sanity
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| phantom-deps | phantom-dep:color2k | AI (phantom-deps): Config-referenced dependency in monorepo. | ai | |
| phantom-deps | phantom-dep:arrify | AI (phantom-deps): Config-referenced dependency in monorepo. | ai | |
| phantom-deps | phantom-dep:raf | AI (phantom-deps): Polyfill loaded by convention in this framework. | ai | |
| phantom-deps | phantom-dep:jsdom | AI (phantom-deps): Used at runtime via require in SSR context; config-referenced. | ai | |
| phantom-deps | phantom-dep:react-focus-lock | AI (phantom-deps): Config-referenced dependency in monorepo. | ai | |
| phantom-deps | phantom-dep:@isaacs/ttlcache | AI (phantom-deps): Config-referenced dependency in monorepo. | ai | |
| phantom-deps | phantom-dep:exif-component | AI (phantom-deps): Config-referenced dependency in monorepo. | ai | |
| phantom-deps | phantom-dep:@sentry/react | AI (phantom-deps): Config-referenced dependency in monorepo. | ai | |
| phantom-deps | phantom-dep:player.style | AI (phantom-deps): Config-referenced dependency in monorepo. | ai | |
| phantom-deps | phantom-dep:json-reduce | AI (phantom-deps): Config-referenced dependency in monorepo. | ai | |
| phantom-deps | phantom-dep:dataloader | AI (phantom-deps): Config-referenced dependency in monorepo. | ai | |
| phantom-deps | phantom-dep:polished | AI (phantom-deps): Config-referenced dependency in monorepo. | ai | |
| phantom-deps | phantom-dep:mendoza | AI (phantom-deps): Config-referenced dependency in monorepo. | ai | |
| phantom-deps | phantom-dep:@types/use-sync-external-store | AI (phantom-deps): Type-only package loaded by convention. | ai | |
| phantom-deps | phantom-dep:@types/shallow-equals | AI (phantom-deps): Type-only package loaded by convention. | ai | |
| phantom-deps | phantom-dep:@types/speakingurl | AI (phantom-deps): Type-only package loaded by convention. | ai | |
| semgrep | semgrep:env-spread | AI (semgrep): CLI tool loading env files via Vite's loadEnv; standard config pattern. | ai | |
| semgrep | semgrep:dynamic-require | AI (semgrep): Plugin/module loader pattern; expected for a CLI framework. | ai | |
| semgrep | semgrep:shady-links-raw-ip | AI (semgrep): False positive: IP appears inside a user-facing warning message string, not an actual request. | ai | |
| semgrep | semgrep:env-bulk-read | AI (semgrep): Reading PATH env var key cross-platform; standard Node.js pattern. | ai | |
| phantom-deps | phantom-dep:esbuild | AI (phantom-deps): Known implicit binary dependency. | ai | |
| phantom-deps | phantom-dep:@types/which | AI (phantom-deps): Type-only package loaded by convention. | ai | |
| phantom-deps | phantom-dep:@types/react-is | AI (phantom-deps): Type-only package loaded by convention. | ai | |
| phantom-deps | phantom-dep:@types/tar-stream | AI (phantom-deps): Type-only package loaded by convention. | ai | |
| phantom-deps | phantom-dep:@portabletext/html | AI (phantom-deps): Stable false positive for this package's build structure. | ai | |
| phantom-deps | phantom-dep:@dnd-kit/utilities | AI (phantom-deps): Stable false positive for this package's build structure. | ai | |
| phantom-deps | phantom-dep:@dnd-kit/modifiers | AI (phantom-deps): Stable false positive for this package's build structure. | ai | |
| phantom-deps | phantom-dep:@dnd-kit/sortable | AI (phantom-deps): Stable false positive for this package's build structure. | ai | |
| phantom-deps | phantom-dep:react-refractor | AI (phantom-deps): Stable false positive for this package's build structure. | ai | |
| phantom-deps | phantom-dep:@sanity/mutate | AI (phantom-deps): Stable false positive for this package's build structure. | ai | |
| phantom-deps | phantom-dep:@dnd-kit/core | AI (phantom-deps): Stable false positive for this package's build structure. | ai | |
| phantom-deps | phantom-dep:refractor | AI (phantom-deps): Large monorepo package; phantom-dep heuristic unreliable for bundled/re-exported deps. | ai | |
