@typemove/sui
1
Versions
—
License
No
Install Scripts
Verified
Provenance
Supply chain provenance
Status for the latest visible version.
SLSA provenance attestation
npm registry signatures
No source commit
Maintainers
philz3906
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| typosquat | typosquat.levenshtein:uuid | AI (typosquat): Scoped Sui blockchain SDK; not a typosquat of uuid. | ai | |
| typosquat | typosquat.levenshtein:joi | AI (typosquat): Scoped Sui blockchain SDK; not a typosquat of joi. | ai | |
| typosquat | typosquat.levenshtein:yup | AI (typosquat): Scoped Sui blockchain SDK; not a typosquat of yup. | ai | |
| phantom-deps | phantom-dep:radash | AI (phantom-deps): radash is a runtime dep used in build/codegen tooling; phantom-dep heuristic misfires here. | ai | |
| phantom-deps | phantom-dep:prettier | AI (phantom-deps): prettier is used as a code formatter in codegen output; referenced in config, stable false positive. | ai |
Versions (showing 1 of 1)
| Version | Deps | Published |
|---|---|---|
| 1.13.4 | 6 / 0 |
v1.13.4
1 finding
LOW
No provenance attestation
provenance
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.