@swc/core-android-arm-eabi
Super-fast alternative for babel
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| npm-metadata | bundled-binaries | AI (npm-metadata): This package is a platform-specific native binary sub-package of @swc/core. Bundling a .node file is the expected and documented distribution pattern for napi-rs packages. | ai | |
| bogus-package | bogus-package | AI (bogus-package): Platform-specific binary sub-packages intentionally have minimal READMEs and no dependencies — they are consumed by the parent @swc/core package, not used directly. | ai |
Versions (showing 18 of 118)
| Version | Deps | Published |
|---|---|---|
| 1.2.141 | 0 / 0 | |
| 1.2.140 | 0 / 0 | |
| 1.2.139 | 0 / 0 | |
| 1.2.138 | 0 / 0 | |
| 1.2.137 | 0 / 0 | |
| 1.2.136 | 0 / 0 | |
| 1.2.135 | 0 / 0 | |
| 1.2.133 | 0 / 0 | |
| 1.2.131 | 0 / 0 | |
| 1.2.130 | 0 / 0 | |
| 1.2.129 | 0 / 0 | |
| 1.2.128 | 0 / 0 | |
| 1.2.127 | 0 / 0 | |
| 1.2.126 | 0 / 0 | |
| 1.2.125 | 0 / 0 | |
| 1.2.124 | 0 / 0 | |
| 1.2.123 | 0 / 0 | |
| 0.3.17 | 0 / 0 |
v1.2.141
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.140
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.139
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.138
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.137
2 findingsPackage contains compiled binaries that could be backdoors: • swc
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.136
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.135
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.133
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.131
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.130
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.129
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.128
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.127
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.126
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.125
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.124
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.123
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.3.17
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.