@powerlines/plugin-pulumi
A Powerlines plugin to deploy infrastructure using Pulumi.
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| provenance | publisher-changed | AI (provenance): Publisher changed from stormie-bot to GitHub Actions, consistent with migration to CI/CD-based publishing with SLSA provenance attestation. Package has 399 versions and established organizational identity. | ai | |
| source-diff | obfuscated-file:dist/index.mjs | AI (source-diff): dist/index.mjs is standard bundler-minified output (Rollup/Vite/tsup). Long lines are a build artifact, not obfuscation. Code is semantically readable and consistent with the package's stated purpose. | ai | |
| phantom-deps | phantom-dep:defu | AI (phantom-deps): defu is bundled into dist output; phantom-dep false positive for bundled packages where subpath imports are resolved at build time. | ai | |
| phantom-deps | phantom-dep:powerlines | AI (phantom-deps): powerlines is a peer/config dependency referenced in build config, not directly imported in source. Stable false positive for this bundled package. | ai | |
| phantom-deps | phantom-dep:@stryke/string-format | AI (phantom-deps): @stryke/string-format is bundled into dist output; phantom-dep false positive for bundled packages. | ai | |
| phantom-deps | phantom-dep:@stryke/fs | AI (phantom-deps): Legitimately declared dependency used indirectly; phantom-dep false positive in monorepo/build context. | ai | |
| phantom-deps | phantom-dep:typescript | AI (phantom-deps): Build-time dependency referenced in tsconfig; phantom-dep false positive for build tools. | ai | |
| phantom-deps | phantom-dep:@stryke/path | AI (phantom-deps): Legitimately declared dependency used indirectly; phantom-dep false positive in monorepo/build context. | ai | |
| phantom-deps | phantom-dep:@stryke/helpers | AI (phantom-deps): Legitimately declared dependency used indirectly; phantom-dep false positive in monorepo/build context. | ai | |
| phantom-deps | phantom-dep:@stryke/type-checks | AI (phantom-deps): Legitimately declared dependency used indirectly; phantom-dep false positive in monorepo/build context. | ai |
Versions (showing 100 of 564)
| Version | Deps | Published |
|---|---|---|
| 0.6.126 | 10 / 2 | |
| 0.6.125 | 10 / 2 | |
| 0.6.124 | 10 / 2 | |
| 0.6.123 | 10 / 2 | |
| 0.6.122 | 10 / 2 | |
| 0.6.121 | 10 / 2 | |
| 0.6.120 | 10 / 2 | |
| 0.6.119 | 10 / 2 | |
| 0.6.118 | 10 / 2 | |
| 0.6.117 | 10 / 2 | |
| 0.6.116 | 10 / 2 | |
| 0.6.115 | 10 / 2 | |
| 0.6.114 | 10 / 2 | |
| 0.6.113 | 10 / 2 | |
| 0.6.112 | 10 / 2 | |
| 0.6.111 | 10 / 2 | |
| 0.6.110 | 10 / 2 | |
| 0.6.109 | 10 / 2 | |
| 0.6.106 | 10 / 2 | |
| 0.6.105 | 10 / 2 | |
| 0.6.104 | 10 / 2 | |
| 0.6.103 | 10 / 2 | |
| 0.6.102 | 10 / 2 | |
| 0.6.100 | 10 / 2 | |
| 0.6.99 | 10 / 2 | |
| 0.6.98 | 10 / 2 | |
| 0.6.97 | 10 / 2 | |
| 0.6.96 | 10 / 2 | |
| 0.6.95 | 10 / 2 | |
| 0.6.94 | 10 / 2 | |
| 0.6.93 | 10 / 2 | |
| 0.6.92 | 10 / 2 | |
| 0.6.91 | 10 / 2 | |
| 0.6.90 | 10 / 2 | |
| 0.6.89 | 10 / 2 | |
| 0.6.88 | 10 / 2 | |
| 0.6.87 | 10 / 2 | |
| 0.6.86 | 10 / 2 | |
| 0.6.85 | 10 / 2 | |
| 0.6.84 | 10 / 2 | |
| 0.6.83 | 10 / 2 | |
| 0.6.82 | 10 / 2 | |
| 0.6.81 | 10 / 2 | |
| 0.6.80 | 10 / 2 | |
| 0.6.79 | 10 / 2 | |
| 0.6.78 | 10 / 2 | |
| 0.6.77 | 10 / 2 | |
| 0.6.76 | 10 / 2 | |
| 0.6.75 | 10 / 2 | |
| 0.6.73 | 10 / 2 | |
| 0.6.72 | 10 / 2 | |
| 0.6.71 | 10 / 2 | |
| 0.6.70 | 10 / 2 | |
| 0.6.69 | 10 / 2 | |
| 0.6.68 | 10 / 2 | |
| 0.6.67 | 10 / 2 | |
| 0.6.66 | 10 / 2 | |
| 0.6.65 | 10 / 2 | |
| 0.6.64 | 10 / 2 | |
| 0.6.63 | 10 / 2 | |
| 0.6.62 | 10 / 2 | |
| 0.6.61 | 10 / 2 | |
| 0.6.60 | 10 / 2 | |
| 0.6.59 | 10 / 2 | |
| 0.6.58 | 10 / 2 | |
| 0.6.57 | 10 / 2 | |
| 0.6.56 | 10 / 2 | |
| 0.6.55 | 10 / 2 | |
| 0.6.54 | 10 / 2 | |
| 0.6.53 | 10 / 2 | |
| 0.6.52 | 10 / 2 | |
| 0.6.51 | 10 / 2 | |
| 0.6.50 | 10 / 2 | |
| 0.6.49 | 10 / 2 | |
| 0.6.47 | 10 / 2 | |
| 0.6.46 | 10 / 2 | |
| 0.6.45 | 10 / 2 | |
| 0.6.44 | 10 / 2 | |
| 0.6.43 | 10 / 2 | |
| 0.6.42 | 10 / 2 | |
| 0.6.41 | 10 / 2 | |
| 0.6.40 | 10 / 2 | |
| 0.6.39 | 10 / 2 | |
| 0.6.38 | 10 / 2 | |
| 0.6.37 | 10 / 2 | |
| 0.6.36 | 10 / 2 | |
| 0.6.35 | 10 / 2 | |
| 0.6.34 | 10 / 2 | |
| 0.6.33 | 10 / 2 | |
| 0.6.32 | 10 / 2 | |
| 0.6.31 | 10 / 2 | |
| 0.6.30 | 10 / 2 | |
| 0.6.29 | 10 / 2 | |
| 0.6.28 | 10 / 2 | |
| 0.6.27 | 10 / 2 | |
| 0.6.26 | 10 / 2 | |
| 0.6.25 | 10 / 2 | |
| 0.6.24 | 10 / 2 | |
| 0.6.23 | 10 / 2 | |
| 0.6.22 | 10 / 2 |
v0.6.126
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.125
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.124
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.123
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.122
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.121
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.120
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.119
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.118
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.117
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.116
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.115
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.114
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.113
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.112
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.111
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.110
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.109
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.106
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.105
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.104
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.103
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.102
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.100
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.99
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.98
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.97
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.96
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.95
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.94
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.93
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.92
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.91
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.90
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.60
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.59
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.58
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.57
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.56
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.55
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.54
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.53
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.52
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.51
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.50
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.49
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.47
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.46
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.45
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.44
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.43
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.42
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.41
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.40
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.39
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.38
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.37
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.36
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.35
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.34
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.33
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.32
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.31
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.30
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.29
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.28
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.27
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.26
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.25
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.24
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.23
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.22
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.