@powerlines/plugin-biome
A package containing a Powerlines plugin for running Biome linting on the codebase.
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:dist/index.mjs | AI (source-diff): dist/index.mjs is standard bundler (tsup) minified output — fully readable logic, no malicious patterns. False positive for this package's build pipeline. | ai | |
| source-diff | obfuscated-file:dist/index.cjs | AI (source-diff): dist/index.cjs is standard tsup-minified output for this plugin package; code is fully readable and benign. Not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/index.js | AI (source-diff): dist/index.js is standard tsup-minified output for this plugin package; code is fully readable and benign. Not obfuscation. | ai | |
| provenance | publisher-changed | AI (provenance): Publisher changed from stormie-bot to GitHub Actions, consistent with org migration to automated CI/CD. SLSA provenance attestation confirms controlled publish pipeline for Storm Software. | ai | |
| phantom-deps | phantom-dep:@stryke/path | AI (phantom-deps): @stryke/path is a legitimate dependency used by the plugin; declared in package.json. | ai | |
| phantom-deps | phantom-dep:@stryke/convert | AI (phantom-deps): @stryke/convert is a legitimate dependency used by the plugin; declared in package.json. | ai | |
| phantom-deps | phantom-dep:defu | AI (phantom-deps): defu is a legitimate dependency used in the plugin's runtime; declared and properly managed. | ai | |
| phantom-deps | phantom-dep:@storm-software/config-tools | AI (phantom-deps): @storm-software/config-tools is a legitimate dependency used by the plugin; declared in package.json. | ai | |
| phantom-deps | phantom-dep:@stryke/fs | AI (phantom-deps): @stryke/fs is a legitimate dependency used by the plugin; declared in package.json. | ai | |
| phantom-deps | phantom-dep:powerlines | AI (phantom-deps): powerlines is the core framework this plugin extends; legitimate dependency. | ai | |
| phantom-deps | phantom-dep:@stryke/cli | AI (phantom-deps): @stryke/cli is a legitimate dependency used by the plugin; declared in package.json. | ai |
Versions (showing 100 of 448)
| Version | Deps | Published |
|---|---|---|
| 0.2.489 | 7 / 2 | |
| 0.2.488 | 7 / 2 | |
| 0.2.487 | 7 / 2 | |
| 0.2.486 | 7 / 2 | |
| 0.2.485 | 7 / 2 | |
| 0.2.484 | 7 / 2 | |
| 0.2.483 | 7 / 2 | |
| 0.2.482 | 7 / 2 | |
| 0.2.481 | 7 / 2 | |
| 0.2.480 | 7 / 2 | |
| 0.2.479 | 7 / 2 | |
| 0.2.478 | 7 / 2 | |
| 0.2.477 | 7 / 2 | |
| 0.2.476 | 7 / 2 | |
| 0.2.475 | 7 / 2 | |
| 0.2.474 | 7 / 2 | |
| 0.2.471 | 7 / 2 | |
| 0.2.470 | 7 / 2 | |
| 0.2.469 | 7 / 2 | |
| 0.2.468 | 7 / 2 | |
| 0.2.467 | 7 / 2 | |
| 0.2.465 | 7 / 2 | |
| 0.2.464 | 7 / 2 | |
| 0.2.463 | 7 / 2 | |
| 0.2.462 | 7 / 2 | |
| 0.2.461 | 7 / 2 | |
| 0.2.460 | 7 / 2 | |
| 0.2.459 | 7 / 2 | |
| 0.2.458 | 7 / 2 | |
| 0.2.457 | 7 / 2 | |
| 0.2.456 | 7 / 2 | |
| 0.2.455 | 7 / 2 | |
| 0.2.454 | 7 / 2 | |
| 0.2.453 | 7 / 2 | |
| 0.2.452 | 7 / 2 | |
| 0.2.451 | 7 / 2 | |
| 0.2.450 | 7 / 2 | |
| 0.2.449 | 7 / 2 | |
| 0.2.448 | 7 / 2 | |
| 0.2.447 | 7 / 2 | |
| 0.2.446 | 7 / 2 | |
| 0.2.445 | 7 / 2 | |
| 0.2.444 | 7 / 2 | |
| 0.2.443 | 7 / 2 | |
| 0.2.442 | 7 / 2 | |
| 0.2.441 | 7 / 2 | |
| 0.2.440 | 7 / 2 | |
| 0.2.438 | 7 / 2 | |
| 0.2.437 | 7 / 2 | |
| 0.2.436 | 7 / 2 | |
| 0.2.435 | 7 / 2 | |
| 0.2.434 | 7 / 2 | |
| 0.2.433 | 7 / 2 | |
| 0.2.432 | 7 / 2 | |
| 0.2.431 | 7 / 2 | |
| 0.2.430 | 7 / 2 | |
| 0.2.429 | 7 / 2 | |
| 0.2.428 | 7 / 2 | |
| 0.2.427 | 7 / 2 | |
| 0.2.426 | 7 / 2 | |
| 0.2.425 | 7 / 2 | |
| 0.2.424 | 7 / 2 | |
| 0.2.423 | 7 / 2 | |
| 0.2.422 | 7 / 2 | |
| 0.2.421 | 7 / 2 | |
| 0.2.420 | 7 / 2 | |
| 0.2.419 | 7 / 2 | |
| 0.2.418 | 7 / 2 | |
| 0.2.417 | 7 / 2 | |
| 0.2.416 | 7 / 2 | |
| 0.2.415 | 7 / 2 | |
| 0.2.414 | 7 / 2 | |
| 0.2.412 | 7 / 2 | |
| 0.2.411 | 7 / 2 | |
| 0.2.410 | 7 / 2 | |
| 0.2.409 | 7 / 2 | |
| 0.2.408 | 7 / 2 | |
| 0.2.407 | 7 / 2 | |
| 0.2.406 | 7 / 2 | |
| 0.2.405 | 7 / 2 | |
| 0.2.404 | 7 / 2 | |
| 0.2.403 | 7 / 2 | |
| 0.2.402 | 7 / 2 | |
| 0.2.401 | 7 / 2 | |
| 0.2.400 | 7 / 2 | |
| 0.2.399 | 7 / 2 | |
| 0.2.398 | 7 / 2 | |
| 0.2.397 | 7 / 2 | |
| 0.2.396 | 7 / 2 | |
| 0.2.395 | 7 / 2 | |
| 0.2.394 | 7 / 2 | |
| 0.2.393 | 7 / 2 | |
| 0.2.392 | 7 / 2 | |
| 0.2.391 | 7 / 2 | |
| 0.2.390 | 7 / 2 | |
| 0.2.389 | 7 / 2 | |
| 0.2.388 | 7 / 2 | |
| 0.2.387 | 7 / 2 | |
| 0.2.386 | 7 / 2 | |
| 0.2.385 | 7 / 2 |
v0.2.489
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.488
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.487
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.486
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.485
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.484
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.483
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.482
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.481
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.480
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.479
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.478
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.477
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.476
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.475
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.474
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.471
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.470
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.469
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.468
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.467
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.465
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.464
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.463
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.462
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.461
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.460
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.459
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.458
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.457
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.456
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.455
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.