@simplysm/capacitor-plugin-file-system
심플리즘 패키지 - Capacitor 파일 시스템 플러그인
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| semgrep | semgrep:base64-decode | AI (semgrep): Decodes file contents read via Capacitor readFile API; standard binary I/O pattern, not a payload obfuscation technique. | ai |
Versions (showing 18 of 218)
| Version | Deps | Published |
|---|---|---|
| 12.16.15 | 0 / 1 | |
| 12.16.14 | 0 / 1 | |
| 12.16.13 | 0 / 1 | |
| 12.16.12 | 1 / 0 | |
| 12.16.11 | 1 / 0 | |
| 12.16.10 | 1 / 0 | |
| 12.16.9 | 1 / 0 | |
| 12.16.8 | 1 / 0 | |
| 12.16.7 | 1 / 0 | |
| 12.16.6 | 1 / 0 | |
| 12.16.5 | 1 / 0 | |
| 12.16.4 | 1 / 0 | |
| 12.16.3 | 1 / 0 | |
| 12.16.2 | 1 / 0 | |
| 12.16.1 | 1 / 0 | |
| 12.15.71 | 1 / 0 | |
| 12.15.70 | 1 / 0 | |
| 12.15.69 | 1 / 0 |
v12.16.15
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v12.16.14
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v12.16.13
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v12.16.12
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v12.16.11
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v12.16.10
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v12.16.9
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v12.16.8
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v12.16.7
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v12.16.6
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v12.16.5
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v12.16.4
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v12.16.3
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v12.16.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v12.16.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v12.15.71
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v12.15.70
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v12.15.69
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.