All @camunda/camunda-api-zod-schemas versions
@camunda/camunda-api-zod-schemas @0.0.65
Zod schemas and TypeScript types for Camunda 8 unified API
Maintainers
Keywords
Dev Dependencies (7)
| Package | Constraint | Registry Status |
|---|---|---|
| zod | ^4.3.6 | auto_approved |
| vite | 8.0.10 | auto_approved |
| typescript | 6.0.3 | auto_approved |
| @types/node | 25.6.0 | auto_approved |
| changelogen | 0.6.2 | No greenflagged match |
| vite-plugin-dts | 4.5.4 | auto_approved |
| vite-plugin-circular-dependency | 0.5.0 | No greenflagged match |
Changes from v0.0.64
No metadata changes detected.
File Changes
Risk Dispositions (1 applicable to this version, 0 other)
Accepted rules are downgraded to INFO on future analyses; rejected rules escalate to CRITICAL.
| Rule | Source | Disposition | Author | Reason | |
|---|---|---|---|---|---|
regressed-provenance |
provenance | reject | AI | AI (provenance): Loss of CI/CD provenance combined with publisher change is a strong compromise indicator for this package. |
SAST Findings (2)
This version was published without provenance, but prior versions were published via CI/CD with attestations. This is a strong signal of a potential account compromise or unauthorized publish. The axios attack (March 2026) exhibited exactly this pattern.
[Accepted risk] This version was published by a different npm account than previous versions on 2026-05-13. This could indicate a legitimate maintainer transition or an account compromise.
Review Summary
Risk score: 25. Findings: 1 high (+25), 2 info (+0).
Commit: 4b891fc307a1 Browse source
Published to npm: