@parcel/fs — Greenflagged

Blazing fast, zero configuration web application bundler

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures gitHead linked

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

devongovett

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
typosquat	typosquat.levenshtein:qs	AI (typosquat): @parcel/fs is a legitimate scoped package in the official Parcel bundler org; Levenshtein match to 'qs' is purely coincidental and not a typosquat.	ai	2026/04/24
typosquat	typosquat.levenshtein:pg	AI (typosquat): @parcel/fs is a legitimate scoped package in the official Parcel bundler org; Levenshtein match to 'pg' is purely coincidental and not a typosquat.	ai	2026/04/24
phantom-deps	phantom-dep:utility-types	AI (phantom-deps): utility-types is a declared runtime dep used in TypeScript type definitions; its absence from direct JS imports is expected for type-only usage.	ai	2026/04/24
semgrep	semgrep:dynamic-require	AI (semgrep): Dynamic require in @parcel/fs is used for loading platform-specific native modules within the Parcel monorepo — a stable, intentional pattern not representing arbitrary code execution risk.	ai	2026/04/24

Versions (showing 69 of 69)

Hide prereleases

Version	Deps	Published
2.16.4	6 / 5	2026-02-02
2.16.3	6 / 5	2025-12-06
2.16.2	6 / 5	2025-12-06
2.16.1	6 / 5	2025-11-05
2.16.0	6 / 5	2025-09-18
2.15.4	6 / 5	2025-06-20
2.15.3	6 / 5	2025-06-20
2.15.2	6 / 5	2025-05-25
2.15.1	6 / 5	2025-05-16
2.15.0	6 / 5	2025-05-12
2.14.4	6 / 5	2025-03-29
2.14.3	6 / 5	2025-03-29
2.14.2	6 / 5	2025-03-23
2.14.1	6 / 5	2025-03-19
2.14.0	6 / 5	2025-03-18
2.13.3	6 / 5	2024-12-16
2.13.2	6 / 5	2024-11-25
2.13.1	6 / 5	2024-11-25
2.13.0	6 / 5	2024-11-12
2.12.0	5 / 4	2024-02-28
2.11.0	5 / 4	2024-01-04
2.10.3	5 / 4	2023-11-15
2.10.2	5 / 4	2023-11-02
2.10.1	5 / 4	2023-10-24
2.10.0	5 / 4	2023-10-11
2.9.3	5 / 4	2023-06-25
2.9.2	5 / 4	2023-06-08
2.9.1	5 / 4	2023-05-27
2.9.0	5 / 4	2023-05-26
2.8.3	5 / 4	2023-01-18
2.8.2	5 / 4	2022-12-14
2.8.1	5 / 4	2022-12-08
2.8.0	5 / 4	2022-11-09
2.7.0	5 / 4	2022-08-03
2.6.2	5 / 4	2022-06-22
2.6.1	5 / 4	2022-06-17
2.6.0	5 / 5	2022-05-25
2.5.0	5 / 5	2022-04-21
2.4.1	5 / 5	2022-03-31
2.4.0	5 / 5	2022-03-22
2.3.2	5 / 5	2022-02-18
2.3.1	5 / 5	2022-02-10
2.3.0	5 / 5	2022-02-09
2.2.1	12 / 0	2022-01-17
2.2.0	12 / 0	2022-01-12
2.1.1	12 / 0	2022-01-06
2.1.0	12 / 0	2022-01-05
2.0.1	12 / 0	2021-11-08
2.0.0	12 / 0	2021-10-13
1.11.0	3 / 0	2018-12-18
2.0.0-canary.1875	6 / 5	2026-02-03
2.0.0-canary.1873	6 / 5	2025-12-07
2.0.0-canary.1866	6 / 5	2025-11-06
2.0.0-canary.1864	6 / 5	2025-10-24
2.0.0-canary.1863	6 / 5	2025-09-19
2.0.0-canary.1861	6 / 5	2025-08-31
2.0.0-canary.1860	6 / 5	2025-06-21
2.0.0-canary.1853	6 / 5	2025-06-08
2.0.0-canary.1850	6 / 5	2025-05-29
2.0.0-canary.1849	6 / 5	2025-05-25
2.0.0-canary.1842	6 / 5	2025-05-21
2.0.0-canary.1837	6 / 5	2025-05-19
2.0.0-canary.1835	6 / 5	2025-05-17
2.0.0-canary.1833	6 / 5	2025-05-16
2.0.0-canary.1832	6 / 5	2025-05-13
2.0.0-canary.1826	6 / 5	2025-05-11
2.0.0-canary.1820	6 / 5	2025-05-11
2.0.0-canary.1819	6 / 5	2025-04-30
2.0.0-canary.1818	6 / 5	2025-04-28