@appium/support No license 7 versions

@appium/support

npm Repository Homepage

7

Versions

—

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

jlippsnick.mokhnachkazucocoa

Keywords

automationjavascriptseleniumwebdriveriosandroidfirefoxostesting

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
semgrep	semgrep:base64-decode	AI (semgrep): Base64 decoding is used to convert image data for the sharp image processing library — standard mobile automation screenshot handling, not a malicious payload.	ai	2026/04/25
semgrep	semgrep:dynamic-require	AI (semgrep): Dynamic require is Appium's documented plugin/package loading mechanism with proper error handling; intentional infrastructure, not arbitrary code execution.	ai	2026/04/25
phantom-deps	phantom-dep:@appium/tsconfig	AI (phantom-deps): @appium/tsconfig is a TypeScript config package from the same org; it is not imported in source code by design — this is a stable false positive for tsconfig packages.	ai	2026/04/25

Versions (showing 7 of 7)

Version	Deps	Published
7.2.3	33 / 0	2026-05-31
7.2.2	33 / 0	2026-05-07
7.2.1	33 / 0	2026-05-06
7.2.0	33 / 0	2026-05-06
7.1.1	34 / 0	2026-04-23
7.1.0	34 / 0	2026-04-09
7.0.6	34 / 0	2026-03-08

v7.2.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.2.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.2.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.2.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.1.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.1.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.0.6

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.