@intlify/devtools-types MIT 23 versions

@intlify/devtools-types

npm Repository Homepage

@intlify/devtools-types

23

Versions

MIT

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

kazuponota-meshi

Keywords

devtoolsi18ninternationalizationintlify

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
provenance	publisher-changed	AI (provenance): Package transitioned to GitHub Actions CI publishing with SLSA provenance attestation from the official intlify/vue-i18n repo. This is a legitimate and security-improving automation change, not a compromise.	ai	2026/04/27
dependencies	unvetted-dep:@intlify/shared	AI (dependencies): Sibling package from the same intlify monorepo; expected internal dependency, not a third-party risk.	ai	2026/04/25
dependencies	unvetted-dep:@intlify/core-base	AI (dependencies): Sibling package from the same intlify monorepo; expected internal dependency, not a third-party risk.	ai	2026/04/25
bogus-package	bogus-package	AI (bogus-package): This is a types-only sub-package in the intlify/vue-i18n monorepo; sparse README and terse description are expected for internal type packages, not spam indicators.	ai	2026/04/25

Versions (showing 23 of 23)

Version	Deps	Published
11.4.4	2 / 0	2026-05-18
11.4.3	2 / 0	2026-05-17
11.4.2	2 / 0	2026-05-07
11.4.1	2 / 0	2026-05-07
11.4.0	2 / 0	2026-04-24
11.3.2	2 / 0	2026-04-08
11.3.1	2 / 0	2026-04-06
11.3.0	2 / 0	2026-03-07
11.2.8	2 / 0	2025-12-31
11.2.7	2 / 0	2025-12-21
11.2.6	2 / 0	2025-12-21
11.2.5	2 / 0	2025-12-21
11.2.2	2 / 0	2025-11-26
11.2.1	2 / 0	2025-11-22
11.1.12	2 / 0	2025-09-05
11.1.11	2 / 0	2025-07-23
11.1.10	2 / 0	2025-07-16
11.1.9	2 / 0	2025-07-03
11.1.8	2 / 0	2025-07-02
11.1.7	2 / 0	2025-06-22
11.1.6	2 / 0	2025-06-17
11.1.5	2 / 0	2025-05-27
11.1.4	2 / 0	2025-05-24

v11.4.4

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v11.4.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v11.4.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v11.4.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v11.4.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v11.3.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v11.3.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v11.3.0

2 findings

HIGH Publisher changed: kazupon → GitHub Actions (on 2026-03-07) provenance

This version was published by a different npm account than previous versions on 2026-03-07. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v11.2.8

2 findings

HIGH Publisher changed: kazupon → GitHub Actions (on 2025-12-31) provenance

This version was published by a different npm account than previous versions on 2025-12-31. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v11.2.7

2 findings

HIGH Publisher changed: kazupon → GitHub Actions (on 2025-12-21) provenance

This version was published by a different npm account than previous versions on 2025-12-21. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v11.2.6

2 findings

HIGH Publisher changed: kazupon → GitHub Actions (on 2025-12-21) provenance

This version was published by a different npm account than previous versions on 2025-12-21. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v11.2.5

2 findings

HIGH Publisher changed: kazupon → GitHub Actions (on 2025-12-21) provenance

This version was published by a different npm account than previous versions on 2025-12-21. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v11.2.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v11.2.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v11.1.12

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v11.1.11

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v11.1.10

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v11.1.9

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v11.1.8

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v11.1.7

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v11.1.6

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v11.1.5

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v11.1.4

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.