@webpieces/http-filters
Filter chain infrastructure for cross-cutting concerns
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| provenance | publisher-changed | AI (provenance): Transition from manual publish (deanwebpieces) to GitHub Actions with SLSA provenance is a legitimate CI/CD migration for this package. | ai | |
| phantom-deps | phantom-dep:@webpieces/core-context | AI (phantom-deps): Same-org monorepo sibling; may be re-exported rather than directly imported. Stable false positive for this package. | ai |
Versions (showing 100 of 121)
| Version | Deps | Published |
|---|---|---|
| 0.3.136 | 1 / 0 | |
| 0.3.135 | 1 / 0 | |
| 0.3.134 | 1 / 0 | |
| 0.3.133 | 1 / 0 | |
| 0.3.131 | 1 / 0 | |
| 0.3.130 | 1 / 0 | |
| 0.3.129 | 1 / 0 | |
| 0.3.128 | 1 / 0 | |
| 0.2.127 | 1 / 0 | |
| 0.2.126 | 1 / 0 | |
| 0.2.125 | 1 / 0 | |
| 0.2.124 | 1 / 0 | |
| 0.2.123 | 1 / 0 | |
| 0.2.122 | 1 / 0 | |
| 0.2.121 | 1 / 0 | |
| 0.2.120 | 1 / 0 | |
| 0.2.119 | 1 / 0 | |
| 0.2.118 | 1 / 0 | |
| 0.2.117 | 1 / 0 | |
| 0.2.116 | 1 / 0 | |
| 0.2.115 | 1 / 0 | |
| 0.2.114 | 1 / 0 | |
| 0.2.113 | 1 / 0 | |
| 0.2.111 | 1 / 0 | |
| 0.2.110 | 1 / 0 | |
| 0.2.109 | 1 / 0 | |
| 0.2.108 | 1 / 0 | |
| 0.2.107 | 1 / 0 | |
| 0.2.106 | 1 / 0 | |
| 0.2.105 | 1 / 0 | |
| 0.2.104 | 1 / 0 | |
| 0.2.103 | 1 / 0 | |
| 0.2.102 | 1 / 0 | |
| 0.2.100 | 1 / 0 | |
| 0.2.99 | 1 / 0 | |
| 0.2.98 | 1 / 0 | |
| 0.2.97 | 1 / 0 | |
| 0.2.95 | 1 / 0 | |
| 0.2.94 | 1 / 0 | |
| 0.2.93 | 1 / 0 | |
| 0.2.92 | 1 / 0 | |
| 0.2.91 | 1 / 0 | |
| 0.2.90 | 1 / 0 | |
| 0.2.89 | 1 / 0 | |
| 0.2.88 | 1 / 0 | |
| 0.2.87 | 1 / 0 | |
| 0.2.86 | 1 / 0 | |
| 0.2.85 | 1 / 0 | |
| 0.2.84 | 1 / 0 | |
| 0.2.83 | 1 / 0 | |
| 0.2.82 | 1 / 0 | |
| 0.2.81 | 1 / 0 | |
| 0.2.80 | 1 / 0 | |
| 0.2.79 | 1 / 0 | |
| 0.2.78 | 1 / 0 | |
| 0.2.77 | 1 / 0 | |
| 0.2.76 | 1 / 0 | |
| 0.2.75 | 1 / 0 | |
| 0.2.74 | 1 / 0 | |
| 0.2.73 | 1 / 0 | |
| 0.2.72 | 1 / 0 | |
| 0.2.71 | 1 / 0 | |
| 0.2.70 | 1 / 0 | |
| 0.2.69 | 1 / 0 | |
| 0.2.68 | 1 / 0 | |
| 0.2.67 | 1 / 0 | |
| 0.2.66 | 1 / 0 | |
| 0.2.65 | 1 / 0 | |
| 0.2.64 | 1 / 0 | |
| 0.2.63 | 1 / 0 | |
| 0.2.62 | 1 / 0 | |
| 0.2.61 | 1 / 0 | |
| 0.2.60 | 1 / 0 | |
| 0.2.59 | 1 / 0 | |
| 0.2.58 | 1 / 0 | |
| 0.2.57 | 1 / 0 | |
| 0.2.56 | 1 / 0 | |
| 0.2.55 | 1 / 0 | |
| 0.2.52 | 1 / 0 | |
| 0.2.51 | 1 / 0 | |
| 0.2.47 | 1 / 0 | |
| 0.2.46 | 1 / 0 | |
| 0.2.45 | 1 / 0 | |
| 0.2.44 | 1 / 0 | |
| 0.2.43 | 1 / 0 | |
| 0.2.42 | 1 / 0 | |
| 0.2.41 | 1 / 0 | |
| 0.2.40 | 1 / 0 | |
| 0.2.39 | 1 / 0 | |
| 0.2.38 | 1 / 0 | |
| 0.2.37 | 1 / 0 | |
| 0.2.36 | 1 / 0 | |
| 0.2.35 | 1 / 0 | |
| 0.2.34 | 1 / 0 | |
| 0.2.33 | 1 / 0 | |
| 0.2.32 | 1 / 0 | |
| 0.2.31 | 1 / 0 | |
| 0.2.30 | 1 / 0 | |
| 0.2.29 | 1 / 0 | |
| 0.2.28 | 1 / 0 |
v0.3.136
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.135
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.134
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.133
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.131
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.130
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.129
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.128
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.127
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.126
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.125
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.124
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.123
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.122
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.121
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.120
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.119
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.118
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.117
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.116
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.115
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.114
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.113
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.111
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.110
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.109
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.108
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.107
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.106
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.105
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.104
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.103
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.102
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.100
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.99
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.98
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.97
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.95
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.94
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.93
2 findingsThis version was published by a different npm account than previous versions on 2026-03-28. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.92
2 findingsThis version was published by a different npm account than previous versions on 2026-03-24. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.91
2 findingsThis version was published by a different npm account than previous versions on 2026-03-14. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.90
2 findingsThis version was published by a different npm account than previous versions on 2026-03-13. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.89
2 findingsThis version was published by a different npm account than previous versions on 2026-03-13. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.88
2 findingsThis version was published by a different npm account than previous versions on 2026-02-24. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.87
2 findingsThis version was published by a different npm account than previous versions on 2026-02-24. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.86
2 findingsThis version was published by a different npm account than previous versions on 2026-02-24. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.85
2 findingsThis version was published by a different npm account than previous versions on 2026-02-24. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.84
2 findingsThis version was published by a different npm account than previous versions on 2026-02-24. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.83
2 findingsThis version was published by a different npm account than previous versions on 2026-02-24. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.82
2 findingsThis version was published by a different npm account than previous versions on 2026-02-23. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.81
2 findingsThis version was published by a different npm account than previous versions on 2026-02-23. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.80
2 findingsThis version was published by a different npm account than previous versions on 2026-02-23. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.79
2 findingsThis version was published by a different npm account than previous versions on 2026-02-22. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.78