| phantom-deps | phantom-dep:@date-fns/tz | AI (phantom-deps): Stable false positive for this package's build structure. | ai | |
| phantom-deps | phantom-dep:web-vitals | AI (phantom-deps): Stable false positive for this package's build structure. | ai | |
| phantom-deps | phantom-dep:@portabletext/patches | AI (phantom-deps): Stable false positive for this package's build structure. | ai | |
| phantom-deps | phantom-dep:@portabletext/to-html | AI (phantom-deps): Stable false positive for this package's build structure. | ai | |
| phantom-deps | phantom-dep:@tanstack/react-table | AI (phantom-deps): Stable false positive for this package's build structure. | ai | |
| phantom-deps | phantom-dep:use-device-pixel-ratio | AI (phantom-deps): Stable false positive for this package's build structure. | ai | |
| phantom-deps | phantom-dep:@sanity/media-library-types | AI (phantom-deps): Stable false positive for this package's build structure. | ai | |
| phantom-deps | phantom-dep:@portabletext/plugin-one-line | AI (phantom-deps): Stable false positive for this package's build structure. | ai | |
| phantom-deps | phantom-dep:classnames | AI (phantom-deps): Stable false positive for this package's build structure. | ai | |
| phantom-deps | phantom-dep:isomorphic-dompurify | AI (phantom-deps): Stable false positive for this package's build structure. | ai | |
| phantom-deps | phantom-dep:@sanity/eventsource | AI (phantom-deps): Stable false positive for this package's build structure. | ai | |
| phantom-deps | phantom-dep:@sanity/prism-groq | AI (phantom-deps): Stable false positive for this package's build structure. | ai |
Versions (showing 51 of 53)
| Version | Deps | Published |
|---|---|---|
| 6.0.0 | 101 / 50 | |
| 5.31.1 | 101 / 49 | |
| 5.31.0 | 101 / 49 | |
| 5.30.0 | 101 / 49 | |
| 5.29.0 | 101 / 49 | |
| 5.28.0 | 101 / 49 | |
| 5.27.0 | 101 / 49 | |
| 5.26.0 | 101 / 49 | |
| 5.25.1 | 101 / 49 | |
| 5.25.0 | 101 / 49 | |
| 5.23.0 | 101 / 49 | |
| 5.22.0 | 101 / 47 | |
| 5.21.0 | 101 / 47 | |
| 5.20.0 | 101 / 47 | |
| 5.19.0 | 101 / 47 | |
| 5.18.0 | 101 / 48 | |
| 5.17.1 | 101 / 48 | |
| 5.17.0 | 101 / 48 | |
| 5.16.0 | 100 / 48 | |
| 5.15.0 | 100 / 48 | |
| 5.14.1 | 148 / 49 | |
| 5.14.0 | 148 / 49 | |
| 5.13.0 | 148 / 49 | |
| 5.12.0 | 148 / 49 | |
| 5.11.0 | 148 / 50 | |
| 5.10.0 | 148 / 50 | |
| 5.9.0 | 148 / 50 | |
| 5.8.1 | 148 / 50 | |
| 5.7.0 | 146 / 49 | |
| 5.6.0 | 143 / 50 | |
| 5.5.0 | 142 / 50 | |
| 5.4.0 | 141 / 49 | |
| 5.3.1 | 141 / 49 | |
| 5.3.0 | 141 / 49 | |
| 5.2.0 | 143 / 50 | |
| 5.1.0 | 143 / 50 | |
| 5.0.1 | 143 / 50 | |
| 5.0.0 | 144 / 50 | |
| 4.22.0 | 145 / 50 | |
| 4.21.1 | 145 / 50 | |
| 4.21.0 | 145 / 50 | |
| 4.20.3 | 145 / 50 | |
| 4.20.2 | 145 / 50 | |
| 4.20.1 | 145 / 50 | |
| 4.20.0 | 145 / 50 | |
| 4.19.0 | 144 / 49 | |
| 4.18.0 | 144 / 49 | |
| 4.17.0 | 144 / 49 | |
| 4.16.0 | 144 / 49 | |
| 4.15.0 | 143 / 49 | |
| 4.14.2 | 144 / 48 |
v6.0.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.31.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.31.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.30.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.29.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.28.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.27.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.26.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.25.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.25.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.23.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.21.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.20.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.19.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.18.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.17.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.17.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.16.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.15.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.14.1
