@swc/wasm
wasm module for swc
Supply chain provenance
Status for the latest visible version.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| semgrep | semgrep:dynamic-require | AI (semgrep): The require(String.raw`util`) pattern is a static wasm-bindgen generated call to Node's built-in 'util' module. Not dynamic in any meaningful sense; stable false positive for this package. | ai | |
| license | uncommon-license:Apache-2.0/MIT | AI (license): Apache-2.0/MIT dual licensing is the standard license for the SWC project; permissive and well-understood. | ai | |
| semgrep | semgrep:new-function-constructor | AI (semgrep): This is standard wasm-bindgen generated glue code for exposing WASM function creation to JS. Expected and stable across all versions of this package. | ai | |
| semgrep | semgrep:api-obfuscation-reflect | AI (semgrep): Reflect.get() usage is standard wasm-bindgen generated glue code for property access bridging. Not obfuscation; expected in all versions of this package. | ai | |
| provenance | no-provenance | AI (provenance): Established SWC ecosystem package; lack of Sigstore provenance is common and not a risk signal for this well-known publisher. | ai |
Versions (showing 54 of 455)
| Version | Deps | Published |
|---|---|---|
| 1.2.92 | 0 / 0 | |
| 1.2.91 | 0 / 0 | |
| 1.2.90 | 0 / 0 | |
| 1.2.89 | 0 / 0 | |
| 1.2.88 | 0 / 0 | |
| 1.2.87 | 0 / 0 | |
| 1.2.86 | 0 / 0 | |
| 1.2.85 | 0 / 0 | |
| 1.2.84 | 0 / 0 | |
| 1.2.83 | 0 / 0 | |
| 1.2.82 | 0 / 0 | |
| 1.2.81 | 0 / 0 | |
| 1.2.80 | 0 / 0 | |
| 1.2.79 | 0 / 0 | |
| 1.2.78 | 0 / 0 | |
| 1.2.77 | 0 / 0 | |
| 1.2.76 | 0 / 0 | |
| 1.2.75 | 0 / 0 | |
| 1.2.74 | 0 / 0 | |
| 1.2.73 | 0 / 0 | |
| 1.2.71 | 0 / 0 | |
| 1.2.70 | 0 / 0 | |
| 1.2.69 | 0 / 0 | |
| 1.2.68 | 0 / 0 | |
| 1.2.67 | 0 / 0 | |
| 1.2.66 | 0 / 0 | |
| 1.2.65 | 0 / 0 | |
| 1.2.64 | 0 / 0 | |
| 1.2.63 | 0 / 0 | |
| 1.2.62 | 0 / 0 | |
| 1.2.61 | 0 / 0 | |
| 1.2.60 | 0 / 0 | |
| 1.2.58 | 0 / 0 | |
| 1.2.57 | 0 / 0 | |
| 1.2.55 | 0 / 0 | |
| 1.2.54 | 0 / 0 | |
| 1.2.52 | 0 / 0 | |
| 1.2.51 | 0 / 0 | |
| 1.2.50 | 0 / 0 | |
| 1.2.49 | 0 / 0 | |
| 1.2.48 | 0 / 0 | |
| 1.2.47 | 0 / 0 | |
| 1.2.46 | 0 / 0 | |
| 1.2.45 | 0 / 0 | |
| 1.2.44 | 0 / 0 | |
| 1.2.43 | 0 / 0 | |
| 1.2.41 | 0 / 0 | |
| 1.2.40 | 0 / 0 | |
| 1.2.39 | 0 / 0 | |
| 1.2.34 | 0 / 0 | |
| 1.2.32 | 0 / 0 | |
| 1.2.30 | 0 / 0 | |
| 1.2.29 | 0 / 0 | |
| 0.1.0 | 0 / 0 |
v1.2.92
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.91
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.90
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.89
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.88
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.87
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.86
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.85
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.84
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.83
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.82
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.81
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.80
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.79
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.78
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.77
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.76
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.75
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.74
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.73
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.71
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.70
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.69
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.68
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.67
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.66
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.65
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.64
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.63
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.62
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.61
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.60
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.58
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.57
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.55
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.54
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.52
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.51
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.50
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.49
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.48
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.47
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.46
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.45
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.44
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.43
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.41
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.40
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.39
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.34
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.32
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.30
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.2.29
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.