← Home

@zapier/zapier-sdk

npm

Complete Zapier SDK - combines all Zapier SDK packages

51
Versions
SEE LICENSE IN LICENSE
License
No
Install Scripts
Missing
Provenance

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures No source commit

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

tims256philip.ng-zapierzapetcchaodonghujc.coto-zapierandrew.gosnell-zapieremma-haysmichaelannnickaccuardizapierjdaudierjoaopimentelrsiemenskola-ercodebycalebcalebpetersonzach.walsh-zapierzapier-engineeringbryanhelmigpwhammanamber.diehl-zapierchris.ladouceur-zapierpercy_at_zapierlijennikatestamzapfokkezbzoeykim-zapierjhk2020natalie.davis-zapiernik.danilov-zapierjonathan.harrell-zapierdilan-zapiersandy.brydon-zapieremily.harris-zapiercorbin.schwartz-zapiermikekucheraandrew.kordampalos-zapiernate.moore-zapierjosuezaprhubbardtomasz.piechota-zapierservice-account-appsecmary.rising-zapierpaul.goodwin-zapiermatthew.mocniak-zapiermindy.wagner-zapiernkroeker_zaphitchcockwillibrahem.zayedchelsea.weberseason.huangchris.vanderkolk.zapiererin.williams-zapierdarko.ronic.zapierkredlearjichao.yin-zapierchelschubbskylershawkalo.pilato-zapiermaggie.cody-zapierandya-zapierianscowill.wigginsannaulyanovabskaurudkaitrin.coxchasehambymilkrammburnipeterbritnellcarolinezapierchris.lee-zapieremmaiellejeanetteujordanraleighrobertscldayne-taittlaurenmbeattyihor.horakmaxwellgbrownhanz.cortesalejandro-lagostom.leung-zapierlizzyzapcolemacleansdelosrios95jason.rametta-zapierjoseph-corona-zapierpedro.louro-zapierlachlan.willis-zapieralphabrettbrandon.parker-zapierpoterekmgreg-zapierloveena.vattenkymsholtyplorryjoel.taddeistandielplsfgrafaaparkinilari.scheininannader-zapieramickael-zapkalenwesselkat.nestorxavierh-zapierjames.hong-zapierservice-account-renovatecortega_zpjelani.jackson-zapierbrandon.myers.zapierben.clapp.zapierrebecca.davis.zapierdavidwin-zapdylan.laible-zapiermason.geloso-zapiervaleriia.shpinerzac.jones-zapiermanasseh_zapierlisa.orraaclarker-zapfernando.velascosalazarnormanroadaniel.vagg-zapierpaulo.neto-zapieralec.hinh-zapierscott.woodend-zapiersteven.nelemans-zapiercody.landryschlickmannjacquelynmccraywojciech.matuszewski-zapieralex.blackdanielheidornzapraquel.zapiersarahstorymatthew.hockenbury-zapierjonathan.wise-zapierdewayne-zapierchrys.swingler-zapiermahsa.khoshab-zapieranna.hadnagy-zapierjake.talgard-zapierbenjamin.kempe-zapierryan.vennell-zapierzackary.higgins-zapierbryce.seagervandyk-zapierkit.burgess-zapierzapier-interfacesbrody-zapieraaron.kosel-zapierdiomercameron.barnes-zapiersarah.hernandez-zapierdavid.jardine-zapierryan.detzel-zapierjacob.blakely-zapierkasey.cowley-zapierjessica.winters-zapierabraham.duran-zapieraleks.ozolins-zapiernicholas.civili-zapieraubry.stewart-zapierkristen.keller-zapierryan.laxson-zapiershanan.holm-zapieromar.delossantos-zapierosarhomiyeke.iyere-zapiermike.lambert-zapiercatherine.murray-zapierken.ng-zapiermarina.handvivian.lau-zapierdan.middleton-zapierjames.miltenberger-zapiercharan.mahesan-zapierolajide.ayinla-zapiersara.gomez-zapierismail.latona-zapiertazrafiqservice-account-catalogashley