@truenine/memory-sync-cli

TrueNine Memory Synchronization CLI metadata package

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures No source commit

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

falsezero

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
phantom-deps	phantom-dep:remark-frontmatter	AI (phantom-deps): Remark plugin for YAML frontmatter; indirect through unified ecosystem.	ai	2026/04/27
phantom-deps	phantom-dep:remark-parse	AI (phantom-deps): Remark parser; indirect usage through unified markdown processing pipeline.	ai	2026/04/27
phantom-deps	phantom-dep:@clack/prompts	AI (phantom-deps): Interactive CLI prompts library; legitimate indirect usage in CLI tool.	ai	2026/04/27
phantom-deps	phantom-dep:remark-stringify	AI (phantom-deps): Remark serializer; indirect usage through unified markdown processing.	ai	2026/04/27
phantom-deps	phantom-dep:yaml	AI (phantom-deps): Legitimate indirect dependency used through remark ecosystem and config processing in CLI tool.	ai	2026/04/27
phantom-deps	phantom-dep:unified	AI (phantom-deps): Core remark ecosystem dependency; used indirectly through remark-parse/stringify plugins.	ai	2026/04/27
phantom-deps	phantom-dep:winston	AI (phantom-deps): Logging library; typical indirect usage pattern in CLI tools via plugin system.	ai	2026/04/27
phantom-deps	phantom-dep:fs-extra	AI (phantom-deps): File system utility; commonly used indirectly in build/CLI tools.	ai	2026/04/27
phantom-deps	phantom-dep:fast-glob	AI (phantom-deps): Glob pattern matching; indirect usage in file discovery patterns for CLI.	ai	2026/04/27
phantom-deps	phantom-dep:picomatch	AI (phantom-deps): Pattern matching utility; indirect dependency of fast-glob and CLI matching logic.	ai	2026/04/27
phantom-deps	phantom-dep:picocolors	AI (phantom-deps): Terminal color utility; indirect usage in CLI output formatting.	ai	2026/04/27
phantom-deps	phantom-dep:remark-gfm	AI (phantom-deps): Remark plugin for GitHub-flavored markdown; indirect through unified ecosystem.	ai	2026/04/27
source-diff	net-exec-file:dist/babel.cjs	AI (source-diff): Network+exec pattern is from bundled Babel/webpack runtime internals (dynamic require, module resolution). Not dropper/loader malware.	ai	2026/04/26
source-diff	obfuscated-file:dist/jiti-B3PPFIgr.mjs	AI (source-diff): dist/jiti-B3PPFIgr.mjs is a bundled jiti/mlly runtime. Long lines are minified bundle output from tsdown/rollup, not obfuscation.	ai	2026/04/26
source-diff	obfuscated-file:dist/babel.cjs	AI (source-diff): dist/babel.cjs is a webpack-bundled Babel toolchain runtime. Long lines are minified bundle output, not obfuscation. Expected artifact for a CLI tool bundling its dependencies.	ai	2026/04/26

Versions (showing 39 of 139)

Version	Deps	Published
2026.10116.11129	14 / 15	2026-01-16
2026.10116.102	14 / 15	2026-01-15
2026.10107.106	14 / 15	2026-01-08
2026.10107.0	14 / 15	2026-01-06
2026.10106.107	14 / 15	2026-01-05
2026.10105.0	14 / 13	2026-01-05
2026.10103.10509	12 / 13	2026-01-02
2026.10103.10253	12 / 13	2026-01-02
2026.1.3	12 / 13	2026-01-02
2026.1.0	12 / 13	2026-01-02
2026.0.0	12 / 13	2026-01-02
2025.12.3119	12 / 13	2025-12-31
2025.12.2919	12 / 13	2025-12-29
2025.12.29	12 / 13	2025-12-28
2025.12.28	12 / 13	2025-12-27
2025.12.27	12 / 13	2025-12-27
1.0.5	12 / 13	2025-12-25
1.0.4	12 / 13	2025-12-25
1.0.3	12 / 13	2025-12-25
1.0.2	12 / 13	2025-12-24
1.0.0	12 / 13	2025-12-24
0.0.19	12 / 13	2025-12-23
0.0.18	12 / 13	2025-12-23
0.0.17	12 / 13	2025-12-23
0.0.16	12 / 13	2025-12-23
0.0.15	12 / 13	2025-12-23
0.0.14	12 / 13	2025-12-23
0.0.13	12 / 13	2025-12-23
0.0.12	12 / 13	2025-12-22
0.0.11	12 / 13	2025-12-22
0.0.10	12 / 13	2025-12-21
0.0.9	12 / 13	2025-12-21
0.0.8	12 / 13	2025-12-18
0.0.7	12 / 13	2025-12-17
0.0.6	12 / 13	2025-12-17
0.0.5	12 / 13	2025-12-16
0.0.4	12 / 13	2025-12-16
0.0.3	12 / 13	2025-12-16
0.0.1	12 / 13	2025-12-12