5 findingsSpreading entire process.env into an object — may capture all secrets 11 | envFile = !1, 12 | jsonEncode = !1 > 13 | } = options, fullEnv = envFile ? { 14 | ...process.env, 15 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 6 | envFile = !1, 7 | jsonEncode = !1 > 8 | } = options, fullEnv = envFile ? { 9 | ...process.env, 10 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 19 | envFile = !1, 20 | jsonEncode = !1 > 21 | } = options, fullEnv = envFile ? { 22 | ...process.env, 23 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 42 | spawn(process.argv[0], nodeArgs, { 43 | stdio: "inherit", > 44 | env: { 45 | ...process.env, 46 | SANITY_BASE_PATH: workDir
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.14.0
5 findingsSpreading entire process.env into an object — may capture all secrets 11 | envFile = !1, 12 | jsonEncode = !1 > 13 | } = options, fullEnv = envFile ? { 14 | ...process.env, 15 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 6 | envFile = !1, 7 | jsonEncode = !1 > 8 | } = options, fullEnv = envFile ? { 9 | ...process.env, 10 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 19 | envFile = !1, 20 | jsonEncode = !1 > 21 | } = options, fullEnv = envFile ? { 22 | ...process.env, 23 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 42 | spawn(process.argv[0], nodeArgs, { 43 | stdio: "inherit", > 44 | env: { 45 | ...process.env, 46 | SANITY_BASE_PATH: workDir
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.13.0
5 findingsSpreading entire process.env into an object — may capture all secrets 11 | envFile = !1, 12 | jsonEncode = !1 > 13 | } = options, fullEnv = envFile ? { 14 | ...process.env, 15 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 6 | envFile = !1, 7 | jsonEncode = !1 > 8 | } = options, fullEnv = envFile ? { 9 | ...process.env, 10 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 19 | envFile = !1, 20 | jsonEncode = !1 > 21 | } = options, fullEnv = envFile ? { 22 | ...process.env, 23 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 42 | spawn(process.argv[0], nodeArgs, { 43 | stdio: "inherit", > 44 | env: { 45 | ...process.env, 46 | SANITY_BASE_PATH: workDir
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.12.0
5 findingsSpreading entire process.env into an object — may capture all secrets 11 | envFile = !1, 12 | jsonEncode = !1 > 13 | } = options, fullEnv = envFile ? { 14 | ...process.env, 15 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 6 | envFile = !1, 7 | jsonEncode = !1 > 8 | } = options, fullEnv = envFile ? { 9 | ...process.env, 10 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 19 | envFile = !1, 20 | jsonEncode = !1 > 21 | } = options, fullEnv = envFile ? { 22 | ...process.env, 23 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 42 | spawn(process.argv[0], nodeArgs, { 43 | stdio: "inherit", > 44 | env: { 45 | ...process.env, 46 | SANITY_BASE_PATH: workDir
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.11.0
5 findingsSpreading entire process.env into an object — may capture all secrets 11 | envFile = !1, 12 | jsonEncode = !1 > 13 | } = options, fullEnv = envFile ? { 14 | ...process.env, 15 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 6 | envFile = !1, 7 | jsonEncode = !1 > 8 | } = options, fullEnv = envFile ? { 9 | ...process.env, 10 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 19 | envFile = !1, 20 | jsonEncode = !1 > 21 | } = options, fullEnv = envFile ? { 22 | ...process.env, 23 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 42 | spawn(process.argv[0], nodeArgs, { 43 | stdio: "inherit", > 44 | env: { 45 | ...process.env, 46 | SANITY_BASE_PATH: workDir
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.10.0
