@traceloop/instrumentation-mcp No license 9 versions

@traceloop/instrumentation-mcp

npm Repository Homepage

9

Versions

—

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

tomer-friedmannirgagalklm

Keywords

opentelemetrynodejstracingmcpmodel-context-protocol

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
phantom-deps	phantom-dep:tslib	AI (phantom-deps): tslib is a known implicit dependency of TypeScript transpilation; stable for this package.	ai	2026/05/21
phantom-deps	phantom-dep:@opentelemetry/core	AI (phantom-deps): OpenTelemetry core is implicitly used through instrumentation APIs; expected pattern.	ai	2026/05/21
phantom-deps	phantom-dep:@opentelemetry/semantic-conventions	AI (phantom-deps): Semantic conventions used implicitly by instrumentation; expected pattern.	ai	2026/05/21

Versions (showing 9 of 9)

Version	Deps	Published
0.26.0	6 / 10	2026-04-16
0.25.0	6 / 10	2026-04-13
0.24.0	6 / 10	2026-04-06
0.23.0	6 / 10	2026-03-30
0.22.6	6 / 10	2026-01-18
0.22.5	6 / 10	2025-12-17
0.22.2	6 / 10	2025-12-02
0.22.0	6 / 10	2025-11-27
0.21.0	6 / 10	2025-11-24

v0.26.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.25.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.24.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.23.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.22.6

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.22.5

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.22.2

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.22.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.21.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.