← Home

@translate-local/tl

npm Repository Homepage

CLI-first translation tool with glossary enforcement and local models

4
Versions
MIT
License
No
Install Scripts
Verified
Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

its-magdy

Keywords

translationclilocalofflineollamallmglossaryi18nl10ntuirtlarabic

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
typosquat typosquat.levenshtein:pg AI (typosquat): Scoped translation CLI; no semantic or functional resemblance to 'pg'. ai
typosquat typosquat.levenshtein:qs AI (typosquat): Scoped translation CLI; no semantic or functional resemblance to 'qs'. ai
semgrep semgrep:child-process-import AI (semgrep): CLI binary uses spawnSync to dispatch to platform-specific native binaries; expected pattern for this package. ai

Versions (showing 4 of 4)

Version Deps Published
0.3.5 0 / 0
0.3.4 0 / 0
0.3.1 0 / 0
0.3.0 0 / 0

v0.3.5

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.3.4

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.3.1

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.3.0

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.