5 findingsSpreading entire process.env into an object — may capture all secrets 11 | envFile = !1, 12 | jsonEncode = !1 > 13 | } = options, fullEnv = envFile ? { 14 | ...process.env, 15 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 6 | envFile = !1, 7 | jsonEncode = !1 > 8 | } = options, fullEnv = envFile ? { 9 | ...process.env, 10 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 19 | envFile = !1, 20 | jsonEncode = !1 > 21 | } = options, fullEnv = envFile ? { 22 | ...process.env, 23 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 42 | spawn(process.argv[0], nodeArgs, { 43 | stdio: "inherit", > 44 | env: { 45 | ...process.env, 46 | SANITY_BASE_PATH: workDir
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.9.0
5 findingsSpreading entire process.env into an object — may capture all secrets 11 | envFile = !1, 12 | jsonEncode = !1 > 13 | } = options, fullEnv = envFile ? { 14 | ...process.env, 15 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 6 | envFile = !1, 7 | jsonEncode = !1 > 8 | } = options, fullEnv = envFile ? { 9 | ...process.env, 10 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 19 | envFile = !1, 20 | jsonEncode = !1 > 21 | } = options, fullEnv = envFile ? { 22 | ...process.env, 23 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 42 | spawn(process.argv[0], nodeArgs, { 43 | stdio: "inherit", > 44 | env: { 45 | ...process.env, 46 | SANITY_BASE_PATH: workDir
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.8.1
5 findingsSpreading entire process.env into an object — may capture all secrets 11 | envFile = !1, 12 | jsonEncode = !1 > 13 | } = options, fullEnv = envFile ? { 14 | ...process.env, 15 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 6 | envFile = !1, 7 | jsonEncode = !1 > 8 | } = options, fullEnv = envFile ? { 9 | ...process.env, 10 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 19 | envFile = !1, 20 | jsonEncode = !1 > 21 | } = options, fullEnv = envFile ? { 22 | ...process.env, 23 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 42 | spawn(process.argv[0], nodeArgs, { 43 | stdio: "inherit", > 44 | env: { 45 | ...process.env, 46 | SANITY_BASE_PATH: workDir
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.7.0
5 findingsSpreading entire process.env into an object — may capture all secrets 11 | envFile = !1, 12 | jsonEncode = !1 > 13 | } = options, fullEnv = envFile ? { 14 | ...process.env, 15 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 6 | envFile = !1, 7 | jsonEncode = !1 > 8 | } = options, fullEnv = envFile ? { 9 | ...process.env, 10 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 19 | envFile = !1, 20 | jsonEncode = !1 > 21 | } = options, fullEnv = envFile ? { 22 | ...process.env, 23 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 42 | spawn(process.argv[0], nodeArgs, { 43 | stdio: "inherit", > 44 | env: { 45 | ...process.env, 46 | SANITY_BASE_PATH: workDir
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.6.0
5 findingsSpreading entire process.env into an object — may capture all secrets 11 | envFile = !1, 12 | jsonEncode = !1 > 13 | } = options, fullEnv = envFile ? { 14 | ...process.env, 15 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 6 | envFile = !1, 7 | jsonEncode = !1 > 8 | } = options, fullEnv = envFile ? { 9 | ...process.env, 10 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 19 | envFile = !1, 20 | jsonEncode = !1 > 21 | } = options, fullEnv = envFile ? { 22 | ...process.env, 23 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 42 | spawn(process.argv[0], nodeArgs, { 43 | stdio: "inherit", > 44 | env: { 45 | ...process.env, 46 | SANITY_BASE_PATH: workDir
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.5.0