.isles-zapierryan.dunnewold-zapierrval-zapierjenna.macdonald-zapiersharvari.desai-zapierlstensagerkunal.mahajan-zapierben.mcadams-zapierjason.brandt-zapiernitish.sachar.zapiermark.auburn-zapierjames-zapierjacob.bridges-zapierbrian.corbinpradeepan.michaelraj-zapiervakeesh.kanna-zapierdaria.usatyuk-zapieralexis.hitt-zapierjacob.webber-zapiersteve.gasior-zapiermathieu.lavallee-zapierjuancamilo.solano-zapieralex.mcevoy-zapiernate.platt-zapiervarand.abrahamian-zapierdave.mathes-zapierrishi.goomar-zapiernithun.harikrishnan-zapierenes.grahovac-zapierpavel.vasv-zapierbilly.kaufman-zapierkirby.hackett-zapierjames.rosebaugh-nordan-zapiertodd.moy-zapierindra.kabiraj-zapierchris.geoghegan-zapierteereximusdavid.stanley-zapiernatay.aberra-zapierchase.oliver-zapiernoahmangerzapierjustin.zapierchristian.wernert-zapiermiguel.oteropedrido-zapierlukecjohnson-zapieryohana-heringerkevin.mcgovern-zapierkenyon.sparks-zapierdaniel.shepard-zapier-1kamalsingh.narukapeter.lord-zapierstephanie.coates-zapierseth.duncan-zapiernick.fredman-zapiermatt.luksoerik.aybar-zapierchris.taylor-zapierchris.haferl-zapierjason.poole-zapiermojtaba.hosseini-zapierandy.spezzatti-zapierseth.etter-zapiersage-zapierblakek-zapierkelly.vaughn-zapierdanielle.weisz-zapierenrique.maytorena-zapierhgascoigne_zapierandrew-scala-zapierjuan-vazquez-zapierandyzapierdaniel-frazierjase.hackman-zapierrahul.es-zapierrob.golding-day-zapiercass.hill-zapiernumichuujay.reddy-zapiercameron.phillips-zapierajdlpalvaro.martin-zapiersimon.charette-zapierchristopher.mclachlan-lee-zapierbailey.griswold-zapierchristopher.mckay-zapierthomas.cranny-zapierrenae.corcoran-zapierjosh.newman-zapierchang-hung.liang-zapierrocio.aramberri-zapiercooksey-zapierkrishna.chaitanya-zapiersugatmahantianthony.torres-zapiermaria.bances-zapiernick.james-zapierclaire.mcnelis-zapierchris.weaverjames.carr-zapierbrodenzapierrebecca-ghazalibradley.bohen-zapierstevemolitorsammons.zapierchristophe.coutzoukis-zapierana.krivokapic-zapiersaraelizabeth.horning-zapiervictor.avasiloaei-zapierjordy.vandomselaar-zapierjuancarlos.prida-zapierjdeal_zapiermike.pirnat-zapierkeerthana.mohan-zapiernicole.thomasahsanhassanchris.johns-zapieralden.aikele-zapierryan.fitzgerald-zapiermiklossimondave.kolas-zapierbrodie.kurczynski_zapierlindsay.smith-zapierfrank.leng-zapiererika.satterfield-zapierkaushibalexmichael.lewis-zapieragustina.feijoo-zapierraj.balasubramaniam-zapieranna.mira-zapiertravis.stephens-zapierdenis.chenluces.huayhuacalambert-zapierbrad.peters-zapierdeirdremarie.massaro-zapierashraf.khattab-zapierwalt.della-zapierthalida.noel-zapierruta.reisoglu-zapierlucas.carlson-zapierbj.collins-zapierjames.baldwin-zapiereleanor.kiefelhaggerty-zapiermai.berrondo-zapierjonathan.ballard-zapierveervikram.raj-zapierbetsy.gottesman.zapiergwen.myall-zapieradam.sukenik-zapierali.tycast-zapierrobin.salimans-zapierhari.nandanan-zapiersjimenez.zapieralfonso.riosjoanna.lu-zapiercolt.pini-zapierjeff.bertrand-zapierchristopher.knight-zapierjay.li-zapiermatthew.kiernander-zapiersangeeta.jadoonanan-zapierservice-account-zinniainsights

