father
A bundless/bundle build tool
Supply chain provenance
Status for the latest visible version.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| phantom-deps | phantom-dep:sass-loader | AI (phantom-deps): Referenced via config, expected for storybook/docz tooling. | ai | |
| source-diff | source-size-tripled | AI (source-diff): Explained by bundled vendor test fixtures for new doc feature. | ai | |
| source-diff | large-new-source-files | AI (source-diff): New Storybook/docz doc-generation feature adds fixtures/tests, not malicious code. | ai | |
| source-diff | net-exec-file:src/fixtures/doc/normal/.doc/static/js/vendors.27f5d684.js | AI (source-diff): Bundled webpack vendor chunk in test fixtures, not injected payload. | ai | |
| source-diff | net-exec-file:src/fixtures/doc/css-modules/.doc/static/js/vendors.27f5d684.js | AI (source-diff): Bundled webpack vendor chunk in test fixtures, not injected payload. | ai | |
| source-diff | net-exec-file:src/fixtures/doc/config-theme/.doc/static/js/vendors.27f5d684.js | AI (source-diff): Bundled webpack vendor chunk in test fixtures, not injected payload. | ai | |
| source-diff | net-exec-file:src/fixtures/doc/babel-extra-babel-presets-and-plugins/.doc/static/js/vendors.27f5d684.js | AI (source-diff): Bundled webpack vendor chunk in test fixtures, not injected payload. | ai | |
| provenance | publisher-changed | AI (provenance): Change is to CI/CD-attested GitHub Actions publish, resolving prior manual-publisher concern. | ai | |
| phantom-deps | phantom-dep:@storybook/cli | AI (phantom-deps): Config-referenced tooling dep, not code-imported; expected for this build toolkit. | ai | |
| semgrep | semgrep:child-process-import | AI (semgrep): Used by docz doc-generation module, not toward an external destination. | ai | |
| publish-pattern | new-deps-added | AI (publish-pattern): babel-plugin-styled-components is a well-known legitimate Babel plugin; its addition to a bundler/build tool is expected and benign. | ai | |
| semgrep | semgrep:dynamic-require | AI (semgrep): father is a package parser; dynamic require of package.json files by path is core to its functionality, not a security risk. | ai | |
| phantom-deps | phantom-dep:extend | AI (phantom-deps): extend is a declared dependency in package.json; phantom-dep finding is a false positive for this package. | ai | |
| provenance | no-provenance | AI (provenance): Provenance attestation is a best-practice recommendation; absence is not a security blocker for an established package. | ai | |
| phantom-deps | phantom-dep:babel-plugin-dynamic-import-node | AI (phantom-deps): babel-plugin-dynamic-import-node is explicitly declared as a runtime dep at a pinned version; used as a config-level plugin rather than directly imported in source. | ai | |
| dependencies | unvetted-dep:@umijs/core | AI (dependencies): First-party UmiJS ecosystem dependency; father is maintained by the same umijs org and this is an expected runtime dep. | ai | |
| dependencies | unvetted-dep:@umijs/babel-preset-umi | AI (dependencies): First-party UmiJS ecosystem dependency; expected for this build tool maintained by the umijs org. | ai | |
| dependencies | unvetted-dep:@umijs/bundler-webpack | AI (dependencies): First-party UmiJS ecosystem dependency; expected for this build tool maintained by the umijs org. | ai | |
| dependencies | unvetted-dep:@umijs/bundler-utils | AI (dependencies): First-party UmiJS ecosystem dependency; expected for this build tool maintained by the umijs org. | ai | |
| dependencies | unvetted-dep:@umijs/utils | AI (dependencies): First-party UmiJS ecosystem dependency; expected for this build tool maintained by the umijs org. | ai |
Versions (showing 51 of 79)
| Version | Deps | Published |
|---|---|---|
| 4.6.31 | 23 / 20 | |
| 4.6.30 | 23 / 20 | |
| 4.6.29 | 23 / 20 | |
| 4.6.28 | 23 / 20 | |
| 4.6.27 | 23 / 20 | |
| 4.6.26 | 23 / 20 | |
| 4.6.25 | 23 / 20 | |
| 4.6.18 | 23 / 20 | |
| 4.6.8 | 23 / 20 | |
| 4.5.3 | 23 / 20 | |
| 4.5.2 | 23 / 20 | |
| 4.5.1 | 23 / 20 | |
| 4.4.1 | 21 / 20 | |
| 4.4.0 | 21 / 20 | |
| 4.3.8 | 20 / 20 | |
| 4.3.7 | 20 / 20 | |
| 4.3.6 | 20 / 20 | |
| 2.30.16 | 34 / 0 | |
| 2.30.8 | 34 / 0 | |
| 2.13.6 | 51 / 0 | |
| 2.10.0 | 51 / 0 | |
| 0.13.1 | 10 / 6 | |
| 0.13.0 | 10 / 6 | |
| 0.12.0 | 10 / 6 | |
| 0.11.0 | 10 / 6 | |
| 0.10.6 | 9 / 6 | |
| 0.10.5 | 9 / 6 | |
| 0.10.4 | 9 / 6 | |
| 0.10.3 | 8 / 6 | |
| 0.10.2 | 8 / 6 | |
| 0.10.1 | 8 / 6 | |
| 0.10.0 | 8 / 6 | |
| 0.9.7 | 7 / 5 | |
| 0.9.6 | 7 / 5 | |
| 0.9.5 | 7 / 5 | |
| 0.9.4 | 7 / 5 | |
| 0.9.3 | 7 / 5 | |
| 0.9.2 | 6 / 5 | |
| 0.9.1 | 6 / 5 | |
| 0.9.0 | 6 / 5 | |
| 0.8.7 | 6 / 5 | |
| 0.8.6 | 6 / 5 | |
| 0.8.5 | 6 / 5 | |
| 0.8.4 | 6 / 5 | |
| 0.8.3 | 6 / 4 | |
| 0.8.2 | 6 / 4 | |
| 0.8.1 | 6 / 4 | |
| 0.8.0 | 6 / 4 | |
| 0.7.3 | 6 / 4 | |
| 0.7.2 | 6 / 4 | |
| 0.7.1 | 6 / 4 |
v4.6.31
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.6.30
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.6.29
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.6.28
2 findingsPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
This version was published by a different npm account (GitHub Actions) than the most recent previously approved version (zoomdong07) on 2026-07-13, but it carries Sigstore provenance attestation. This means the package moved to a trusted publisher (CI/CD with OIDC, e.g. GitHub Actions) — a supply-chain integrity improvement, not a compromise, since a stolen npm token cannot forge provenance bound to the source repository. Recorded as INFO for audit trail.