5 findingsSpreading entire process.env into an object — may capture all secrets 11 | envFile = !1, 12 | jsonEncode = !1 > 13 | } = options, fullEnv = envFile ? { 14 | ...process.env, 15 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 6 | envFile = !1, 7 | jsonEncode = !1 > 8 | } = options, fullEnv = envFile ? { 9 | ...process.env, 10 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 19 | envFile = !1, 20 | jsonEncode = !1 > 21 | } = options, fullEnv = envFile ? { 22 | ...process.env, 23 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 42 | spawn(process.argv[0], nodeArgs, { 43 | stdio: "inherit", > 44 | env: { 45 | ...process.env, 46 | SANITY_BASE_PATH: workDir
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.4.0
5 findingsSpreading entire process.env into an object — may capture all secrets 11 | envFile = !1, 12 | jsonEncode = !1 > 13 | } = options, fullEnv = envFile ? { 14 | ...process.env, 15 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 6 | envFile = !1, 7 | jsonEncode = !1 > 8 | } = options, fullEnv = envFile ? { 9 | ...process.env, 10 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 19 | envFile = !1, 20 | jsonEncode = !1 > 21 | } = options, fullEnv = envFile ? { 22 | ...process.env, 23 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 42 | spawn(process.argv[0], nodeArgs, { 43 | stdio: "inherit", > 44 | env: { 45 | ...process.env, 46 | SANITY_BASE_PATH: workDir
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.3.1
5 findingsSpreading entire process.env into an object — may capture all secrets 11 | envFile = !1, 12 | jsonEncode = !1 > 13 | } = options, fullEnv = envFile ? { 14 | ...process.env, 15 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 6 | envFile = !1, 7 | jsonEncode = !1 > 8 | } = options, fullEnv = envFile ? { 9 | ...process.env, 10 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 19 | envFile = !1, 20 | jsonEncode = !1 > 21 | } = options, fullEnv = envFile ? { 22 | ...process.env, 23 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 42 | spawn(process.argv[0], nodeArgs, { 43 | stdio: "inherit", > 44 | env: { 45 | ...process.env, 46 | SANITY_BASE_PATH: workDir
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.3.0
5 findingsSpreading entire process.env into an object — may capture all secrets 11 | envFile = !1, 12 | jsonEncode = !1 > 13 | } = options, fullEnv = envFile ? { 14 | ...process.env, 15 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 6 | envFile = !1, 7 | jsonEncode = !1 > 8 | } = options, fullEnv = envFile ? { 9 | ...process.env, 10 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 19 | envFile = !1, 20 | jsonEncode = !1 > 21 | } = options, fullEnv = envFile ? { 22 | ...process.env, 23 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 42 | spawn(process.argv[0], nodeArgs, { 43 | stdio: "inherit", > 44 | env: { 45 | ...process.env, 46 | SANITY_BASE_PATH: workDir
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.2.0
5 findingsSpreading entire process.env into an object — may capture all secrets 11 | envFile = !1, 12 | jsonEncode = !1 > 13 | } = options, fullEnv = envFile ? { 14 | ...process.env, 15 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 6 | envFile = !1, 7 | jsonEncode = !1 > 8 | } = options, fullEnv = envFile ? { 9 | ...process.env, 10 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 19 | envFile = !1, 20 | jsonEncode = !1 > 21 | } = options, fullEnv = envFile ? { 22 | ...process.env, 23 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 42 | spawn(process.argv[0], nodeArgs, { 43 | stdio: "inherit", > 44 | env: { 45 | ...process.env, 46 | SANITY_BASE_PATH: workDir
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.1.0
5 findingsSpreading entire process.env into an object — may capture all secrets 11 | envFile = !1, 12 | jsonEncode = !1 > 13 | } = options, fullEnv = envFile ? { 14 | ...process.env, 15 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 6 | envFile = !1, 7 | jsonEncode = !1 > 8 | } = options, fullEnv = envFile ? { 9 | ...process.env, 10 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 19 | envFile = !1, 20 | jsonEncode = !1 > 21 | } = options, fullEnv = envFile ? { 22 | ...process.env, 23 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 42 | spawn(process.argv[0], nodeArgs, { 43 | stdio: "inherit", > 44 | env: { 45 | ...process.env, 46 | SANITY_BASE_PATH: workDir
