@cloudflare/unenv-preset No license 34 versions

@cloudflare/unenv-preset

npm Repository Homepage

34

Versions

—

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

rexscariadcruz_cfjculveysejokercf-radarcf-ci-writesegments-writethibmeuxortivecf-ci2lvalentaworengathird774jasnellterinjokescelsojsteinbergergregbrimbleasapzacyg4brymwrangler-publishercf-media-managerdash_service_accountlerwincfcf-npm-publishsimonabadoiucms1919mgirouard-cfmusa-cfvaishakpdineshichernetsky-cfjseba_cfgabivlj-cfganders-cloudflarensharma-cfmikenomitchtlefebvre_cfnafeezcfeduardo-vargasthreepointonextuc

Keywords

Node.jscloudflarecloudflare workerspolyfillsunenvworkers

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
provenance	publisher-changed	AI (provenance): CI migration from wrangler-publisher to GitHub Actions; SLSA provenance confirms legitimate build.	ai	2026/05/09
provenance	no-provenance	AI (provenance): Large Cloudflare org package; provenance not historically enabled for this package.	ai	2026/05/09

Versions (showing 34 of 34)

Version	Deps	Published
2.16.1	0 / 3	2026-04-24
2.16.0	0 / 3	2026-03-20
2.15.0	0 / 3	2026-03-05
2.14.0	0 / 3	2026-02-19
2.13.0	0 / 3	2026-02-17
2.12.1	0 / 3	2026-02-10
2.12.0	0 / 3	2026-01-29
2.11.0	0 / 3	2026-01-22
2.10.0	0 / 3	2026-01-15
2.9.0	0 / 3	2026-01-13
2.8.0	0 / 3	2026-01-07
2.7.13	0 / 3	2025-12-04
2.7.12	0 / 3	2025-12-02
2.7.11	0 / 3	2025-11-20
2.7.10	0 / 3	2025-11-11
2.7.9	0 / 3	2025-11-04
2.7.8	0 / 3	2025-10-21
2.7.7	0 / 3	2025-10-07
2.7.6	0 / 3	2025-10-03
2.7.5	0 / 3	2025-09-30
2.7.4	0 / 3	2025-09-18
2.7.3	0 / 3	2025-09-09
2.7.2	0 / 3	2025-09-04
2.7.1	0 / 3	2025-09-02
2.7.0	0 / 3	2025-08-28
2.6.3	0 / 3	2025-08-26
2.6.2	0 / 3	2025-08-18
2.6.1	0 / 5	2025-08-12
2.6.0	0 / 5	2025-08-05
2.5.0	0 / 5	2025-07-29
2.4.1	0 / 5	2025-07-24
2.4.0	0 / 8	2025-07-22
2.3.3	0 / 6	2025-06-11
2.3.2	0 / 6	2025-05-15

v2.16.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.16.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.15.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.14.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.13.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.12.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.12.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.11.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.10.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.9.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.8.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.7.13

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.7.12

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.7.11

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.7.10

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.7.9

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.7.8

2 findings

HIGH Publisher changed: wrangler-publisher → GitHub Actions (on 2025-10-21) provenance

This version was published by a different npm account than previous versions on 2025-10-21. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.7.7

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.7.6

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.7.5

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.7.4

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.7.3

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.7.2

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.7.1

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.7.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.6.3

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.6.2

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.6.1

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.6.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.5.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.4.1

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.4.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.3.3

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.3.2

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.