@lightdash/warehouses
Warehouse connectors for Lightdash
Supply chain provenance
Status for the latest visible version.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| provenance | publisher-changed | AI (provenance): Transition to GitHub Actions CI publishing; SLSA provenance attestation confirms integrity. Stable pattern for this package. | ai | |
| dependencies | unvetted-dep:@duckdb/node-api | AI (dependencies): @duckdb/node-api is the official DuckDB Node.js API; legitimate dependency for a warehouse connector package. | ai | |
| bogus-package | bogus-package | AI (bogus-package): Internal monorepo package; sparse README and no keywords are expected for workspace sub-packages. | ai | |
| phantom-deps | phantom-dep:lodash | AI (phantom-deps): lodash is a declared runtime dependency; phantom-dep heuristic is a false positive here. | ai |
Versions (showing 100 of 1730)
| Version | Deps | Published |
|---|---|---|
| 0.2090.0 | 10 / 4 | |
| 0.2089.7 | 10 / 4 | |
| 0.2089.6 | 10 / 4 | |
| 0.2089.5 | 10 / 4 | |
| 0.2089.4 | 10 / 4 | |
| 0.2089.3 | 10 / 4 | |
| 0.2089.2 | 10 / 4 | |
| 0.2089.1 | 10 / 4 | |
| 0.2089.0 | 10 / 4 | |
| 0.2088.0 | 10 / 4 | |
| 0.2087.0 | 10 / 4 | |
| 0.2086.4 | 10 / 4 | |
| 0.2086.3 | 10 / 4 | |
| 0.2086.2 | 10 / 4 | |
| 0.2086.1 | 10 / 4 | |
| 0.2086.0 | 10 / 4 | |
| 0.2085.0 | 10 / 4 | |
| 0.2084.0 | 10 / 4 | |
| 0.2083.0 | 10 / 4 | |
| 0.2082.0 | 10 / 4 | |
| 0.2081.0 | 10 / 4 | |
| 0.2080.2 | 10 / 4 | |
| 0.2080.1 | 10 / 4 | |
| 0.2080.0 | 10 / 4 | |
| 0.2079.0 | 10 / 4 | |
| 0.2078.1 | 10 / 4 | |
| 0.2078.0 | 10 / 4 | |
| 0.2077.5 | 10 / 4 | |
| 0.2077.4 | 10 / 4 | |
| 0.2077.3 | 10 / 4 | |
| 0.2077.2 | 10 / 4 | |
| 0.2077.1 | 10 / 4 | |
| 0.2077.0 | 10 / 4 | |
| 0.2076.0 | 10 / 4 | |
| 0.2075.4 | 10 / 4 | |
| 0.2075.3 | 10 / 4 | |
| 0.2075.2 | 10 / 4 | |
| 0.2075.1 | 10 / 4 | |
| 0.2075.0 | 10 / 4 | |
| 0.2074.0 | 10 / 4 | |
| 0.2073.0 | 10 / 4 | |
| 0.2072.1 | 10 / 4 | |
| 0.2072.0 | 10 / 4 | |
| 0.2071.4 | 10 / 4 | |
| 0.2071.3 | 10 / 4 | |
| 0.2071.2 | 10 / 4 | |
| 0.2071.1 | 10 / 4 | |
| 0.2071.0 | 10 / 4 | |
| 0.2070.2 | 10 / 4 | |
| 0.2070.1 | 10 / 4 | |
| 0.2070.0 | 10 / 4 | |
| 0.2069.5 | 10 / 4 | |
| 0.2069.4 | 10 / 4 | |
| 0.2069.3 | 10 / 4 | |
| 0.2069.2 | 10 / 4 | |
| 0.2069.1 | 10 / 4 | |
| 0.2069.0 | 10 / 4 | |
| 0.2068.1 | 10 / 4 | |
| 0.2068.0 | 10 / 4 | |
| 0.2067.2 | 10 / 4 | |
| 0.2067.1 | 10 / 4 | |
| 0.2067.0 | 10 / 4 | |
| 0.2066.1 | 10 / 4 | |
| 0.2066.0 | 10 / 4 | |
| 0.2065.2 | 10 / 4 | |
| 0.2065.1 | 10 / 4 | |
| 0.2065.0 | 10 / 4 | |
| 0.2064.1 | 10 / 4 | |
| 0.2064.0 | 10 / 4 | |
| 0.2063.2 | 10 / 4 | |
| 0.2063.1 | 10 / 4 | |
| 0.2063.0 | 10 / 4 | |
| 0.2062.0 | 10 / 4 | |
| 0.2061.4 | 10 / 4 | |
| 0.2061.3 | 10 / 4 | |
| 0.2061.2 | 10 / 4 | |
| 0.2061.1 | 10 / 4 | |
| 0.2061.0 | 10 / 4 | |
| 0.2060.0 | 10 / 4 | |
| 0.2059.0 | 10 / 4 | |
| 0.2058.0 | 10 / 4 | |
| 0.2057.3 | 10 / 4 | |
| 0.2057.2 | 10 / 4 | |
| 0.2057.1 | 10 / 4 | |
| 0.2057.0 | 10 / 4 | |
| 0.2056.2 | 10 / 4 | |
| 0.2056.1 | 10 / 4 | |
| 0.2056.0 | 10 / 4 | |
| 0.2055.0 | 10 / 4 | |
| 0.2054.0 | 10 / 4 | |
| 0.2053.2 | 10 / 4 | |
| 0.2053.1 | 10 / 4 | |
| 0.2053.0 | 10 / 4 | |
| 0.2052.0 | 10 / 4 | |
| 0.2051.0 | 10 / 4 | |
| 0.2050.2 | 10 / 4 | |
| 0.2050.1 | 10 / 4 | |
| 0.2050.0 | 10 / 4 | |
| 0.2049.0 | 10 / 4 | |
| 0.2048.0 | 10 / 4 |
v0.2090.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2089.7
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2089.6
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2089.5
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2089.4
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2089.3
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2089.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2089.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2089.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2088.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2087.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2086.4
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2086.3
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2086.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2086.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2086.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2085.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2084.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2083.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2082.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2081.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2080.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2080.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2080.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2079.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2078.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2078.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2077.5
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2077.4
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2077.3
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2077.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2077.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2077.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2076.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2075.4
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2075.3
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2075.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2075.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2075.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2074.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2073.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2072.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2072.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2071.4
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2071.3
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2071.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2071.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2071.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2070.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2070.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2070.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2069.5
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2069.4
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2069.3
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2069.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2069.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2069.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2068.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2068.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2067.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2067.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2067.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2066.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2066.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2065.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2065.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2065.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2064.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2064.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2063.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2063.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2063.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2062.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2061.4
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2061.3
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2061.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2061.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2061.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2060.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2059.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2058.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2057.3
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2057.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2057.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2057.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2056.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2056.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2056.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2055.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2054.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2053.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2053.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2053.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2052.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2051.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2050.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2050.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2050.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2049.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2048.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.