v4.6.27
2 findings[Reject — re-review on republish] (prior reject: AI (provenance): Publisher changed to zoomdong07, an account with 4062 rejected packages and only 824 approved. This is a persistent red flag for this package.) This version was published by a different npm account than previous versions on 2026-07-10. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.6.26
2 findings[Reject — re-review on republish] (prior reject: AI (provenance): Publisher changed to zoomdong07, an account with 4062 rejected packages and only 824 approved. This is a persistent red flag for this package.) This version was published by a different npm account than previous versions on 2026-07-08. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.6.25
2 findings[Reject — re-review on republish] (prior reject: AI (provenance): Publisher changed to zoomdong07, an account with 4062 rejected packages and only 824 approved. This is a persistent red flag for this package.) This version was published by a different npm account than previous versions on 2026-07-01. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.6.8
3 findings[Always reject] Version constraint: 1.0.0.
[Always reject] This version was published by a different npm account than previous versions on 2025-11-25. This could indicate a legitimate maintainer transition or an account compromise.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.5.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.30.16
3 findings[Reject — re-review on republish] (prior reject: AI (provenance): Publisher changed to zoomdong07, an account with 4062 rejected packages and only 824 approved. This is a persistent red flag for this package.) This version was published by a different npm account than previous versions on 2022-02-08. This could indicate a legitimate maintainer transition or an account compromise.
child_process imported — can execute arbitrary system commands Source: ssh://[email protected]/umijs/father/blob/2cca6a2cbf3869ebe96e9f64ff89b2877e12a79a/lib/doc/docz.js#L10 8 | var assert = _interopRequireWildcard(require("assert")); 9 | > 10 | var _child_process = require("child_process"); 11 | 12 | var _path = require("path");
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.30.8
3 findings[Reject — re-review on republish] (prior reject: AI (provenance): Publisher changed to zoomdong07, an account with 4062 rejected packages and only 824 approved. This is a persistent red flag for this package.) This version was published by a different npm account than previous versions on 2021-08-08. This could indicate a legitimate maintainer transition or an account compromise.
child_process imported — can execute arbitrary system commands Source: ssh://[email protected]/umijs/father/blob/fd6e4d0564f9e494f76e6dc70770f02fea87b284/lib/doc/docz.js#L10 8 | var assert = _interopRequireWildcard(require("assert")); 9 | > 10 | var _child_process = require("child_process"); 11 | 12 | var _path = require("path");
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.13.6
3 findings[Reject — re-review on republish] (prior reject: AI (provenance): Publisher changed to zoomdong07, an account with 4062 rejected packages and only 824 approved. This is a persistent red flag for this package.) This version was published by a different npm account than previous versions on 2019-07-15. This could indicate a legitimate maintainer transition or an account compromise.
child_process imported — can execute arbitrary system commands Source: ssh://[email protected]/umijs/father/blob/3281abe5d635c48103218c2bf4ef6d0db5197fc4/lib/doc/docz.js#L10 8 | var assert = _interopRequireWildcard(require("assert")); 9 | > 10 | var _child_process = require("child_process"); 11 | 12 | var _path = require("path");
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.10.0
8 findingsNewly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware. Artifact: bundled (webpack) — bundler banner in the scanned head, but the file is larger than the scan window and its remainder is unclassified, so this is not a clean bill of health.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware. Artifact: bundled (webpack) — bundler banner in the scanned head, but the file is larger than the scan window and its remainder is unclassified, so this is not a clean bill of health.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware. Artifact: bundled (webpack) — bundler banner in the scanned head, but the file is larger than the scan window and its remainder is unclassified, so this is not a clean bill of health.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware. Artifact: bundled (webpack) — bundler banner in the scanned head, but the file is larger than the scan window and its remainder is unclassified, so this is not a clean bill of health.
child_process imported — can execute arbitrary system commands Source: ssh://[email protected]/umijs/father/blob/20f8734087f1ce2bedad422bd93d007973c635f8/lib/doc/doc.e2e.js#L5 3 | var _path = require("path"); 4 | > 5 | var _child_process = require("child_process"); 6 | 7 | var _puppeteer = _interopRequireDefault(require("puppeteer"));
child_process imported — can execute arbitrary system commands Source: ssh://[email protected]/umijs/father/blob/20f8734087f1ce2bedad422bd93d007973c635f8/lib/doc/docz.js#L10 8 | var assert = _interopRequireWildcard(require("assert")); 9 | > 10 | var _child_process = require("child_process"); 11 | 12 | var _path = require("path");
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
This version was published by a different npm account (sorrycc) than the most recent previously approved version (popomore) on 2019-06-19, but sorrycc is listed as a maintainer on prior approved versions (matched on name). This looks like a manual publish by a known maintainer rather than a publisher change. Recorded as INFO for audit trail.