@powerlines/plugin-nitro
A package containing a Powerlines plugin for creating a server application that runs on Nitro.
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| provenance | publisher-changed | AI (provenance): stormie-bot is the established bot publisher for storm-software org with 2775 approved packages; transition from GH Actions is expected. | ai | |
| source-diff | source-size-dropped | AI (source-diff): Build artifact variance; no code replacement detected in prior versions. | ai | |
| phantom-deps | phantom-dep:nitro | AI (phantom-deps): Config-file reference; stable pattern for this plugin package. | ai | |
| dependencies | unvetted-dep:nitro | AI (dependencies): nitro is a legitimate server framework by the UnJS/Nuxt team. The alpha version pin is a stability concern, not a security risk. This package is explicitly a Nitro plugin, so the dependency is expected and intentional. | ai | |
| phantom-deps | phantom-dep:powerlines | AI (phantom-deps): powerlines is the host framework this plugin targets; declared as peer/config dep rather than directly imported. Expected pattern. | ai | |
| phantom-deps | phantom-dep:defu | AI (phantom-deps): Plugin/tooling package pattern — deps declared for consumer use or config files, not direct imports. Stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@stryke/path | AI (phantom-deps): Part of Storm Software's @stryke utility ecosystem; used in config/build context rather than direct imports. Stable false positive. | ai | |
| phantom-deps | phantom-dep:@stryke/fs | AI (phantom-deps): Declared dep used via config files in a plugin/tooling package; indirect usage pattern is expected for this ecosystem. | ai | |
| phantom-deps | phantom-dep:@storm-software/config-tools | AI (phantom-deps): Declared dep used via config files in a plugin/tooling package; indirect usage pattern is expected for this ecosystem. | ai | |
| phantom-deps | phantom-dep:@stryke/convert | AI (phantom-deps): Declared dep used via config files in a plugin/tooling package; indirect usage pattern is expected for this ecosystem. | ai | |
| phantom-deps | phantom-dep:@stryke/cli | AI (phantom-deps): Declared dep used via config files in a plugin/tooling package; indirect usage pattern is expected for this ecosystem. | ai |
Versions (showing 36 of 136)
| Version | Deps | Published |
|---|---|---|
| 0.1.220 | 8 / 2 | |
| 0.1.217 | 8 / 2 | |
| 0.1.215 | 8 / 2 | |
| 0.1.214 | 8 / 2 | |
| 0.1.213 | 8 / 2 | |
| 0.1.212 | 8 / 2 | |
| 0.1.211 | 8 / 2 | |
| 0.1.209 | 8 / 2 | |
| 0.1.208 | 8 / 2 | |
| 0.1.205 | 8 / 2 | |
| 0.1.203 | 8 / 2 | |
| 0.1.200 | 8 / 2 | |
| 0.1.197 | 8 / 2 | |
| 0.1.195 | 8 / 2 | |
| 0.1.193 | 8 / 2 | |
| 0.1.191 | 8 / 2 | |
| 0.1.169 | 8 / 2 | |
| 0.1.166 | 8 / 2 | |
| 0.1.156 | 8 / 2 | |
| 0.1.134 | 8 / 2 | |
| 0.1.123 | 8 / 2 | |
| 0.1.117 | 8 / 2 | |
| 0.1.116 | 8 / 2 | |
| 0.1.115 | 8 / 2 | |
| 0.1.59 | 8 / 2 | |
| 0.1.43 | 8 / 2 | |
| 0.1.35 | 8 / 2 | |
| 0.1.31 | 8 / 2 | |
| 0.1.29 | 8 / 2 | |
| 0.1.27 | 8 / 2 | |
| 0.1.26 | 8 / 2 | |
| 0.1.16 | 8 / 3 | |
| 0.1.13 | 8 / 3 | |
| 0.1.3 | 8 / 3 | |
| 0.1.1 | 8 / 3 | |
| 0.1.0 | 8 / 3 |
v0.1.220
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.217
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.215
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.214
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.213
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.212
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.211
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.209
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.208
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.205
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.203
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.200
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.197
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.195
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.193
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.191
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.169
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.166
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.156
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.134
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.123
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.117
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.116
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.115
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.59
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.43
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.35
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.31
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.29
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.27
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.26
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.16
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.13
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.