← Home

@ai-sdk/provider-utils

npm Repository Homepage

100
Versions
Apache-2.0
License
No
Install Scripts
Verified
Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

vercel-release-botmatheussmatt.straka

Keywords

ai

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
npm-metadata no-description AI (npm-metadata): Minor metadata gap; package is clearly legitimate with 17M weekly downloads. ai
provenance publisher-changed AI (provenance): Legitimate transition from jaredpalmer (Vercel employee) to vercel-release-bot (Vercel's automated release account). Both are within the Vercel org. ai
provenance missing-githead AI (provenance): Consistent with move to bot-based CI/CD publishing at Vercel; not a security concern for this package. ai
maintainer-change maintainer-added AI (maintainer-change): vercel-release-bot added as part of standard Vercel org transition to automated releases. ai
npm-metadata suspicious-initial-version AI (npm-metadata): Version 0.0.0 is a known monorepo workspace placeholder pattern used by the Vercel AI SDK; not indicative of malicious intent for this package. ai
bogus-package bogus-package AI (bogus-package): 17M weekly downloads and 738-day history confirm this is a legitimate, high-value package despite sparse README/description metadata. ai

Versions (showing 100 of 270)

Hide prereleases
Version Deps Published
1.0.9 4 / 6
1.0.8 4 / 6
1.0.7 4 / 6
1.0.6 4 / 6
1.0.5 4 / 6
1.0.4 4 / 6
1.0.3 4 / 6
1.0.2 4 / 6
1.0.1 4 / 6
1.0.0 4 / 6
0.0.16 4 / 6
0.0.15 4 / 6
0.0.14 4 / 6
0.0.13 4 / 6
0.0.12 4 / 6
0.0.11 4 / 6
0.0.10 4 / 6
0.0.9 4 / 6
0.0.8 4 / 6
0.0.7 4 / 6
0.0.6 4 / 6
0.0.5 4 / 6
0.0.4 4 / 6
0.0.3 4 / 6
0.0.2 4 / 6
0.0.1 4 / 6
0.0.0 4 / 6
5.0.0-beta.9 3 / 6
5.0.0-beta.8 3 / 6
5.0.0-beta.7 3 / 6
5.0.0-beta.6 3 / 6
5.0.0-beta.5 3 / 6
5.0.0-beta.4 3 / 6
5.0.0-beta.3 3 / 6
5.0.0-beta.26 4 / 6
5.0.0-beta.25 4 / 6
5.0.0-beta.24 4 / 6
5.0.0-beta.23 4 / 6
5.0.0-beta.22 4 / 6
5.0.0-beta.21 4 / 6
5.0.0-beta.20 4 / 6
5.0.0-beta.2 3 / 6
5.0.0-beta.19 3 / 6
5.0.0-beta.18 3 / 6
5.0.0-beta.17 3 / 6
5.0.0-beta.16 3 / 6
5.0.0-beta.15 3 / 6
5.0.0-beta.14 3 / 6
5.0.0-beta.12 3 / 6
5.0.0-beta.11 3 / 6
5.0.0-beta.10 3 / 6
5.0.0-beta.1 3 / 6
5.0.0-beta.0 3 / 6
4.0.0-beta.59 3 / 6
4.0.0-beta.58 3 / 6
4.0.0-beta.57 3 / 6
4.0.0-beta.56 3 / 6
4.0.0-beta.55 3 / 6
4.0.0-beta.54 3 / 6
4.0.0-beta.53 3 / 6
4.0.0-beta.52 3 / 6
4.0.0-beta.51 3 / 10
4.0.0-beta.50 3 / 10
4.0.0-beta.49 3 / 10
4.0.0-beta.48 3 / 10
4.0.0-beta.47 3 / 10
4.0.0-beta.46 3 / 10
4.0.0-beta.45 3 / 10
4.0.0-beta.44 3 / 10
4.0.0-beta.43 3 / 10
4.0.0-beta.42 3 / 10
4.0.0-beta.41 3 / 10
4.0.0-beta.40 3 / 10
4.0.0-beta.39 3 / 10
4.0.0-beta.38 3 / 10
4.0.0-beta.37 3 / 10
4.0.0-beta.36 3 / 10
4.0.0-beta.35 3 / 10
4.0.0-beta.34 3 / 10
4.0.0-beta.33 3 / 10
4.0.0-beta.32 3 / 10
4.0.0-beta.31 3 / 10
4.0.0-beta.30 3 / 10
4.0.0-beta.29 3 / 10
4.0.0-beta.28 3 / 10
4.0.0-beta.27 3 / 10
4.0.0-beta.26 3 / 10
4.0.0-beta.25 3 / 10
4.0.0-beta.24 3 / 10
4.0.0-beta.23 3 / 10
4.0.0-beta.22 3 / 10
4.0.0-beta.21 3 / 10
4.0.0-beta.20 3 / 10
4.0.0-beta.19 3 / 10
4.0.0-beta.18 3 / 10
4.0.0-beta.17 3 / 10
4.0.0-beta.16 3 / 10
4.0.0-beta.15 3 / 10
4.0.0-beta.14 3 / 10
4.0.0-beta.13 3 / 9
Showing 100 of 270 Next page →

v5.0.0-beta.9

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v5.0.0-beta.8

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v5.0.0-beta.7

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v5.0.0-beta.6

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v5.0.0-beta.5

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v5.0.0-beta.4

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v5.0.0-beta.3

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v5.0.0-beta.26

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v5.0.0-beta.25

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v5.0.0-beta.24

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v5.0.0-beta.23

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v5.0.0-beta.22

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v5.0.0-beta.21

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v5.0.0-beta.20

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v5.0.0-beta.2

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v5.0.0-beta.19

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v5.0.0-beta.18

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v5.0.0-beta.17

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v5.0.0-beta.16

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v5.0.0-beta.15

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v5.0.0-beta.14

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v5.0.0-beta.12

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v5.0.0-beta.11

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v5.0.0-beta.10

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v5.0.0-beta.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v5.0.0-beta.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v4.0.0-beta.58

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v4.0.0-beta.20

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v4.0.0-beta.16

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.