Keywords

zapiersdkintegrationsactionsworkflowscomplete

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
source-diff obfuscated-file:dist/index-eliz1Uq3.d.mts AI (source-diff): TypeScript declaration file (.d.mts); long lines are generated type signatures, not obfuscated executable code. ai
source-diff obfuscated-file:dist/index-eliz1Uq3.d.ts AI (source-diff): TypeScript declaration file (.d.ts); long lines are generated type signatures, not obfuscated executable code. ai
source-diff obfuscated-file:dist/index-DjQ4XDAV.d.mts AI (source-diff): TypeScript declaration file (.d.mts) with long lines is normal bundled type output from tsup; not executable code. ai
source-diff obfuscated-file:dist/index-DjQ4XDAV.d.ts AI (source-diff): TypeScript declaration file (.d.ts) with long lines is normal bundled type output from tsup; not executable code. ai
source-diff obfuscated-file:dist/index-Bfvj0KLi.d.ts AI (source-diff): TypeScript declaration file with long lines is normal tsup bundle output, not obfuscation. ai
source-diff obfuscated-file:dist/index-Bfvj0KLi.d.mts AI (source-diff): TypeScript declaration file with long lines is normal tsup bundle output, not obfuscation. ai
source-diff obfuscated-file:dist/index-3fBEDEsp.d.mts AI (source-diff): TypeScript declaration files with long lines are normal bundled type output, not obfuscation. ai
source-diff obfuscated-file:dist/index-3fBEDEsp.d.ts AI (source-diff): TypeScript declaration files with long lines are normal bundled type output, not obfuscation. ai
source-diff obfuscated-file:dist/index-4QyPPLfu.d.mts AI (source-diff): TypeScript declaration bundle from tsup; long lines are normal for rolled-up type definitions, not obfuscation. ai
source-diff obfuscated-file:dist/index-4QyPPLfu.d.ts AI (source-diff): TypeScript declaration bundle from tsup; long lines are normal for rolled-up type definitions, not obfuscation. ai
source-diff obfuscated-file:dist/index-SDDmBk2j.d.ts AI (source-diff): Generated TypeScript declaration file; long lines are normal for bundled type exports, not obfuscation. ai
source-diff obfuscated-file:dist/index-SDDmBk2j.d.mts AI (source-diff): Generated TypeScript declaration file; long lines are normal for bundled type exports, not obfuscation. ai
source-diff obfuscated-file:dist/index-CjP7lGzL.d.mts AI (source-diff): Bundled TypeScript declaration file from tsup; long lines are type rollup artifacts, not obfuscation. ai
source-diff obfuscated-file:dist/index-CjP7lGzL.d.ts AI (source-diff): Same as .d.mts — tsup-generated type declaration bundle, not obfuscated code. ai
source-diff obfuscated-file:dist/index-iKbnOz6r.d.ts AI (source-diff): TypeScript declaration file with long lines from bundled type exports; not obfuscated code. ai
source-diff obfuscated-file:dist/index-iKbnOz6r.d.mts AI (source-diff): TypeScript declaration file with long lines from bundled type exports; not obfuscated code. ai
source-diff obfuscated-file:dist/index-D2HKNk0N.d.ts AI (source-diff): Same as above — bundled .d.ts declaration file with long lines is expected tsup output. ai
source-diff obfuscated-file:dist/index-D2HKNk0N.d.mts AI (source-diff): Bundled TypeScript declaration file; long lines are normal for tsup-generated type rollups, not obfuscation. ai
source-diff obfuscated-file:dist/experimental.mjs AI (source-diff): Standard tsup/rollup minified bundle output; sample shows readable code, not obfuscation. Stable pattern for this build-tool-generated package. ai
source-diff obfuscated-file:dist/index-DcdtPei-.d.mts AI (source-diff): Bundled TypeScript declaration file; long lines are normal tsup/rollup output, not obfuscation. ai
publish-pattern rapid-publish AI (publish-pattern): GitLab CI/CD automated publishing pipeline; rapid successive publishes are expected for this package. ai
source-diff obfuscated-file:dist/index-DcdtPei-.d.ts AI (source-diff): Bundled TypeScript declaration file; long lines are normal tsup/rollup output, not obfuscation. ai
phantom-deps phantom-dep:@zapier/actions-sdk AI (phantom-deps): Same-org dependency re-exported by umbrella package; not directly imported by design. ai
phantom-deps phantom-dep:@zapier/shared-sdk AI (phantom-deps): Same-org dependency re-exported by umbrella package; not directly imported by design. ai
provenance publisher-changed AI (provenance): New publisher jdeal_zapier and all new maintainers are Zapier-namespaced; consistent with internal team transition. ai
publish-pattern new-deps-added AI (publish-pattern): New dep is @zapier/zapier-sdk-core, a first-party scoped package from the same org. ai
maintainer-change maintainer-removed AI (maintainer-change): Removal paired with zapier-branded additions; consistent with internal rotation. ai
maintainer-change maintainer-added AI (maintainer-change): New maintainers are zapier-branded accounts; consistent with internal team changes, not a hostile takeover. ai
phantom-deps phantom-dep:@zapier/policy-schema AI (phantom-deps): Same-org sibling dep declared in package.json; phantom-dep false positive for this monorepo umbrella package. ai

Versions (showing 51 of 151)

