← Home

@transcend-io/cli

npm Repository Homepage

A command line interface for programmatic operations across Transcend.

5
Versions
Apache-2.0
License
No
Install Scripts
Verified
Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

cami-transcendmichaelfarrell76bencmbrookdmattiaelidawson.turechekaldobarrtranscend-bot

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
source-diff obfuscated-file:dist/app-B3MFDzTT.mjs AI (source-diff): Standard tsdown/rollup minified ESM bundle; content is Transcend CLI logic, not obfuscated malware. ai
source-diff obfuscated-file:dist/bulkRestartRequests-BwG2i-KE.mjs AI (source-diff): Standard minified ESM bundle with readable Transcend privacy-request logic. ai
source-diff obfuscated-file:dist/command-D27esBYG.mjs AI (source-diff): Standard minified ESM bundle; CLI command definitions for Transcend API. ai
source-diff obfuscated-file:dist/constants-CSp8-HmP.mjs AI (source-diff): Standard minified ESM bundle; Transcend constants and scope definitions. ai
source-diff obfuscated-file:dist/downloadPrivacyRequestFiles-DSSP9stK.mjs AI (source-diff): Standard minified ESM bundle; privacy request file download logic. ai
source-diff obfuscated-file:dist/impl-BUl5vA05.mjs AI (source-diff): Standard minified ESM bundle; YAML sync implementation for Transcend CLI. ai
phantom-deps phantom-dep:ms AI (phantom-deps): Bundled CLI; deps are inlined into dist bundles, not directly imported from source. ai
phantom-deps phantom-dep:got AI (phantom-deps): Bundled CLI; deps inlined into dist. ai
phantom-deps phantom-dep:fp-ts AI (phantom-deps): Bundled CLI; deps inlined into dist. ai
phantom-deps phantom-dep:io-ts AI (phantom-deps): Bundled CLI; deps inlined into dist. ai
phantom-deps phantom-dep:colors AI (phantom-deps): Bundled CLI; deps inlined into dist. ai
phantom-deps phantom-dep:semver AI (phantom-deps): Bundled CLI; deps inlined into dist. ai
phantom-deps phantom-dep:lodash-es AI (phantom-deps): Bundled CLI; deps inlined into dist. ai
phantom-deps phantom-dep:graphql AI (phantom-deps): Bundled CLI; deps inlined into dist. ai
phantom-deps phantom-dep:js-yaml AI (phantom-deps): Bundled CLI; deps inlined into dist. ai
phantom-deps phantom-dep:@transcend-io/sdk AI (phantom-deps): Same-org dep bundled into dist; stable false positive for this package. ai
phantom-deps phantom-dep:@transcend-io/utils AI (phantom-deps): Same-org dep bundled into dist. ai
phantom-deps phantom-dep:@transcend-io/type-utils AI (phantom-deps): Same-org dep bundled into dist. ai
phantom-deps phantom-dep:@transcend-io/privacy-types AI (phantom-deps): Same-org dep bundled into dist. ai
phantom-deps phantom-dep:@transcend-io/secret-value AI (phantom-deps): Same-org dep bundled into dist. ai

Versions (showing 5 of 5)

Version Deps Published
10.2.6 39 / 24
10.2.5 39 / 24
10.2.3 39 / 24
10.2.1 39 / 24
10.1.0 39 / 24

v10.2.6

7 findings
HIGH New obfuscated file: dist/app-B3MFDzTT.mjs source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/bulkRestartRequests-BwG2i-KE.mjs source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/command-D27esBYG.mjs source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/constants-CSp8-HmP.mjs source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/downloadPrivacyRequestFiles-DSSP9stK.mjs source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/impl-BUl5vA05.mjs source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v10.2.3

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v10.2.1

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v10.1.0

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.