@multiformats/multiaddr-to-uri Apache-2.0 OR MIT 19 versions

@multiformats/multiaddr-to-uri

npm Repository Homepage

Convert a Multiaddr to a URI

19

Versions

Apache-2.0 OR MIT

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

daviddiasvmxmikealhugomrdiasalanshawachingbrainvascosantosrvagglidelnpm-service-account-multiformats

Keywords

URLmultiaddrtoString

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
npm-metadata	suspicious-initial-version	AI (npm-metadata): 0.0.0 is a name-reservation stub from a highly trusted publisher (achingbrain) with 1153 approved packages. Not indicative of malicious intent for this package.	ai	2026/04/24
bogus-package	bogus-package	AI (bogus-package): Stub/placeholder release pattern from a well-established publisher. The package has 19 versions and 75k weekly downloads — clearly legitimate.	ai	2026/04/24
semgrep	semgrep:shady-links-raw-ip	AI (semgrep): This package converts multiaddr IP addresses to URI strings; raw IP addresses in JSDoc examples and output strings are core to its documented functionality, not a security concern.	ai	2026/04/21

Versions (showing 19 of 19)

Version	Deps	Published
12.0.0	1 / 1	2025-09-03
11.0.2	1 / 1	2025-06-27
11.0.1	1 / 1	2025-06-27
11.0.0	1 / 1	2024-11-08
10.1.2	1 / 1	2024-10-28
10.1.1	1 / 1	2024-10-26
10.1.0	1 / 1	2024-06-06
10.0.1	1 / 1	2024-02-05
10.0.0	1 / 1	2024-02-05
9.0.8	1 / 1	2024-02-05
9.0.7	1 / 1	2023-05-19
9.0.6	1 / 1	2023-05-19
9.0.5	1 / 1	2023-05-19
9.0.4	1 / 1	2023-03-20
9.0.3	1 / 1	2023-03-17
9.0.2	1 / 1	2022-09-21
9.0.1	1 / 1	2022-01-08
9.0.0	1 / 1	2022-01-06
0.0.0	0 / 0	2022-01-06

v11.0.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v11.0.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v11.0.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v10.1.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v10.1.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v10.1.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v10.0.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v10.0.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v9.0.8

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v9.0.7

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v9.0.6

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v9.0.5

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v9.0.4

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v9.0.3

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v9.0.2

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v9.0.1

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v9.0.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.0.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.