@ghostery/trackerdb CC-BY-NC-SA-4.0 7 versions

@ghostery/trackerdb

npm Repository Homepage

Ghostery Tracker Database

7

Versions

CC-BY-NC-SA-4.0

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

chrmodsmalluban

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
dependencies	unvetted-dep:enolib	AI (dependencies): Small ENO parsing library; no known advisories; stable dependency for this package.	ai	2026/05/12
dependencies	unvetted-dep:iso-3166-1-alpha-2	AI (dependencies): Tiny country-code lookup library; no known advisories; stable dependency for this package.	ai	2026/05/12
phantom-deps	phantom-dep:enolib	AI (phantom-deps): Used in build/export scripts for ENO config parsing; stable false positive for this package.	ai	2026/04/30
phantom-deps	phantom-dep:iso-3166-1-alpha-2	AI (phantom-deps): Country code lookup utility used in build scripts; stable false positive for this package.	ai	2026/04/30
phantom-deps	phantom-dep:tldts-experimental	AI (phantom-deps): TLD resolution used in tracker DB processing; stable false positive for this package.	ai	2026/04/30

Versions (showing 7 of 107)

Version	Deps	Published
1.0.772	4 / 15	2026-04-24
1.0.771	4 / 15	2026-04-24
1.0.770	4 / 15	2026-04-24
1.0.769	4 / 15	2026-04-23
1.0.768	4 / 15	2026-04-23
1.0.767	4 / 15	2026-04-23
1.0.766	4 / 15	2026-04-17

v1.0.772

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.0.771

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.0.770

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.0.769

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.0.768

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.0.767

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.0.766

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.