vize
Vize - High-performance Vue.js toolchain in Rust
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:dist/config-MA8nXz11.d.mts | AI (source-diff): Auto-generated TS declaration file from json-schema-to-typescript; long lines are type unions, not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/config-CNf68GLW.d.mts | AI (source-diff): Generated TypeScript declaration file from json-schema-to-typescript; long lines are expected in bundled type defs, not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/config-BPtKWQg0.d.mts | AI (source-diff): Generated TypeScript declaration file from json-schema-to-typescript; long lines are type unions, not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/config-CczvMtD4.d.mts | AI (source-diff): Long-line TypeScript declaration file auto-generated by json-schema-to-typescript; not obfuscated code. | ai | |
| source-diff | obfuscated-file:dist/config-CRvVIvqJ.d.mts | AI (source-diff): Auto-generated TypeScript declaration file from json-schema-to-typescript; long lines are expected in bundled .d.mts output. | ai | |
| source-diff | obfuscated-file:dist/config-tvugwdpH.d.mts | AI (source-diff): Generated TypeScript declaration file from json-schema-to-typescript; long lines are bundled type defs, not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/config-XMCb6V8W.d.mts | AI (source-diff): Auto-generated TypeScript declaration file with long type lines; not obfuscated code. | ai | |
| source-diff | obfuscated-file:dist/config-CTXni-Py.d.mts | AI (source-diff): Long-line TypeScript declaration file (.d.mts); bundled type defs, not obfuscated executable code. | ai | |
| source-diff | obfuscated-file:dist/config-Dt42z0M4.d.mts | AI (source-diff): TypeScript declaration file with long lines from bundled type defs; not executable obfuscated code. | ai | |
| source-diff | obfuscated-file:dist/config-6hDTqBjZ.d.mts | AI (source-diff): Long-line .d.mts is a bundled type declaration file; content is readable TypeScript interfaces, not obfuscated code. | ai | |
| source-diff | obfuscated-file:dist/config-DkggCaE5.d.mts | AI (source-diff): Long-line TypeScript declaration file (.d.mts); bundled type definitions, not obfuscated executable code. | ai | |
| source-diff | obfuscated-file:dist/config-BbNk5gIK.d.mts | AI (source-diff): Bundled .d.mts type declaration file with long lines from concatenated type defs; not obfuscation. | ai | |
| semgrep | semgrep:child-process-execsync | AI (semgrep): execSync('which ldd') is a standard musl-detection pattern for native binary loaders; stable for this package. | ai | |
| semgrep | semgrep:dynamic-require | AI (semgrep): Dynamic require resolves platform-specific native bindings from the declared optional deps list; expected pattern. | ai | |
| semgrep | semgrep:child-process-import | AI (semgrep): child_process used only for musl detection in native binding loader; benign for this package. | ai | |
| typosquat | typosquat.levenshtein:vite | AI (typosquat): vize is a distinct Vue/Rust toolchain project with 71 versions and its own @vizejs/ native package namespace; not a typosquat of vite. | ai |
Versions (showing 37 of 137)
| Version | Deps | Published |
|---|---|---|
| 0.57.0 | 1 / 6 | |
| 0.56.0 | 1 / 6 | |
| 0.52.0 | 1 / 3 | |
| 0.49.0 | 1 / 3 | |
| 0.48.0 | 1 / 3 | |
| 0.47.0 | 1 / 3 | |
| 0.46.0 | 1 / 3 | |
| 0.45.0 | 1 / 3 | |
| 0.44.0 | 1 / 3 | |
| 0.43.0 | 1 / 3 | |
| 0.42.0 | 1 / 3 | |
| 0.41.0 | 1 / 3 | |
| 0.39.0 | 1 / 3 | |
| 0.38.0 | 1 / 3 | |
| 0.37.0 | 1 / 3 | |
| 0.35.0 | 1 / 3 | |
| 0.33.0 | 1 / 3 | |
| 0.29.0 | 1 / 3 | |
| 0.28.0 | 1 / 3 | |
| 0.26.0 | 1 / 3 | |
| 0.24.0 | 1 / 3 | |
| 0.23.0 | 1 / 3 | |
| 0.22.0 | 1 / 3 | |
| 0.21.0 | 1 / 3 | |
| 0.20.0 | 1 / 3 | |
| 0.18.0 | 1 / 3 | |
| 0.16.0 | 1 / 3 | |
| 0.15.0 | 1 / 3 | |
| 0.14.0 | 1 / 3 | |
| 0.13.0 | 1 / 3 | |
| 0.12.0 | 1 / 3 | |
| 0.11.0 | 1 / 3 | |
| 0.10.0 | 1 / 3 | |
| 0.9.0 | 1 / 3 | |
| 0.8.0 | 1 / 3 | |
| 0.2.0 | 1 / 3 | |
| 0.1.0 | 1 / 3 |
v0.57.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.56.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.52.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.49.0
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.48.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.47.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.46.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.45.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.44.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.43.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.42.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.41.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.39.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.38.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.37.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.33.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.29.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.28.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.26.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.24.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.23.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.22.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.21.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.20.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.18.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.16.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.15.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.14.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.13.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.12.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.8.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.