@prisma/client-generator-registry No license 16 versions

@prisma/client-generator-registry

npm Repository Homepage

16

Versions

—

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

jkomynonilubavaprismabotaqrlntylerhogarthankur-datta-007jloots

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
provenance	publisher-changed	AI (provenance): Prisma migrated publishing from prismabot to GitHub Actions CI; SLSA attestation confirms official repo origin.	ai	2026/05/04
publish-pattern	dormant-publish	AI (publish-pattern): Dormancy reflects major version cadence (v6→v7), not account takeover; SLSA provenance corroborates legitimacy.	ai	2026/05/04
bogus-package	bogus-package	AI (bogus-package): Internal Prisma tooling package; sparse README and no keywords are expected for this type of package.	ai	2026/04/29

Versions (showing 16 of 16)

Version	Deps	Published
7.8.0	4 / 0	2026-04-22
7.7.0	4 / 0	2026-04-07
7.6.0	4 / 0	2026-03-27
7.5.0	4 / 0	2026-03-11
7.4.2	4 / 1	2026-02-27
7.4.1	4 / 1	2026-02-19
7.4.0	4 / 1	2026-02-11
7.3.0	4 / 1	2026-01-21
7.2.0	4 / 1	2025-12-17
7.1.0	4 / 1	2025-12-03
7.0.1	4 / 1	2025-11-25
7.0.0	4 / 1	2025-11-19
6.19.3	4 / 1	2026-04-01
6.19.2	4 / 1	2026-01-13
6.19.1	4 / 1	2025-12-10
6.19.0	4 / 1	2025-11-05

v7.8.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.7.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.6.0

2 findings

HIGH Publisher changed: prismabot → GitHub Actions (on 2026-03-27) provenance

This version was published by a different npm account than previous versions on 2026-03-27. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.5.0

2 findings

HIGH Publisher changed: prismabot → GitHub Actions (on 2026-03-11) provenance

This version was published by a different npm account than previous versions on 2026-03-11. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.4.2

2 findings

HIGH Publisher changed: prismabot → GitHub Actions (on 2026-02-27) provenance

This version was published by a different npm account than previous versions on 2026-02-27. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.4.1

2 findings

HIGH Publisher changed: prismabot → GitHub Actions (on 2026-02-19) provenance

This version was published by a different npm account than previous versions on 2026-02-19. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.4.0

2 findings

HIGH Publisher changed: prismabot → GitHub Actions (on 2026-02-11) provenance

This version was published by a different npm account than previous versions on 2026-02-11. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.3.0

2 findings

HIGH Publisher changed: prismabot → GitHub Actions (on 2026-01-21) provenance

This version was published by a different npm account than previous versions on 2026-01-21. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.2.0

2 findings

HIGH Publisher changed: prismabot → GitHub Actions (on 2025-12-17) provenance

This version was published by a different npm account than previous versions on 2025-12-17. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.1.0

2 findings

HIGH Publisher changed: prismabot → GitHub Actions (on 2025-12-03) provenance

This version was published by a different npm account than previous versions on 2025-12-03. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.0.1

2 findings

HIGH Publisher changed: prismabot → GitHub Actions (on 2025-11-25) provenance

This version was published by a different npm account than previous versions on 2025-11-25. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.0.0

2 findings

HIGH Publisher changed: prismabot → GitHub Actions (on 2025-11-19) provenance

This version was published by a different npm account than previous versions on 2025-11-19. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.19.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.19.2

2 findings

HIGH Publisher changed: prismabot → GitHub Actions (on 2026-01-13) provenance

This version was published by a different npm account than previous versions on 2026-01-13. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.19.1

2 findings

HIGH Publisher changed: prismabot → GitHub Actions (on 2025-12-10) provenance

This version was published by a different npm account than previous versions on 2025-12-10. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.19.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.