View all versions
Version Deps Published
1.1.0 2 / 5
1.0.3 2 / 5
1.0.2 2 / 5
1.0.0 2 / 5
0.64.0 4 / 4
0.63.0 4 / 4
0.62.0 4 / 4
0.61.0 4 / 4
0.60.0 4 / 4
0.59.0 4 / 4
0.58.0 4 / 4
0.57.0 4 / 4
0.56.2 4 / 4
0.56.1 4 / 4
0.56.0 4 / 4
0.55.0 4 / 4
0.54.1 4 / 4
0.54.0 4 / 4
0.53.0 4 / 4
0.52.0 4 / 4
0.51.0 4 / 4
0.50.0 4 / 4
0.49.0 4 / 4
0.48.1 4 / 4
0.48.0 4 / 4
0.47.1 4 / 4
0.47.0 4 / 4
0.46.1 4 / 4
0.46.0 4 / 4
0.45.2 4 / 5
0.45.1 4 / 5
0.45.0 4 / 5
0.44.0 4 / 5
0.43.0 4 / 5
0.42.1 2 / 5
0.42.0 2 / 5
0.41.2 2 / 5
0.41.1 2 / 5
0.41.0 2 / 5
0.40.4 2 / 5
0.40.3 2 / 5
0.40.2 2 / 5
0.40.1 2 / 5
0.40.0 2 / 5
0.39.1 2 / 5
0.39.0 2 / 5
0.38.0 2 / 5
0.37.0 2 / 5
0.36.0 2 / 5
0.35.0 2 / 5
0.34.1 2 / 5

v1.1.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.3

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.2

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.64.0

3 findings
HIGH New obfuscated file: dist/index-Bfvj0KLi.d.mts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/index-Bfvj0KLi.d.ts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.63.0

3 findings
HIGH New obfuscated file: dist/index-3fBEDEsp.d.mts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/index-3fBEDEsp.d.ts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.62.0

3 findings
HIGH New obfuscated file: dist/index-3fBEDEsp.d.mts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/index-3fBEDEsp.d.ts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.61.0

3 findings
HIGH New obfuscated file: dist/index-iKbnOz6r.d.mts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/index-iKbnOz6r.d.ts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.60.0

3 findings
HIGH New obfuscated file: dist/index-iKbnOz6r.d.mts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/index-iKbnOz6r.d.ts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.59.0

3 findings
HIGH New obfuscated file: dist/index-eliz1Uq3.d.mts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/index-eliz1Uq3.d.ts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.58.0

3 findings
HIGH New obfuscated file: dist/index-eliz1Uq3.d.mts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/index-eliz1Uq3.d.ts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.57.0

3 findings
HIGH New obfuscated file: dist/index-4QyPPLfu.d.mts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/index-4QyPPLfu.d.ts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.56.2

3 findings
HIGH New obfuscated file: dist/index-CjP7lGzL.d.mts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/index-CjP7lGzL.d.ts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.56.1

3 findings
HIGH New obfuscated file: dist/index-CjP7lGzL.d.mts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/index-CjP7lGzL.d.ts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.56.0

3 findings
HIGH New obfuscated file: dist/index-CjP7lGzL.d.mts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/index-CjP7lGzL.d.ts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.55.0

3 findings
HIGH New obfuscated file: dist/index-DjQ4XDAV.d.mts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/index-DjQ4XDAV.d.ts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.54.1

3 findings
HIGH New obfuscated file: dist/index-SDDmBk2j.d.mts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/index-SDDmBk2j.d.ts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.54.0

3 findings
HIGH New obfuscated file: dist/index-SDDmBk2j.d.mts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/index-SDDmBk2j.d.ts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.53.0

3 findings
HIGH New obfuscated file: dist/index-D2HKNk0N.d.mts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/index-D2HKNk0N.d.ts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.52.0

3 findings
HIGH New obfuscated file: dist/index-DcdtPei-.d.mts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/index-DcdtPei-.d.ts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.51.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.50.0

2 findings
HIGH New obfuscated file: dist/experimental.mjs source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.49.0

2 findings
HIGH New obfuscated file: dist/experimental.mjs source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.48.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.48.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.47.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.47.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.46.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.46.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.45.2

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.45.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.45.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.44.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.42.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.42.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.41.2

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.41.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.41.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.40.4

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.40.3

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.40.2

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.40.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.40.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.39.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.39.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.38.0

2 findings
HIGH Publisher changed: zapier-engineering → GitLab CI/CD (on 2026-03-27) provenance

This version was published by a different npm account than previous versions on 2026-03-27. This could indicate a legitimate maintainer transition or an account compromise.

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.37.0

2 findings
HIGH Publisher changed: zapier-engineering → GitLab CI/CD (on 2026-03-25) provenance

This version was published by a different npm account than previous versions on 2026-03-25. This could indicate a legitimate maintainer transition or an account compromise.

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.36.0

2 findings
HIGH Publisher changed: zapier-engineering → GitLab CI/CD (on 2026-03-20) provenance

This version was published by a different npm account than previous versions on 2026-03-20. This could indicate a legitimate maintainer transition or an account compromise.

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.35.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.34.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.