← Home

@prisma/client-generator-ts

npm Repository Homepage

This package is intended for Prisma's internal use

5
Versions
Apache-2.0
License
No
Install Scripts
Verified
Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

jkomynonilubavaprismabotaqrlntylerhogarthankur-datta-007jloots

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
dependencies unvetted-dep:@prisma/engines-version AI (dependencies): First-party Prisma package pinned to a specific commit hash; standard release pattern for this monorepo. ai
phantom-deps phantom-dep:@antfu/ni AI (phantom-deps): Declared runtime dep used in build/config tooling; phantom-dep heuristic false positive for this package. ai
phantom-deps phantom-dep:@prisma/fetch-engine AI (phantom-deps): Same-org sibling dep; phantom-dep heuristic false positive for this Prisma internal package. ai
phantom-deps phantom-dep:@prisma/get-platform AI (phantom-deps): Same-org sibling dep; phantom-dep heuristic false positive for this Prisma internal package. ai
bogus-package bogus-package AI (bogus-package): Intentionally internal package; sparse README and no keywords are expected for Prisma's internal tooling. ai

Versions (showing 5 of 5)

Version Deps Published
7.8.0 18 / 1
7.7.0 18 / 1
7.4.2 18 / 2
6.19.3 18 / 2
6.19.0 18 / 2

v7.8.0

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.7.0

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.4.2

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.19.3

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.19.0

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.