@grackle-ai/common
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| publish-pattern | new-deps-added | AI (publish-pattern): pino is a well-known, established logging library; not a suspicious addition. | ai | |
| source-diff | encoded-string-file:dist/gen/grackle/grackle_knowledge_pb.js | AI (source-diff): Base64 is protoc-gen-es fileDesc() binary descriptor; stable pattern for this protobuf package. | ai | |
| source-diff | encoded-string-file:dist/gen/grackle/grackle_orchestration_pb.js | AI (source-diff): Base64-encoded protobuf file descriptor; standard protoc-gen-es output, not obfuscation. | ai | |
| source-diff | encoded-string-file:dist/gen/grackle/grackle_core_pb.js | AI (source-diff): Base64 is a protoc-gen-es generated protobuf file descriptor; stable pattern for this package. | ai | |
| source-diff | encoded-string-file:dist/gen/grackle/grackle_types_pb.js | AI (source-diff): Base64 is a protoc-gen-es generated protobuf file descriptor; stable pattern for this package. | ai | |
| source-diff | encoded-string-file:dist/gen/grackle/powerline/powerline_pb.js | AI (source-diff): protoc-gen-es generated file; encoded strings are standard proto binary descriptors. | ai | |
| source-diff | obfuscated-file:dist/gen/grackle/grackle_core_pb.js | AI (source-diff): protoc-gen-es generated file; long lines are base64 proto descriptors, not obfuscation. | ai | |
| phantom-deps | phantom-dep:@connectrpc/connect | AI (phantom-deps): @connectrpc/connect is a declared runtime dependency; phantom-dep heuristic false positive for this package. | ai | |
| source-diff | obfuscated-file:dist/gen/grackle/grackle_types_pb.js | AI (source-diff): protoc-gen-es generated file; long lines are base64 proto descriptors, not obfuscation. | ai | |
| source-diff | encoded-string-file:dist/gen/grackle/grackle_pb.js | AI (source-diff): Base64 string is a protobuf file descriptor generated by protoc-gen-es; expected and stable for this package. | ai |
Versions (showing 100 of 277)
| Version | Deps | Published |
|---|---|---|
| 0.82.1 | 3 / 6 | |
| 0.82.0 | 3 / 6 | |
| 0.81.0 | 3 / 6 | |
| 0.80.0 | 3 / 6 | |
| 0.79.1 | 3 / 6 | |
| 0.79.0 | 3 / 6 | |
| 0.78.0 | 3 / 6 | |
| 0.77.0 | 3 / 6 | |
| 0.76.3 | 3 / 6 | |
| 0.76.2 | 3 / 6 | |
| 0.76.1 | 3 / 6 | |
| 0.76.0 | 3 / 6 | |
| 0.75.13 | 3 / 6 | |
| 0.75.12 | 3 / 6 | |
| 0.75.11 | 3 / 6 | |
| 0.75.10 | 3 / 6 | |
| 0.75.9 | 3 / 6 | |
| 0.75.8 | 3 / 6 | |
| 0.75.7 | 3 / 6 | |
| 0.75.6 | 3 / 6 | |
| 0.75.5 | 3 / 6 | |
| 0.75.4 | 3 / 6 | |
| 0.75.3 | 3 / 6 | |
| 0.75.2 | 3 / 6 | |
| 0.75.1 | 3 / 6 | |
| 0.75.0 | 3 / 6 | |
| 0.74.1 | 3 / 6 | |
| 0.74.0 | 3 / 6 | |
| 0.73.1 | 3 / 6 | |
| 0.73.0 | 3 / 6 | |
| 0.72.6 | 3 / 6 | |
| 0.72.5 | 3 / 6 | |
| 0.72.4 | 3 / 6 | |
| 0.72.3 | 3 / 6 | |
| 0.72.2 | 3 / 6 | |
| 0.72.1 | 3 / 6 | |
| 0.72.0 | 3 / 6 | |
| 0.71.3 | 3 / 6 | |
| 0.71.2 | 3 / 6 | |
| 0.71.1 | 3 / 6 | |
| 0.71.0 | 3 / 6 | |
| 0.70.6 | 3 / 6 | |
| 0.70.5 | 3 / 6 | |
| 0.70.4 | 3 / 6 | |
| 0.70.3 | 3 / 6 | |
| 0.70.2 | 3 / 6 | |
| 0.70.1 | 3 / 6 | |
| 0.70.0 | 3 / 6 | |
| 0.69.1 | 3 / 6 | |
| 0.69.0 | 3 / 6 | |
| 0.68.3 | 3 / 6 | |
| 0.68.2 | 3 / 6 | |
| 0.68.1 | 3 / 6 | |
| 0.68.0 | 3 / 6 | |
| 0.67.0 | 3 / 6 | |
| 0.66.0 | 3 / 6 | |
| 0.65.0 | 3 / 6 | |
| 0.64.2 | 3 / 6 | |
| 0.64.1 | 3 / 6 | |
| 0.64.0 | 3 / 6 | |
| 0.63.0 | 3 / 6 | |
| 0.62.2 | 3 / 6 | |
| 0.62.1 | 3 / 6 | |
| 0.62.0 | 3 / 6 | |
| 0.61.3 | 3 / 6 | |
| 0.61.2 | 3 / 6 | |
| 0.61.1 | 3 / 6 | |
| 0.61.0 | 3 / 6 | |
| 0.60.0 | 3 / 6 | |
| 0.59.1 | 3 / 6 | |
| 0.59.0 | 3 / 6 | |
| 0.58.0 | 3 / 6 | |
| 0.57.1 | 3 / 6 | |
| 0.57.0 | 3 / 6 | |
| 0.56.3 | 3 / 6 | |
| 0.56.2 | 3 / 6 | |
| 0.56.1 | 3 / 6 | |
| 0.56.0 | 3 / 6 | |
| 0.55.0 | 3 / 6 | |
| 0.54.1 | 3 / 6 | |
| 0.54.0 | 3 / 6 | |
| 0.53.5 | 3 / 6 | |
| 0.53.4 | 3 / 6 | |
| 0.53.3 | 3 / 6 | |
| 0.53.2 | 3 / 6 | |
| 0.53.1 | 3 / 6 | |
| 0.53.0 | 3 / 6 | |
| 0.52.4 | 3 / 6 | |
| 0.52.3 | 3 / 6 | |
| 0.52.2 | 3 / 6 | |
| 0.52.1 | 3 / 6 | |
| 0.52.0 | 3 / 6 | |
| 0.51.0 | 3 / 6 | |
| 0.50.1 | 3 / 6 | |
| 0.50.0 | 3 / 6 | |
| 0.49.0 | 3 / 6 | |
| 0.48.0 | 3 / 6 | |
| 0.47.1 | 3 / 6 | |
| 0.47.0 | 3 / 6 | |
| 0.46.0 | 3 / 6 |
v0.82.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.82.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.81.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.80.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.79.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.79.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.78.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.77.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.76.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.76.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.76.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.76.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.75.13
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.75.12
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.75.11
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.75.10
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.75.9
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.75.8
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.75.7
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.75.6
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.75.5
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.75.4
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.75.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.75.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.75.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.75.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.74.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.74.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.73.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.73.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.72.6
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.72.5
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.72.4
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.72.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.72.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.72.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.72.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.71.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.71.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.71.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.71.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.70.6
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.70.5
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.70.4
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.70.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.70.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.70.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.70.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.69.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.69.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.68.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.68.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.68.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.68.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.67.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.66.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.65.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.64.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.64.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.64.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.63.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.62.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.62.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.62.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.61.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.61.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.61.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.61.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.60.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.59.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.59.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.58.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.57.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.57.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.56.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.56.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.56.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.56.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.55.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.54.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.54.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.53.5
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.53.4
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.53.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.53.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.53.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.53.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.52.4
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.52.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.52.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.52.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.52.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.51.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.50.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.50.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.49.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.48.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.47.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.47.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.46.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.