@scalar/api-client
the open source API testing client
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| phantom-deps | phantom-dep:yaml | AI (phantom-deps): Used in config/type files; stable FP for this package. | ai | |
| phantom-deps | phantom-dep:@scalar/themes | AI (phantom-deps): Same-org package; likely re-exported or used via convention, stable FP. | ai | |
| phantom-deps | phantom-dep:zod | AI (phantom-deps): Used in type/config files; stable FP for this package. | ai | |
| phantom-deps | phantom-dep:@scalar/json-magic | AI (phantom-deps): Same-org package; stable FP for this package. | ai | |
| phantom-deps | phantom-dep:type-fest | AI (phantom-deps): type-fest is a type-only utility; phantom-dep false positive for this package. | ai | |
| dependencies | unvetted-dep:@scalar/analytics-client | AI (dependencies): Internal @scalar monorepo sibling package; expected dependency pattern. | ai | |
| dependencies | unvetted-dep:@scalar/use-codemirror | AI (dependencies): First-party @scalar monorepo sibling; stable pattern across versions. | ai | |
| dependencies | unvetted-dep:@scalar/use-toasts | AI (dependencies): First-party @scalar monorepo sibling; stable pattern across versions. | ai | |
| dependencies | unvetted-dep:@scalar/icons | AI (dependencies): First-party @scalar monorepo sibling; stable pattern across versions. | ai | |
| dependencies | unvetted-dep:@scalar/themes | AI (dependencies): First-party @scalar monorepo sibling; stable pattern across versions. | ai | |
| dependencies | unvetted-dep:@scalar/typebox | AI (dependencies): First-party @scalar monorepo sibling; stable pattern across versions. | ai | |
| dependencies | unvetted-dep:@scalar/use-hooks | AI (dependencies): First-party @scalar monorepo sibling; stable pattern across versions. | ai | |
| dependencies | unvetted-dep:@scalar/validation | AI (dependencies): First-party @scalar monorepo sibling; stable pattern across versions. | ai | |
| phantom-deps | phantom-dep:focus-trap | AI (phantom-deps): focus-trap is a runtime dep used via headlessui/vue; phantom-dep heuristic false positive for this package. | ai | |
| phantom-deps | phantom-dep:vite-plugin-monaco-editor | AI (phantom-deps): Vite plugin loaded via vite config, not direct import; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@headlessui/tailwindcss | AI (phantom-deps): Tailwind plugin loaded via config, not direct import; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@types/har-format | AI (phantom-deps): Type-only package; not directly imported at runtime by convention. | ai |
Versions (showing 49 of 49)
| Version | Deps | Published |
|---|---|---|
| 3.8.5 | 32 / 11 | |
| 3.8.4 | 32 / 11 | |
| 3.8.3 | 32 / 11 | |
| 3.8.1 | 32 / 11 | |
| 3.6.1 | 38 / 15 | |
| 3.6.0 | 38 / 15 | |
| 3.5.1 | 38 / 13 | |
| 3.5.0 | 38 / 13 | |
| 3.4.0 | 38 / 13 | |
| 3.3.1 | 38 / 13 | |
| 3.3.0 | 38 / 13 | |
| 3.2.2 | 37 / 13 | |
| 3.2.1 | 37 / 13 | |
| 3.2.0 | 37 / 13 | |
| 3.1.0 | 37 / 13 | |
| 3.0.0 | 38 / 12 | |
| 2.43.0 | 44 / 14 | |
| 2.42.0 | 42 / 14 | |
| 2.41.0 | 42 / 14 | |
| 2.40.0 | 42 / 14 | |
| 2.39.4 | 43 / 14 | |
| 2.39.3 | 43 / 14 | |
| 2.36.1 | 42 / 15 | |
| 2.33.0 | 42 / 15 | |
| 2.31.3 | 40 / 15 | |
| 2.31.2 | 40 / 15 | |
| 2.31.0 | 40 / 15 | |
| 2.29.1 | 40 / 15 | |
| 2.27.1 | 40 / 15 | |
| 2.25.0 | 39 / 14 | |
| 2.23.0 | 39 / 14 | |
| 2.22.1 | 39 / 14 | |
| 2.22.0 | 39 / 14 | |
| 2.21.1 | 39 / 14 | |
| 2.21.0 | 39 / 14 | |
| 2.19.0 | 39 / 14 | |
| 2.18.4 | 39 / 14 | |
| 2.18.3 | 39 / 14 | |
| 2.18.1 | 39 / 14 | |
| 2.17.8 | 39 / 14 | |
| 2.17.7 | 39 / 14 | |
| 2.17.5 | 39 / 14 | |
| 2.17.4 | 39 / 14 | |
| 2.17.3 | 39 / 14 | |
| 2.17.0 | 39 / 14 | |
| 2.14.0 | 39 / 14 | |
| 2.12.0 | 39 / 14 | |
| 2.10.0 | 39 / 13 | |
| 2.9.0 | 39 / 13 |
v3.8.5
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.8.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.8.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.8.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.6.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.6.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.5.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.5.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.4.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.3.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.3.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.2.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.2.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.2.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.1.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.43.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.42.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.41.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.40.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.39.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.39.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.36.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.33.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.31.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.31.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.31.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.29.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.27.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.25.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.23.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.22.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.22.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.21.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.21.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.19.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.18.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.18.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.18.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.17.8
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.17.7
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.17.5
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.17.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.17.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.17.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.14.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.12.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.10.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.9.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.