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.0.1
5 findingsSpreading entire process.env into an object — may capture all secrets 11 | envFile = !1, 12 | jsonEncode = !1 > 13 | } = options, fullEnv = envFile ? { 14 | ...process.env, 15 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 6 | envFile = !1, 7 | jsonEncode = !1 > 8 | } = options, fullEnv = envFile ? { 9 | ...process.env, 10 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 19 | envFile = !1, 20 | jsonEncode = !1 > 21 | } = options, fullEnv = envFile ? { 22 | ...process.env, 23 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 42 | spawn(process.argv[0], nodeArgs, { 43 | stdio: "inherit", > 44 | env: { 45 | ...process.env, 46 | SANITY_BASE_PATH: workDir
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.0.0
5 findingsSpreading entire process.env into an object — may capture all secrets 11 | envFile = !1, 12 | jsonEncode = !1 > 13 | } = options, fullEnv = envFile ? { 14 | ...process.env, 15 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 6 | envFile = !1, 7 | jsonEncode = !1 > 8 | } = options, fullEnv = envFile ? { 9 | ...process.env, 10 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 19 | envFile = !1, 20 | jsonEncode = !1 > 21 | } = options, fullEnv = envFile ? { 22 | ...process.env, 23 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 42 | spawn(process.argv[0], nodeArgs, { 43 | stdio: "inherit", > 44 | env: { 45 | ...process.env, 46 | SANITY_BASE_PATH: workDir
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.22.0
5 findingsSpreading entire process.env into an object — may capture all secrets 11 | envFile = !1, 12 | jsonEncode = !1 > 13 | } = options, fullEnv = envFile ? { 14 | ...process.env, 15 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 6 | envFile = !1, 7 | jsonEncode = !1 > 8 | } = options, fullEnv = envFile ? { 9 | ...process.env, 10 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 19 | envFile = !1, 20 | jsonEncode = !1 > 21 | } = options, fullEnv = envFile ? { 22 | ...process.env, 23 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 42 | spawn(process.argv[0], nodeArgs, { 43 | stdio: "inherit", > 44 | env: { 45 | ...process.env, 46 | SANITY_BASE_PATH: workDir
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.21.1
5 findingsSpreading entire process.env into an object — may capture all secrets 11 | envFile = !1, 12 | jsonEncode = !1 > 13 | } = options, fullEnv = envFile ? { 14 | ...process.env, 15 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 6 | envFile = !1, 7 | jsonEncode = !1 > 8 | } = options, fullEnv = envFile ? { 9 | ...process.env, 10 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 19 | envFile = !1, 20 | jsonEncode = !1 > 21 | } = options, fullEnv = envFile ? { 22 | ...process.env, 23 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 42 | spawn(process.argv[0], nodeArgs, { 43 | stdio: "inherit", > 44 | env: { 45 | ...process.env, 46 | SANITY_BASE_PATH: workDir
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.21.0
5 findingsSpreading entire process.env into an object — may capture all secrets 11 | envFile = !1, 12 | jsonEncode = !1 > 13 | } = options, fullEnv = envFile ? { 14 | ...process.env, 15 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 6 | envFile = !1, 7 | jsonEncode = !1 > 8 | } = options, fullEnv = envFile ? { 9 | ...process.env, 10 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 19 | envFile = !1, 20 | jsonEncode = !1 > 21 | } = options, fullEnv = envFile ? { 22 | ...process.env, 23 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 42 | spawn(process.argv[0], nodeArgs, { 43 | stdio: "inherit", > 44 | env: { 45 | ...process.env, 46 | SANITY_BASE_PATH: workDir
