@opentelemetry/instrumentation-tedious No license 21 versions

@opentelemetry/instrumentation-tedious

npm Repository Homepage

21

Versions

—

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

dyladanpichlermarcoverbalancenpmjs-accounttrentmmartinkuba

Keywords

instrumentationmicrosoftmssqlnodejsopentelemetryprofilingsql servertdstedioustracing

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
provenance	publisher-changed	AI (provenance): Moved from individual maintainer to GitHub Actions CI/CD; expected for opentelemetry-js-contrib.	ai	2026/04/27
publish-pattern	dormant-publish	AI (publish-pattern): Large monorepo with irregular per-package release cadence; dormancy is normal.	ai	2026/04/27
dependencies	unvetted-dep:@types/tedious	AI (dependencies): @types/tedious is a legitimate DefinitelyTyped package providing TypeScript type declarations for the tedious SQL Server client; stable and expected dependency for this instrumentation package.	ai	2026/04/25
phantom-deps	phantom-dep:@types/tedious	AI (phantom-deps): @types/* packages are loaded by TypeScript convention, not via explicit imports; phantom-dep finding is a stable false positive for all @types/* dependencies in this package.	ai	2026/04/25

Versions (showing 21 of 21)

Version	Deps	Published
0.37.0	3 / 5	2026-05-13
0.36.0	3 / 5	2026-05-06
0.35.0	3 / 5	2026-04-29
0.34.0	3 / 5	2026-04-17
0.33.0	3 / 5	2026-03-26
0.32.0	3 / 5	2026-03-04
0.31.0	3 / 5	2026-02-17
0.30.0	3 / 5	2026-01-22
0.29.0	3 / 5	2026-01-15
0.28.0	3 / 5	2025-12-17
0.27.0	2 / 13	2025-11-06
0.26.0	2 / 13	2025-10-21
0.25.0	2 / 13	2025-10-06
0.24.3	2 / 13	2025-09-29
0.24.2	2 / 13	2025-09-29
0.24.0	3 / 13	2025-09-10
0.23.0	3 / 13	2025-09-08
0.22.0	3 / 12	2025-07-09
0.21.1	3 / 12	2025-07-07
0.21.0	3 / 12	2025-06-02
0.20.0	3 / 12	2025-05-15

v0.37.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.36.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.35.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.34.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.33.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.32.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.31.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.30.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.29.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.28.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.27.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.26.0

2 findings

HIGH Publisher changed: dyladan → GitHub Actions (on 2025-10-21) provenance

This version was published by a different npm account than previous versions on 2025-10-21. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.25.0

2 findings

HIGH Publisher changed: dyladan → GitHub Actions (on 2025-10-06) provenance

This version was published by a different npm account than previous versions on 2025-10-06. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.24.3

2 findings

HIGH Publisher changed: dyladan → GitHub Actions (on 2025-09-29) provenance

This version was published by a different npm account than previous versions on 2025-09-29. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.24.2

2 findings

HIGH Publisher changed: dyladan → GitHub Actions (on 2025-09-29) provenance

This version was published by a different npm account than previous versions on 2025-09-29. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.24.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.23.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.22.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.21.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.21.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.20.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v0.2). This is the strongest supply chain integrity signal.