@tinyhttp/app No license 8 versions

@tinyhttp/app

npm Repository Homepage

8

Versions

—

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

dropthebeatbrov1rtl

Keywords

tinyhttprouterbackendhttpframeworkapi

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
dependencies	unvetted-dep:@tinyhttp/req	AI (dependencies): First-party sibling package from the tinyhttp org; stable across versions.	ai	2026/05/20
dependencies	unvetted-dep:@tinyhttp/res	AI (dependencies): First-party sibling package from the tinyhttp org; stable across versions.	ai	2026/05/20
dependencies	unvetted-dep:@tinyhttp/proxy-addr	AI (dependencies): First-party sibling package from the tinyhttp org; stable across versions.	ai	2026/05/20
typosquat	typosquat.levenshtein:hapi	AI (typosquat): Scoped package @tinyhttp/app; no plausible typosquat of hapi.	ai	2026/05/20
typosquat	typosquat.levenshtein:ajv	AI (typosquat): Scoped package @tinyhttp/app; no plausible typosquat of ajv.	ai	2026/05/20
typosquat	typosquat.levenshtein:pg	AI (typosquat): Scoped package @tinyhttp/app; no plausible typosquat of pg.	ai	2026/05/20
typosquat	typosquat.levenshtein:yup	AI (typosquat): Scoped package @tinyhttp/app; no plausible typosquat of yup.	ai	2026/05/20

Versions (showing 8 of 8)

Version	Deps	Published
3.0.7	7 / 0	2026-04-15
3.0.6	7 / 0	2026-02-08
3.0.5	8 / 0	2026-02-08
3.0.4	7 / 0	2026-02-01
3.0.3	7 / 0	2026-02-01
3.0.2	7 / 0	2026-01-20
3.0.1	7 / 0	2025-09-14
3.0.0	7 / 0	2025-09-14

v3.0.7

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.6

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.5

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.4

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.