@tramvai/tinkoff-request-http-client-adapter
Interface implementation `HttpClient` from [@tramvai/http-client](references/libs/http-client.md) based on the library [@tinkoff/request](https://tinkoff.github.io/tinkoff-request/)
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| dependencies | unvetted-dep:@tinkoff/request-plugin-cache-deduplicate | AI (dependencies): Core @tinkoff/request plugin; stable dependency for this adapter package. | ai | |
| dependencies | unvetted-dep:@tinkoff/request-plugin-transform-url | AI (dependencies): Core @tinkoff/request plugin; stable dependency for this adapter package. | ai | |
| dependencies | unvetted-dep:@tinkoff/request-plugin-circuit-breaker | AI (dependencies): Core @tinkoff/request plugin; stable dependency for this adapter package. | ai | |
| dependencies | unvetted-dep:@tramvai/http-client | AI (dependencies): First-party tramvai ecosystem dep; consistent across all versions of this adapter. | ai | |
| dependencies | unvetted-dep:@tinkoff/request-plugin-log | AI (dependencies): Core @tinkoff/request plugin; stable dependency for this adapter package. | ai | |
| dependencies | unvetted-dep:@tinkoff/request-plugin-validate | AI (dependencies): Core @tinkoff/request plugin; stable dependency for this adapter package. | ai | |
| dependencies | unvetted-dep:@tinkoff/request-plugin-cache-etag | AI (dependencies): Core @tinkoff/request plugin; stable dependency for this adapter package. | ai | |
| dependencies | unvetted-dep:@tinkoff/request-plugin-cache-memory | AI (dependencies): Core @tinkoff/request plugin; stable dependency for this adapter package. | ai | |
| dependencies | unvetted-dep:@tinkoff/request-plugin-protocol-http | AI (dependencies): Core @tinkoff/request plugin; stable dependency for this adapter package. | ai | |
| phantom-deps | phantom-dep:tslib | AI (phantom-deps): tslib is declared in dependencies; phantom-dep is a false positive here. | ai | |
| provenance | no-provenance | AI (provenance): Large monorepo package; provenance not used across the tramvai ecosystem. | ai |
Versions (showing 100 of 118)
| Version | Deps | Published |
|---|---|---|
| 0.14.74 | 15 / 0 | |
| 0.14.73 | 15 / 0 | |
| 0.14.71 | 15 / 0 | |
| 0.14.70 | 15 / 0 | |
| 0.14.69 | 15 / 0 | |
| 0.14.67 | 15 / 0 | |
| 0.14.64 | 15 / 0 | |
| 0.14.63 | 15 / 0 | |
| 0.14.62 | 15 / 0 | |
| 0.14.59 | 15 / 0 | |
| 0.14.58 | 15 / 0 | |
| 0.14.56 | 15 / 0 | |
| 0.14.55 | 15 / 0 | |
| 0.14.33 | 15 / 0 | |
| 0.14.32 | 15 / 0 | |
| 0.14.25 | 15 / 0 | |
| 0.14.21 | 15 / 0 | |
| 0.14.19 | 15 / 0 | |
| 0.14.18 | 15 / 0 | |
| 0.14.15 | 15 / 0 | |
| 0.14.14 | 15 / 0 | |
| 0.14.13 | 15 / 0 | |
| 0.14.12 | 15 / 0 | |
| 0.14.11 | 15 / 0 | |
| 0.14.10 | 15 / 0 | |
| 0.14.9 | 15 / 0 | |
| 0.14.8 | 15 / 0 | |
| 0.14.7 | 15 / 0 | |
| 0.14.6 | 15 / 0 | |
| 0.14.5 | 15 / 0 | |
| 0.14.4 | 15 / 0 | |
| 0.14.3 | 15 / 0 | |
| 0.14.2 | 15 / 0 | |
| 0.14.1 | 15 / 0 | |
| 0.13.228 | 15 / 0 | |
| 0.13.227 | 15 / 0 | |
| 0.13.225 | 15 / 0 | |
| 0.13.224 | 15 / 0 | |
| 0.13.222 | 15 / 0 | |
| 0.13.221 | 15 / 0 | |
| 0.13.218 | 15 / 0 | |
| 0.13.216 | 15 / 0 | |
| 0.13.215 | 15 / 0 | |
| 0.13.213 | 15 / 0 | |
| 0.13.212 | 15 / 0 | |
| 0.13.210 | 15 / 0 | |
| 0.13.209 | 15 / 0 | |
| 0.13.208 | 15 / 0 | |
| 0.13.189 | 15 / 0 | |
| 0.13.181 | 15 / 0 | |
| 0.13.178 | 15 / 0 | |
| 0.13.177 | 15 / 0 | |
| 0.13.176 | 15 / 0 | |
| 0.13.173 | 15 / 0 | |
| 0.13.171 | 15 / 0 | |
| 0.13.170 | 15 / 0 | |
| 0.13.169 | 15 / 0 | |
| 0.13.168 | 15 / 0 | |
| 0.13.167 | 15 / 0 | |
| 0.13.166 | 15 / 0 | |
| 0.13.165 | 15 / 0 | |
| 0.13.164 | 15 / 0 | |
| 0.13.163 | 15 / 0 | |
| 0.13.162 | 15 / 0 | |
| 0.13.161 | 15 / 0 | |
| 0.13.160 | 15 / 0 | |
| 0.13.159 | 15 / 0 | |
| 0.13.158 | 15 / 0 | |
| 0.13.157 | 15 / 0 | |
| 0.13.156 | 15 / 0 | |
| 0.13.155 | 15 / 0 | |
| 0.13.153 | 15 / 0 | |
| 0.13.152 | 15 / 0 | |
| 0.13.124 | 15 / 0 | |
| 0.13.122 | 15 / 0 | |
| 0.13.121 | 15 / 0 | |
| 0.13.120 | 15 / 0 | |
| 0.13.119 | 15 / 0 | |
| 0.13.118 | 15 / 0 | |
| 0.13.117 | 15 / 0 | |
| 0.13.116 | 15 / 0 | |
| 0.13.112 | 15 / 0 | |
| 0.13.110 | 15 / 0 | |
| 0.13.109 | 14 / 0 | |
| 0.13.107 | 14 / 0 | |
| 0.13.106 | 14 / 0 | |
| 0.13.105 | 14 / 0 | |
| 0.13.102 | 14 / 0 | |
| 0.12.280 | 14 / 0 | |
| 0.12.279 | 14 / 0 | |
| 0.12.274 | 14 / 0 | |
| 0.12.270 | 14 / 0 | |
| 0.12.268 | 14 / 0 | |
| 0.12.267 | 14 / 0 | |
| 0.12.266 | 14 / 0 | |
| 0.12.264 | 14 / 0 | |
| 0.12.247 | 14 / 0 | |
| 0.12.246 | 14 / 0 | |
| 0.12.244 | 14 / 0 | |
| 0.12.242 | 14 / 0 |
v0.14.74
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.14.73
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.14.71
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.14.70
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.14.69
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.14.67
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.14.64
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.14.63
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.14.62
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.14.59
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.14.58
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.14.56
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.14.55
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.14.33
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.14.32
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.14.25
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.14.21
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.14.19
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.14.18
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.14.15
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.14.14
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.14.13
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.14.12
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.14.11
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.14.10
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.14.9
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.14.8
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.14.7
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.14.6
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.14.5
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.14.4
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.14.3
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.14.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.14.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.13.228
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.13.227
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.13.225
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.13.224
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.13.221
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.13.218
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.13.216
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.13.215
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.13.213
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.13.212
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.13.210
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.13.209
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.13.208
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.13.189
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.13.181
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.13.178
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.13.177
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.13.176
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.13.173
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.13.171
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.13.170
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.13.169
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.13.168
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.13.167
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.13.166
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.13.165
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.13.164
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.13.163
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.13.162
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.13.161
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.13.160
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.13.159
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.13.158
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.13.157
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.13.156
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.13.155
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.13.153
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.13.152
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.13.124
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.13.122
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.13.121
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.13.120
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.13.119
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.13.118
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.13.117
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.13.116
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.13.112
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.13.110
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.13.109
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.13.107
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.13.106
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.13.105
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.13.102
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.12.280
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.12.279
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.12.274
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.12.268
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.12.267
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.12.266
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.12.264
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.12.247
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.12.246
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.12.244
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.12.242
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.