@glrs-dev/harness-plugin-opencode
Opinionated OpenCode agent harness — PRIME, plan, build, QA, skills, MCP wiring, hashline editing.
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| phantom-deps | phantom-dep:zod | AI (phantom-deps): Config-only reference; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:pino | AI (phantom-deps): Config-only reference; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:ulid | AI (phantom-deps): Config-only reference; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:yaml | AI (phantom-deps): Config-only reference; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:json5 | AI (phantom-deps): Config-only reference; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:picomatch | AI (phantom-deps): Config-only reference; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:pino-pretty | AI (phantom-deps): Config-only reference; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@counted/sdk | AI (phantom-deps): Config-only reference; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@opentui/core | AI (phantom-deps): Config-only reference; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@opentui/solid | AI (phantom-deps): Config-only reference; stable false positive for this package. | ai |
Versions (showing 12 of 114)
| Version | Deps | Published |
|---|---|---|
| 2.3.0 | 8 / 7 | |
| 2.2.0 | 6 / 7 | |
| 2.1.0 | 6 / 7 | |
| 2.0.1 | 6 / 7 | |
| 2.0.0 | 6 / 7 | |
| 1.2.0 | 6 / 7 | |
| 1.1.0 | 6 / 7 | |
| 1.0.1 | 6 / 7 | |
| 1.0.0 | 6 / 7 | |
| 0.3.1 | 6 / 7 | |
| 0.3.0 | 6 / 7 | |
| 0.2.0 | 6 / 7 |
v2.3.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.2.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.1.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.0.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.0.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.2.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.1.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.0.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.0.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.