@0no-co/graphqlsp No license 7 versions

@0no-co/graphqlsp

npm Repository Homepage

7

Versions

—

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

philpljdecroock

Keywords

GraphQLTypeScriptLSPTyped-document-node

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
dependencies	unvetted-dep:@gql.tada/internal	AI (dependencies): @gql.tada/internal is a sibling package from the same 0no-co org; its use here is expected and intentional as part of the GraphQLSP/gql.tada ecosystem.	ai	2026/04/26

Versions (showing 7 of 7)

Version	Deps	Published
1.15.4	2 / 6	2026-04-16
1.15.3	2 / 6	2026-04-01
1.15.2	2 / 6	2025-12-10
1.15.1	2 / 6	2025-11-11
1.15.0	2 / 6	2025-07-31
1.14.0	2 / 6	2025-07-08
1.13.0	2 / 6	2025-06-29

v1.15.4

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.15.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.15.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.14.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.13.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.