@wg-npm/survey-analyzer
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Versions (showing 31 of 31)
| Version | Deps | Published |
|---|---|---|
| 1.78.4161800 | 0 / 31 | |
| 1.78.4151600 | 0 / 31 | |
| 1.78.4031900 | 0 / 31 | |
| 1.78.3091408 | 0 / 31 | |
| 1.78.3051745 | 0 / 31 | |
| 1.78.511954 | 0 / 31 | |
| 1.78.511948 | 0 / 31 | |
| 1.78.511947 | 0 / 31 | |
| 1.78.511945 | 0 / 31 | |
| 1.78.511944 | 0 / 31 | |
| 1.78.511943 | 0 / 31 | |
| 1.78.511940 | 0 / 31 | |
| 1.78.511938 | 0 / 31 | |
| 1.78.511910 | 0 / 31 | |
| 1.78.511900 | 0 / 31 | |
| 1.78.511800 | 0 / 31 | |
| 1.78.222395 | 0 / 31 | |
| 1.77.2271400 | 0 / 31 | |
| 1.77.2261800 | 0 / 31 | |
| 1.77.2251800 | 0 / 31 | |
| 1.77.2131100 | 0 / 31 | |
| 1.77.2101756 | 0 / 31 | |
| 1.77.2101755 | 0 / 31 | |
| 1.77.1131715 | 0 / 31 | |
| 1.77.113395 | 0 / 31 | |
| 1.77.112274 | 0 / 31 | |
| 1.77.102768 | 0 / 31 | |
| 1.77.101860 | 0 / 31 | |
| 1.77.98172 | 0 / 31 | |
| 1.77.96442 | 0 / 31 | |
| 0.5.740 | 0 / 31 |
v1.78.4161800
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.78.4151600
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.78.4031900
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.78.3091408
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.78.3051745
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.78.511954
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.78.511948
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.78.511947
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.78.511945
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.78.511944
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.78.511940
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.78.511938
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.78.511910
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.78.511900
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.78.511800
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.78.222395
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.2271400
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.2261800
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.2251800
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.2131100
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.2101756
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.2101755
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.1131715
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.77.113395
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.112274
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.102768
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.101860
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.98172
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.96442
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.5.740
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.