@chain-registry/workflows

Chain Registry Workflows

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures gitHead linked

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

pyramationluca608zetazz

Keywords

chain-registryweb3cosmosinterchain

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
dependencies	unvetted-dep:schema-typescript	AI (dependencies): schema-typescript is a companion tooling package in the same ecosystem; consistent with the package's TypeScript code generation workflow.	ai	2026/04/27
dependencies	unvetted-dep:json-schema-patch	AI (dependencies): json-schema-patch is a pinned utility dependency used in chain-registry workflows; no security concerns identified.	ai	2026/04/27
dependencies	unvetted-dep:file-ts	AI (dependencies): file-ts appears to be a companion package in the same ecosystem by the same publisher (pyramation); stable tooling dependency for chain-registry workflows.	ai	2026/04/27
dependencies	unvetted-dep:strfy-js	AI (dependencies): strfy-js is a utility package consistent with the chain-registry build toolchain by the same publisher; no malicious signals.	ai	2026/04/27
phantom-deps	phantom-dep:bignumber.js	AI (phantom-deps): bignumber.js is declared in package.json dependencies; phantom flag reflects config-driven usage pattern typical of this package.	ai	2026/04/26
phantom-deps	phantom-dep:sha.js	AI (phantom-deps): sha.js is declared in package.json dependencies; phantom flag is a static analysis artifact for this workflow/build-tooling package.	ai	2026/04/26
phantom-deps	phantom-dep:file-ts	AI (phantom-deps): file-ts is declared in package.json dependencies; phantom flag reflects config-driven usage pattern typical of this package.	ai	2026/04/26
phantom-deps	phantom-dep:minimatch	AI (phantom-deps): minimatch is declared in package.json dependencies; phantom flag is a static analysis artifact for this workflow/build-tooling package.	ai	2026/04/26
dependencies	unvetted-dep:@chain-registry/interfaces	AI (dependencies): First-party dependency from the same chain-registry monorepo; not a third-party risk.	ai	2026/04/25
provenance	no-provenance	AI (provenance): Established publisher with 4093 approved versions; lack of provenance is consistent across the entire chain-registry ecosystem and is not a meaningful risk signal here.	ai	2026/04/25

Versions (showing 100 of 240)

Version	Deps	Published
1.53.261	13 / 2	2025-12-04
1.53.260	13 / 2	2025-12-03
1.53.259	13 / 2	2025-12-02
1.53.258	13 / 2	2025-11-29
1.53.257	13 / 2	2025-11-27
1.53.256	13 / 2	2025-11-25
1.53.255	13 / 2	2025-11-21
1.53.254	13 / 2	2025-11-20
1.53.253	13 / 2	2025-11-19
1.53.252	13 / 2	2025-11-18
1.53.251	13 / 2	2025-11-16
1.53.250	13 / 2	2025-11-15
1.53.249	13 / 2	2025-11-14
1.53.248	13 / 2	2025-11-13
1.53.247	13 / 2	2025-11-12
1.53.246	13 / 2	2025-11-11
1.53.245	13 / 2	2025-11-08
1.53.244	13 / 2	2025-11-06
1.53.243	13 / 2	2025-11-05
1.53.242	13 / 2	2025-11-04
1.53.241	13 / 2	2025-11-03
1.53.240	13 / 2	2025-11-02
1.53.239	13 / 2	2025-11-01
1.53.238	13 / 2	2025-10-31
1.53.237	13 / 2	2025-10-30
1.53.236	13 / 2	2025-10-29
1.53.235	13 / 2	2025-10-28
1.53.234	13 / 2	2025-10-25
1.53.233	13 / 2	2025-10-24
1.53.232	13 / 2	2025-10-23
1.53.231	13 / 2	2025-10-21
1.53.230	13 / 2	2025-10-19
1.53.229	13 / 2	2025-10-18
1.53.228	13 / 2	2025-10-17
1.53.227	13 / 2	2025-10-16
1.53.226	13 / 2	2025-10-15
1.53.225	13 / 2	2025-10-14
1.53.224	13 / 2	2025-10-11
1.53.223	13 / 2	2025-10-10
1.53.222	13 / 2	2025-10-09
1.53.221	13 / 2	2025-10-07
1.53.220	13 / 2	2025-10-05
1.53.219	13 / 2	2025-10-03
1.53.218	13 / 2	2025-10-02
1.53.217	13 / 2	2025-09-30
1.53.216	13 / 2	2025-09-28
1.53.215	13 / 2	2025-09-27
1.53.214	13 / 2	2025-09-25
1.53.213	13 / 2	2025-09-24
1.53.212	13 / 2	2025-09-23
1.53.211	13 / 2	2025-09-21
1.53.210	13 / 2	2025-09-20
1.53.209	13 / 2	2025-09-19
1.53.208	13 / 2	2025-09-18
1.53.207	13 / 2	2025-09-16
1.53.206	13 / 2	2025-09-14
1.53.205	13 / 2	2025-09-13
1.53.204	13 / 2	2025-09-11
1.53.203	13 / 2	2025-09-10
1.53.202	13 / 2	2025-09-09
1.53.201	13 / 2	2025-09-06
1.53.200	13 / 2	2025-09-05
1.53.199	13 / 2	2025-09-04
1.53.198	13 / 2	2025-09-03
1.53.197	13 / 2	2025-09-01
1.53.196	13 / 2	2025-08-30
1.53.195	13 / 2	2025-08-28
1.53.194	13 / 2	2025-08-27
1.53.193	13 / 2	2025-08-23
1.53.192	13 / 2	2025-08-20
1.53.191	13 / 2	2025-08-19
1.53.190	13 / 2	2025-08-17
1.53.189	13 / 2	2025-08-14
1.53.188	13 / 2	2025-08-12
1.53.187	13 / 2	2025-08-09
1.53.186	13 / 2	2025-08-08
1.53.185	13 / 2	2025-08-07
1.53.184	13 / 2	2025-08-06
1.53.183	13 / 2	2025-08-04
1.53.182	13 / 2	2025-08-02
1.53.181	13 / 2	2025-08-01
1.53.180	13 / 2	2025-07-31
1.53.179	13 / 2	2025-07-30
1.53.178	13 / 2	2025-07-29
1.53.177	13 / 2	2025-07-26
1.53.176	13 / 2	2025-07-24
1.53.175	13 / 2	2025-07-23
1.53.174	13 / 2	2025-07-22
1.53.173	13 / 2	2025-07-19
1.53.172	13 / 2	2025-07-18
1.53.171	13 / 2	2025-07-17
1.53.170	13 / 2	2025-07-16
1.53.169	13 / 2	2025-07-15
1.53.168	13 / 2	2025-07-14
1.53.167	13 / 2	2025-07-12
1.53.166	13 / 2	2025-07-10
1.53.165	13 / 2	2025-07-08
1.53.164	13 / 2	2025-07-05
1.53.163	13 / 2	2025-07-04
1.53.162	13 / 2	2025-07-03

Showing 100 of 240 Next page →