2 findingsThis version was published by a different npm account than previous versions on 2026-02-20. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.77
2 findingsThis version was published by a different npm account than previous versions on 2026-02-20. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.76
2 findingsThis version was published by a different npm account than previous versions on 2026-01-23. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.75
2 findingsThis version was published by a different npm account than previous versions on 2026-01-22. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.74
2 findingsThis version was published by a different npm account than previous versions on 2026-01-20. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.73
2 findingsThis version was published by a different npm account than previous versions on 2026-01-20. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.72
2 findingsThis version was published by a different npm account than previous versions on 2026-01-20. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.71
2 findingsThis version was published by a different npm account than previous versions on 2026-01-20. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.70
2 findingsThis version was published by a different npm account than previous versions on 2026-01-14. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.69
2 findingsThis version was published by a different npm account than previous versions on 2026-01-14. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.68
2 findingsThis version was published by a different npm account than previous versions on 2026-01-14. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.67
2 findingsThis version was published by a different npm account than previous versions on 2026-01-14. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.66
2 findingsThis version was published by a different npm account than previous versions on 2026-01-05. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.65
2 findingsThis version was published by a different npm account than previous versions on 2025-12-30. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.64
2 findingsThis version was published by a different npm account than previous versions on 2025-12-30. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.63
2 findingsThis version was published by a different npm account than previous versions on 2025-12-23. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.62
2 findingsThis version was published by a different npm account than previous versions on 2025-12-20. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.61
2 findingsThis version was published by a different npm account than previous versions on 2025-12-20. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.60
2 findingsThis version was published by a different npm account than previous versions on 2025-12-16. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.59
2 findingsThis version was published by a different npm account than previous versions on 2025-12-15. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.58
2 findingsThis version was published by a different npm account than previous versions on 2025-12-15. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.57
2 findingsThis version was published by a different npm account than previous versions on 2025-12-15. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.56
2 findingsThis version was published by a different npm account than previous versions on 2025-12-15. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.55
2 findingsThis version was published by a different npm account than previous versions on 2025-12-15. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.52
2 findingsThis version was published by a different npm account than previous versions on 2025-12-15. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.51
2 findingsThis version was published by a different npm account than previous versions on 2025-12-15. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.47
2 findingsThis version was published by a different npm account than previous versions on 2025-12-15. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.46
2 findingsThis version was published by a different npm account than previous versions on 2025-12-15. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.45
2 findingsThis version was published by a different npm account than previous versions on 2025-12-14. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.44
2 findingsThis version was published by a different npm account than previous versions on 2025-12-14. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.43
2 findingsThis version was published by a different npm account than previous versions on 2025-12-14. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.42
2 findingsThis version was published by a different npm account than previous versions on 2025-12-14. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.41
2 findingsThis version was published by a different npm account than previous versions on 2025-12-14. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.40
2 findingsThis version was published by a different npm account than previous versions on 2025-12-14. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.39
2 findingsThis version was published by a different npm account than previous versions on 2025-12-14. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.38
2 findingsThis version was published by a different npm account than previous versions on 2025-12-14. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.37
2 findingsThis version was published by a different npm account than previous versions on 2025-12-13. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.36
2 findingsThis version was published by a different npm account than previous versions on 2025-12-13. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.35
2 findingsThis version was published by a different npm account than previous versions on 2025-12-13. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.34
2 findingsThis version was published by a different npm account than previous versions on 2025-12-13. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.33
2 findingsThis version was published by a different npm account than previous versions on 2025-12-12. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.32
2 findingsThis version was published by a different npm account than previous versions on 2025-12-11. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.31
2 findingsThis version was published by a different npm account than previous versions on 2025-12-11. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.30
2 findingsThis version was published by a different npm account than previous versions on 2025-12-11. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.29
2 findingsThis version was published by a different npm account than previous versions on 2025-12-11. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.28
2 findingsThis version was published by a different npm account than previous versions on 2025-12-11. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.