| 0.7.12 | 0 / 0 | |
| 0.7.11 | 0 / 0 | |
| 0.7.10 | 0 / 0 | |
| 0.7.4 | 0 / 0 | |
| 0.7.3 | 0 / 0 | |
| 0.7.2 | 0 / 0 | |
| 0.7.1 | 0 / 0 | |
| 0.7.0 | 0 / 0 | |
| 0.6.57 | 0 / 0 | |
| 0.6.56 | 0 / 0 | |
| 0.6.55 | 0 / 0 | |
| 0.6.54 | 0 / 0 | |
| 0.6.53 | 0 / 0 | |
| 0.6.52 | 0 / 0 | |
| 0.6.51 | 0 / 0 | |
| 0.6.50 | 0 / 0 | |
| 0.6.49 | 0 / 0 | |
| 0.6.48 | 0 / 0 | |
| 0.6.47 | 0 / 0 | |
| 0.6.46 | 0 / 0 | |
| 0.6.45 | 0 / 0 | |
| 0.6.44 | 0 / 0 | |
| 0.6.43 | 0 / 0 | |
| 0.6.42 | 0 / 0 | |
| 0.6.41 | 0 / 0 | |
| 0.6.40 | 0 / 0 | |
| 0.6.39 | 0 / 0 | |
| 0.6.38 | 0 / 0 | |
| 0.6.37 | 0 / 0 | |
| 0.6.36 | 0 / 0 | |
| 0.6.35 | 0 / 0 | |
| 0.6.34 | 0 / 0 |
v1.1.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.1.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.1.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.0.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.7
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.6
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.5
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.6
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.5
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.25
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.24
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.23
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.22
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.21
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.20
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.19
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.18
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.17
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.16
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.15
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.14
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.13
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.12
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.11
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.10
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.9
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.8
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.7
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.6
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.5
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.4
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.3
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.2
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.1
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.0
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.8.0
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.33
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.32
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.31
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.30
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.29
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.28
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.27
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.26
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.25
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.24
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.23
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.22
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.21
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.20
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.19
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.18
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.17
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.16
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.15
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.14
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.13
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.12
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.11
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.10
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.4
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.3
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.2
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.1
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.0
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.57
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.56
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.55
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.54
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.53
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.52
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.51
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.50
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.49
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.48
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.47
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.46
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.45
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.44
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.43
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.42
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.41
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.40
2 findingsPackage contains compiled binaries that could be backdoors: • tombi.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.39
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.38
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.37
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.36
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.35
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.34
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.