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.20.3
5 findingsSpreading entire process.env into an object — may capture all secrets 11 | envFile = !1, 12 | jsonEncode = !1 > 13 | } = options, fullEnv = envFile ? { 14 | ...process.env, 15 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 6 | envFile = !1, 7 | jsonEncode = !1 > 8 | } = options, fullEnv = envFile ? { 9 | ...process.env, 10 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 19 | envFile = !1, 20 | jsonEncode = !1 > 21 | } = options, fullEnv = envFile ? { 22 | ...process.env, 23 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 42 | spawn(process.argv[0], nodeArgs, { 43 | stdio: "inherit", > 44 | env: { 45 | ...process.env, 46 | SANITY_BASE_PATH: workDir
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.20.2
5 findingsSpreading entire process.env into an object — may capture all secrets 11 | envFile = !1, 12 | jsonEncode = !1 > 13 | } = options, fullEnv = envFile ? { 14 | ...process.env, 15 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 6 | envFile = !1, 7 | jsonEncode = !1 > 8 | } = options, fullEnv = envFile ? { 9 | ...process.env, 10 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 19 | envFile = !1, 20 | jsonEncode = !1 > 21 | } = options, fullEnv = envFile ? { 22 | ...process.env, 23 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 42 | spawn(process.argv[0], nodeArgs, { 43 | stdio: "inherit", > 44 | env: { 45 | ...process.env, 46 | SANITY_BASE_PATH: workDir
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.20.1
5 findingsSpreading entire process.env into an object — may capture all secrets 11 | envFile = !1, 12 | jsonEncode = !1 > 13 | } = options, fullEnv = envFile ? { 14 | ...process.env, 15 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 6 | envFile = !1, 7 | jsonEncode = !1 > 8 | } = options, fullEnv = envFile ? { 9 | ...process.env, 10 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 19 | envFile = !1, 20 | jsonEncode = !1 > 21 | } = options, fullEnv = envFile ? { 22 | ...process.env, 23 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 42 | spawn(process.argv[0], nodeArgs, { 43 | stdio: "inherit", > 44 | env: { 45 | ...process.env, 46 | SANITY_BASE_PATH: workDir
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.20.0
5 findingsSpreading entire process.env into an object — may capture all secrets 11 | envFile = !1, 12 | jsonEncode = !1 > 13 | } = options, fullEnv = envFile ? { 14 | ...process.env, 15 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 6 | envFile = !1, 7 | jsonEncode = !1 > 8 | } = options, fullEnv = envFile ? { 9 | ...process.env, 10 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 19 | envFile = !1, 20 | jsonEncode = !1 > 21 | } = options, fullEnv = envFile ? { 22 | ...process.env, 23 | ...loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 41 | spawn(process.argv[0], nodeArgs, { 42 | stdio: "inherit", > 43 | env: { 44 | ...process.env, 45 | SANITY_BASE_PATH: workDir
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.19.0
5 findingsSpreading entire process.env into an object — may capture all secrets 7 | envFile = !1, 8 | jsonEncode = !1 > 9 | } = options, fullEnv = envFile ? { 10 | ...process.env, 11 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 20 | envFile = !1, 21 | jsonEncode = !1 > 22 | } = options, fullEnv = envFile ? { 23 | ...process.env, 24 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 40 | node_child_process.spawn(process.argv[0], nodeArgs, { 41 | stdio: "inherit", > 42 | env: { 43 | ...process.env, 44 | SANITY_BASE_PATH: workDir
Spreading entire process.env into an object — may capture all secrets 11 | envFile = !1, 12 | jsonEncode = !1 > 13 | } = options, fullEnv = envFile ? { 14 | ...process.env, 15 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.18.0
