← Home

cleye

npm Repository Homepage
10
Versions
License
No
Install Scripts
Verified
Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

hirokiosame

Keywords

clicommand lineargvparametersflagsnodetypescript

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
provenance publisher-changed AI (provenance): Transition from hirokiosame to GitHub Actions is legitimate CI/CD automation, confirmed by SLSA provenance attestation. ai
publish-pattern dormant-publish AI (publish-pattern): Dormancy followed by CI/CD-attested release is consistent with infrequent but legitimate maintenance cadence. ai
dependencies unvetted-dep:type-flag AI (dependencies): type-flag is a companion package by the same author (privatenumber); expected dependency for a CLI arg-parsing library. Stable false positive for this package. ai
dependencies unvetted-dep:terminal-columns AI (dependencies): terminal-columns is a companion package by the same author (privatenumber); expected dependency for a CLI tool. Stable false positive for this package. ai

Versions (showing 10 of 10)

Version Deps Published
2.6.0 2 / 0
2.5.0 2 / 0
2.4.0 2 / 0
2.3.0 2 / 0
2.2.1 2 / 0
2.2.0 2 / 0
2.1.1 2 / 0
2.1.0 2 / 0
2.0.1 2 / 0
2.0.0 2 / 0