@storm-software/esbuild No license 6 versions

@storm-software/esbuild

npm Repository Homepage

6

Versions

—

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

stormie-botsullivanpj

Keywords

esbuildmonorepostormstorm-opsstorm-stacksullivanpj

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
phantom-deps	phantom-dep:prettier-plugin-organize-imports	AI (phantom-deps): Prettier plugin referenced via config, not direct import; stable false positive.	ai	2026/05/30
semgrep	semgrep:dynamic-require	AI (semgrep): Reads project package.json by path to enumerate deps; standard build-tool pattern, not arbitrary module loading.	ai	2026/05/30
phantom-deps	phantom-dep:source-map	AI (phantom-deps): Build toolchain dep used transitively via config; stable false positive for this package.	ai	2026/05/30
phantom-deps	phantom-dep:prettier-plugin-sh	AI (phantom-deps): Prettier plugin referenced via config, not direct import; stable false positive.	ai	2026/05/30
phantom-deps	phantom-dep:prettier-plugin-pkg	AI (phantom-deps): Prettier plugin referenced via config, not direct import; stable false positive.	ai	2026/05/30
provenance	publisher-changed	AI (provenance): Transition from stormie-bot to GitHub Actions CI is a documented automation migration; SLSA provenance attestation confirms integrity.	ai	2026/05/29
dependencies	unvetted-dep:@nx/js	AI (dependencies): @nx/js is a mainstream Nx toolchain package; stable false positive for this build-tools package.	ai	2026/04/29
phantom-deps	phantom-dep:globby	AI (phantom-deps): Globby used in config/build scripts; stable false positive for this package.	ai	2026/04/28
phantom-deps	phantom-dep:@nx/js	AI (phantom-deps): Config-file reference pattern for Nx tooling; stable false positive for this build-tools package.	ai	2026/04/28

Versions (showing 6 of 418)

Version	Deps	Published
0.33.5	12 / 10	2025-04-28
0.33.4	12 / 10	2025-04-28
0.33.3	12 / 10	2025-04-28
0.33.2	12 / 10	2025-04-28
0.33.1	12 / 10	2025-04-27
0.33.0	12 / 10	2025-04-27

v0.33.5

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.33.4

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.33.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.33.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.33.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.33.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.