@powerlines/plugin-crypto
A Powerlines plugin that provides unique identifier generation capabilities at runtime by adding the `id` builtin module.
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| phantom-deps | phantom-dep:@powerlines/plugin-env | AI (phantom-deps): Used in bundled dist sub-modules; phantom dep detection is a false positive for rolldown-bundled packages in this ecosystem. | ai | |
| phantom-deps | phantom-dep:defu | AI (phantom-deps): Used in bundled dist sub-modules; phantom dep detection is a false positive for rolldown-bundled packages in this ecosystem. | ai | |
| phantom-deps | phantom-dep:powerlines | AI (phantom-deps): Used in bundled dist sub-modules; phantom dep detection is a false positive for rolldown-bundled packages in this ecosystem. | ai | |
| provenance | publisher-changed | AI (provenance): Publisher changed from stormie-bot to GitHub Actions CI/CD — a legitimate automation transition confirmed by SLSA provenance attestation. Stable for this package. | ai | |
| source-diff | obfuscated-file:dist/plugin-env/src/index.cjs | AI (source-diff): Minified rolldown bundle for plugin-env entry point; standard plugin configuration logic. No malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/plugin-env/src/helpers/persistence.cjs | AI (source-diff): Minified rolldown bundle for Cap'n Proto persistence helpers; uses @stryke/capnp and node:fs. No malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/deepkit/schemas/reflection.cjs | AI (source-diff): Minified rolldown bundle for Cap'n Proto schema definitions; standard struct accessor patterns. No malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/deepkit/schemas/reflection2.cjs | AI (source-diff): Minified rolldown bundle; variant of reflection schema with same safe patterns. No malicious content. | ai | |
| source-diff | obfuscated-file:dist/alloy/src/typescript/components/tsdoc.cjs | AI (source-diff): Minified rolldown bundle for TSDoc component; standard build artifact. No malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/alloy/src/typescript/components/typescript-file.cjs | AI (source-diff): Minified rolldown bundle for TypeScript file component; standard build artifact. No malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/plugin-env/src/helpers/reflect.cjs | AI (source-diff): Minified rolldown bundle for reflection helpers; standard TypeScript reflection logic. No malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/deepkit/src/capnp.cjs | AI (source-diff): Minified rolldown bundle output for Cap'n Proto serialization logic; no obfuscation, no malicious patterns. Standard build artifact for this package. | ai | |
| source-diff | obfuscated-file:dist/alloy/src/create-plugin.cjs | AI (source-diff): Minified rolldown bundle; implements plugin creation logic using @alloy-js/core. No malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/plugin-env/src/components/env.cjs | AI (source-diff): Minified rolldown bundle for env component rendering; uses standard JSX/alloy patterns. No malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/index.mjs | AI (source-diff): dist/index.mjs is standard bundled ESM output from a monorepo build pipeline. Long lines are minification artifacts, not obfuscation. Imports are from well-known packages consistent with the package's stated purpose. | ai | |
| phantom-deps | phantom-dep:@stryke/path | AI (phantom-deps): Monorepo package from Storm Software ecosystem; declared for config tooling, not direct import. Consistent pattern across all versions. | ai | |
| phantom-deps | phantom-dep:@storm-software/config-tools | AI (phantom-deps): Monorepo package from Storm Software ecosystem; declared for config tooling, not direct import. Consistent pattern across all versions. | ai |
Versions (showing 78 of 582)
| Version | Deps | Published |
|---|---|---|
| 0.10.30 | 6 / 2 | |
| 0.10.29 | 6 / 2 | |
| 0.10.28 | 6 / 2 | |
| 0.10.27 | 6 / 2 | |
| 0.10.26 | 6 / 2 | |
| 0.10.25 | 6 / 2 | |
| 0.10.24 | 6 / 2 | |
| 0.10.23 | 6 / 2 | |
| 0.10.22 | 6 / 2 | |
| 0.10.21 | 6 / 3 | |
| 0.10.20 | 6 / 3 | |
| 0.10.19 | 6 / 3 | |
| 0.10.18 | 6 / 3 | |
| 0.10.17 | 6 / 3 | |
| 0.10.16 | 6 / 3 | |
| 0.10.15 | 6 / 3 | |
| 0.10.14 | 6 / 3 | |
| 0.10.13 | 6 / 3 | |
| 0.10.12 | 6 / 3 | |
| 0.10.11 | 6 / 3 | |
| 0.10.10 | 6 / 3 | |
| 0.10.9 | 6 / 3 | |
| 0.10.8 | 6 / 3 | |
| 0.10.7 | 6 / 3 | |
| 0.10.6 | 6 / 3 | |
| 0.10.5 | 6 / 3 | |
| 0.10.4 | 6 / 3 | |
| 0.10.3 | 6 / 3 | |
| 0.10.2 | 6 / 3 | |
| 0.10.1 | 6 / 3 | |
| 0.10.0 | 6 / 3 | |
| 0.9.33 | 5 / 3 | |
| 0.9.32 | 5 / 3 | |
| 0.9.31 | 5 / 3 | |
| 0.9.30 | 5 / 3 | |
| 0.9.29 | 5 / 3 | |
| 0.9.28 | 5 / 3 | |
| 0.9.25 | 5 / 3 | |
| 0.9.24 | 5 / 3 | |
| 0.9.23 | 5 / 3 | |
| 0.9.22 | 5 / 3 | |
| 0.9.21 | 5 / 3 | |
| 0.9.20 | 5 / 3 | |
| 0.9.19 | 5 / 3 | |
| 0.9.18 | 5 / 3 | |
| 0.9.17 | 5 / 3 | |
| 0.9.16 | 5 / 3 | |
| 0.9.15 | 5 / 3 | |
| 0.9.14 | 5 / 3 | |
| 0.9.13 | 5 / 3 | |
| 0.9.12 | 5 / 3 | |
| 0.9.11 | 5 / 3 | |
| 0.9.10 | 5 / 3 | |
| 0.9.9 | 5 / 3 | |
| 0.9.8 | 5 / 3 | |
| 0.9.7 | 5 / 3 | |
| 0.9.6 | 5 / 3 | |
| 0.9.5 | 5 / 3 | |
| 0.9.4 | 5 / 3 | |
| 0.9.3 | 5 / 3 | |
| 0.9.2 | 5 / 3 | |
| 0.9.1 | 5 / 3 | |
| 0.9.0 | 5 / 3 | |
| 0.8.3 | 5 / 3 | |
| 0.8.2 | 5 / 3 | |
| 0.8.1 | 5 / 3 | |
| 0.8.0 | 5 / 3 | |
| 0.7.0 | 5 / 3 | |
| 0.6.1 | 5 / 3 | |
| 0.6.0 | 5 / 3 | |
| 0.5.2 | 5 / 3 | |
| 0.5.1 | 5 / 3 | |
| 0.5.0 | 5 / 3 | |
| 0.4.0 | 5 / 3 | |
| 0.3.1 | 5 / 3 | |
| 0.3.0 | 5 / 3 | |
| 0.2.0 | 5 / 3 | |
| 0.1.0 | 5 / 3 |
v0.10.21
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.20
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.19
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.18
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.17
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.16
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.15
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.14
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.13
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.12
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.10
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.9
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.8
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.7
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.6
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.5
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.33
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.32
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.30
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.29
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.28
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.25
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.24
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.23
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.22
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.21
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.20
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.19
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.18
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.17
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.16
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.15
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.14
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.13
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.12
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.11
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.8.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.8.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.8.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.8.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.4.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.