@storm-software/tsup — Greenflagged

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

stormie-botsullivanpj

Keywords

tsupstormstorm-opsstorm-software

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
provenance	publisher-changed	AI (provenance): Transition from stormie-bot to GitHub Actions CI/CD is confirmed by SLSA provenance attestation; consistent with org-wide automation migration.	ai	2026/05/29
typosquat	typosquat.levenshtein:yup	AI (typosquat): Scoped @storm-software/tsup is a tsup wrapper, not a yup typosquat; Levenshtein match is coincidental.	ai	2026/04/28
phantom-deps	phantom-dep:@storm-software/config-tools	AI (phantom-deps): Same-org dependency; likely used transitively or in build config rather than direct import.	ai	2026/04/28

Versions (showing 100 of 226)

Version	Deps	Published
0.2.116	2 / 4	2026-03-16
0.2.115	2 / 4	2026-03-16
0.2.114	2 / 4	2026-03-16
0.2.113	2 / 4	2026-03-16
0.2.112	2 / 4	2026-03-16
0.2.111	2 / 4	2026-03-16
0.2.110	2 / 4	2026-03-16
0.2.109	2 / 4	2026-03-16
0.2.108	2 / 4	2026-03-14
0.2.107	2 / 4	2026-03-11
0.2.106	2 / 4	2026-03-11
0.2.105	2 / 4	2026-03-11
0.2.104	2 / 4	2026-03-11
0.2.103	2 / 4	2026-03-11
0.2.102	2 / 4	2026-03-11
0.2.101	2 / 4	2026-03-11
0.2.100	2 / 4	2026-03-07
0.2.99	2 / 4	2026-03-07
0.2.98	2 / 4	2026-03-07
0.2.97	2 / 4	2026-03-07
0.2.96	2 / 4	2026-03-06
0.2.95	2 / 4	2026-03-06
0.2.94	2 / 4	2026-03-06
0.2.93	2 / 4	2026-03-06
0.2.92	2 / 4	2026-03-04
0.2.91	2 / 4	2026-03-04
0.2.90	2 / 4	2026-03-02
0.2.89	2 / 4	2026-02-28
0.2.88	2 / 4	2026-02-24
0.2.87	2 / 4	2026-02-23
0.2.86	2 / 4	2026-02-21
0.2.85	2 / 4	2026-02-20
0.2.84	2 / 4	2026-02-19
0.2.83	2 / 4	2026-02-19
0.2.82	2 / 4	2026-02-19
0.2.81	2 / 4	2026-02-18
0.2.80	2 / 4	2026-02-18
0.2.79	2 / 4	2026-01-22
0.2.78	2 / 4	2026-01-14
0.2.77	2 / 4	2026-01-14
0.2.76	2 / 4	2026-01-14
0.2.75	2 / 4	2026-01-14
0.2.74	2 / 4	2026-01-14
0.2.73	2 / 4	2025-12-30
0.2.72	2 / 4	2025-12-23
0.2.71	2 / 4	2025-12-19
0.2.70	2 / 4	2025-12-18
0.2.69	2 / 4	2025-12-18
0.2.68	2 / 4	2025-12-17
0.2.67	2 / 4	2025-12-17
0.2.66	2 / 4	2025-12-16
0.2.65	2 / 4	2025-12-15
0.2.64	2 / 4	2025-12-15
0.2.63	2 / 4	2025-12-08
0.2.62	2 / 4	2025-12-08
0.2.61	2 / 4	2025-12-08
0.2.60	2 / 4	2025-12-08
0.2.59	2 / 4	2025-12-08
0.2.58	2 / 4	2025-12-08
0.2.57	2 / 4	2025-12-06
0.2.56	2 / 4	2025-12-06
0.2.55	2 / 4	2025-12-06
0.2.54	2 / 4	2025-12-05
0.2.53	2 / 4	2025-12-05
0.2.52	2 / 4	2025-12-05
0.2.51	2 / 4	2025-12-05
0.2.50	2 / 4	2025-12-05
0.2.49	2 / 4	2025-12-05
0.2.48	2 / 4	2025-11-27
0.2.47	2 / 4	2025-11-25
0.2.46	2 / 4	2025-11-21
0.2.45	2 / 4	2025-11-20
0.2.44	2 / 4	2025-11-20
0.2.43	2 / 4	2025-11-20
0.2.42	2 / 4	2025-11-20
0.2.41	2 / 4	2025-11-19
0.2.40	2 / 4	2025-11-19
0.2.39	2 / 3	2025-11-19
0.2.38	2 / 3	2025-11-16
0.2.37	2 / 3	2025-11-16
0.2.36	2 / 3	2025-11-14
0.2.35	2 / 3	2025-11-14
0.2.34	2 / 3	2025-11-13
0.2.33	2 / 3	2025-11-13
0.2.32	2 / 3	2025-11-13
0.2.31	2 / 3	2025-11-13
0.2.30	2 / 3	2025-11-13
0.2.29	2 / 3	2025-11-13
0.2.28	2 / 3	2025-11-13
0.2.27	2 / 3	2025-11-12
0.2.26	2 / 3	2025-11-12
0.2.25	2 / 3	2025-11-12
0.2.24	2 / 3	2025-11-12
0.2.23	2 / 3	2025-11-12
0.2.22	2 / 3	2025-11-10
0.2.21	2 / 3	2025-11-09
0.2.20	2 / 3	2025-11-08
0.2.19	2 / 3	2025-11-08
0.2.18	2 / 3	2025-11-08
0.2.17	2 / 3	2025-11-05

Showing 100 of 226 Next page →

v0.2.116

2 findings

HIGH Publisher changed: stormie-bot → GitHub Actions (on 2026-03-16) provenance

This version was published by a different npm account than previous versions on 2026-03-16. This could indicate a legitimate maintainer transition or an account compromise.