promptfoo
Supply chain provenance
Status for the latest visible version.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | net-exec-file:dist/src/aws-B6z7Bp-y.cjs | AI (source-diff): Bundled AWS Bedrock provider; network+exec is inherent to an LLM eval toolkit calling cloud APIs. | ai | |
| source-diff | net-exec-file:dist/src/aws-CcirYqo_.cjs | AI (source-diff): Rolldown-bundled CJS chunk for AWS Bedrock provider; network+require pattern is normal for this package. | ai | |
| source-diff | net-exec-file:dist/src/evalResult-BgL2HNJC.cjs | AI (source-diff): Rolldown-bundled CJS chunk; network+require pattern is normal for bundled output. | ai | |
| source-diff | large-new-source-files | AI (source-diff): Bundler migration (rolldown) causes chunk filename churn; stable pattern for this package. | ai | |
| phantom-deps | phantom-dep:@types/ws | AI (phantom-deps): Type-only dep; used as framework-scoped type declaration, not a direct import. | ai | |
| phantom-deps | phantom-dep:gcp-metadata | AI (phantom-deps): Referenced in config/override context; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@opencode-ai/sdk | AI (phantom-deps): Optional provider integration; loaded by convention, not direct import. | ai | |
| phantom-deps | phantom-dep:@opentelemetry/sdk-trace-base | AI (phantom-deps): OTel SDK loaded via plugin pattern; stable false positive for this package. | ai |
Versions (showing 11 of 11)
| Version | Deps | Published |
|---|---|---|
| 0.121.15 | 78 / 56 | |
| 0.121.14 | 78 / 56 | |
| 0.121.13 | 78 / 56 | |
| 0.121.12 | 84 / 57 | |
| 0.121.11 | 83 / 57 | |
| 0.121.10 | 83 / 57 | |
| 0.121.9 | 85 / 58 | |
| 0.121.8 | 85 / 58 | |
| 0.121.7 | 85 / 58 | |
| 0.121.5 | 85 / 57 | |
| 0.121.4 | 85 / 57 |
v0.121.15
2 findingsNewly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.121.14
3 findingsNewly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.121.13
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.121.12
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.121.11
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.121.10
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.121.8
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.121.7
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.121.5
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.121.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.