5 findingsSpreading entire process.env into an object — may capture all secrets 7 | envFile = !1, 8 | jsonEncode = !1 > 9 | } = options, fullEnv = envFile ? { 10 | ...process.env, 11 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 20 | envFile = !1, 21 | jsonEncode = !1 > 22 | } = options, fullEnv = envFile ? { 23 | ...process.env, 24 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 40 | node_child_process.spawn(process.argv[0], nodeArgs, { 41 | stdio: "inherit", > 42 | env: { 43 | ...process.env, 44 | SANITY_BASE_PATH: workDir
Spreading entire process.env into an object — may capture all secrets 11 | envFile = !1, 12 | jsonEncode = !1 > 13 | } = options, fullEnv = envFile ? { 14 | ...process.env, 15 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.17.0
5 findingsSpreading entire process.env into an object — may capture all secrets 7 | envFile = !1, 8 | jsonEncode = !1 > 9 | } = options, fullEnv = envFile ? { 10 | ...process.env, 11 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 20 | envFile = !1, 21 | jsonEncode = !1 > 22 | } = options, fullEnv = envFile ? { 23 | ...process.env, 24 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 40 | node_child_process.spawn(process.argv[0], nodeArgs, { 41 | stdio: "inherit", > 42 | env: { 43 | ...process.env, 44 | SANITY_BASE_PATH: workDir
Spreading entire process.env into an object — may capture all secrets 11 | envFile = !1, 12 | jsonEncode = !1 > 13 | } = options, fullEnv = envFile ? { 14 | ...process.env, 15 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.16.0
5 findingsSpreading entire process.env into an object — may capture all secrets 7 | envFile = !1, 8 | jsonEncode = !1 > 9 | } = options, fullEnv = envFile ? { 10 | ...process.env, 11 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 20 | envFile = !1, 21 | jsonEncode = !1 > 22 | } = options, fullEnv = envFile ? { 23 | ...process.env, 24 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 40 | node_child_process.spawn(process.argv[0], nodeArgs, { 41 | stdio: "inherit", > 42 | env: { 43 | ...process.env, 44 | SANITY_BASE_PATH: workDir
Spreading entire process.env into an object — may capture all secrets 11 | envFile = !1, 12 | jsonEncode = !1 > 13 | } = options, fullEnv = envFile ? { 14 | ...process.env, 15 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.15.0
5 findingsSpreading entire process.env into an object — may capture all secrets 7 | envFile = !1, 8 | jsonEncode = !1 > 9 | } = options, fullEnv = envFile ? { 10 | ...process.env, 11 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 20 | envFile = !1, 21 | jsonEncode = !1 > 22 | } = options, fullEnv = envFile ? { 23 | ...process.env, 24 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 40 | node_child_process.spawn(process.argv[0], nodeArgs, { 41 | stdio: "inherit", > 42 | env: { 43 | ...process.env, 44 | SANITY_BASE_PATH: workDir
Spreading entire process.env into an object — may capture all secrets 11 | envFile = !1, 12 | jsonEncode = !1 > 13 | } = options, fullEnv = envFile ? { 14 | ...process.env, 15 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.14.2
5 findingsSpreading entire process.env into an object — may capture all secrets 7 | envFile = !1, 8 | jsonEncode = !1 > 9 | } = options, fullEnv = envFile ? { 10 | ...process.env, 11 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 20 | envFile = !1, 21 | jsonEncode = !1 > 22 | } = options, fullEnv = envFile ? { 23 | ...process.env, 24 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Spreading entire process.env into an object — may capture all secrets 40 | node_child_process.spawn(process.argv[0], nodeArgs, { 41 | stdio: "inherit", > 42 | env: { 43 | ...process.env, 44 | SANITY_BASE_PATH: workDir
Spreading entire process.env into an object — may capture all secrets 11 | envFile = !1, 12 | jsonEncode = !1 > 13 | } = options, fullEnv = envFile ? { 14 | ...process.env, 15 | ...cli.loadEnv(envFile.mode, envFile.envDir || process.cwd(), [envPrefix])
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.