@vitest/pretty-format
Fork of pretty-format with support for ESM
61
Versions
MIT
License
No
Install Scripts
Verified
Provenance
Supply chain provenance
Status for the latest visible version.
SLSA provenance attestation
npm registry signatures
No source commit
Maintainers
antfupatakoreannoyyx990803vitestbot
Keywords
vitesttestprettypretty-format
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| provenance | publisher-changed | AI (provenance): vitest publishes via GitHub Actions with SLSA provenance attestation; the publisher-changed finding reflects a legitimate, security-improving CI/CD workflow transition. | ai | |
| maintainer-change | maintainer-added | AI (maintainer-change): yyx990803 (Evan You) is a well-known, legitimate open-source maintainer in the Vue/Vite/Vitest ecosystem; addition is expected and benign. | ai | |
| maintainer-change | maintainer-removed | AI (maintainer-change): vitestbot removal paired with GitHub Actions publishing is a legitimate workflow transition to SLSA-attested CI/CD publishing. | ai | |
| bogus-package | bogus-package | AI (bogus-package): antfu, patak, yyx990803 are high-profile legitimate OSS maintainers in the Vue/Vite/Vitest ecosystem; spam flag is a stable false positive for this package. | ai |
Versions (showing 61 of 61)
| Version | Deps | Published |
|---|---|---|
| 4.1.7 | 1 / 3 | |
| 4.1.6 | 1 / 3 | |
| 4.1.5 | 1 / 3 | |
| 4.1.4 | 1 / 3 | |
| 4.1.3 | 1 / 3 | |
| 4.1.2 | 1 / 3 | |
| 4.1.1 | 1 / 3 | |
| 4.1.0 | 1 / 3 | |
| 4.0.18 | 1 / 3 | |
| 4.0.17 | 1 / 3 | |
| 4.0.16 | 1 / 3 | |
| 4.0.15 | 1 / 3 | |
| 4.0.14 | 1 / 3 | |
| 4.0.13 | 1 / 3 | |
| 4.0.12 | 1 / 3 | |
| 4.0.11 | 1 / 3 | |
| 4.0.10 | 1 / 3 | |
| 4.0.9 | 1 / 3 | |
| 4.0.8 | 1 / 3 | |
| 4.0.7 | 1 / 3 | |
| 4.0.6 | 1 / 3 | |
| 4.0.5 | 1 / 3 | |
| 4.0.4 | 1 / 3 | |
| 4.0.3 | 1 / 3 | |
| 4.0.2 | 1 / 3 | |
| 4.0.1 | 1 / 3 | |
| 4.0.0 | 1 / 3 | |
| 3.2.4 | 1 / 3 | |
| 3.2.3 | 1 / 3 | |
| 3.2.2 | 1 / 3 | |
| 3.2.1 | 1 / 3 | |
| 3.2.0 | 1 / 3 | |
| 3.1.4 | 1 / 3 | |
| 3.1.3 | 1 / 3 | |
| 3.1.2 | 1 / 3 | |
| 3.1.1 | 1 / 3 | |
| 3.1.0 | 1 / 3 | |
| 3.0.9 | 1 / 3 | |
| 3.0.8 | 1 / 3 | |
| 3.0.7 | 1 / 3 | |
| 3.0.6 | 1 / 3 | |
| 3.0.5 | 1 / 3 | |
| 3.0.4 | 1 / 3 | |
| 3.0.3 | 1 / 3 | |
| 3.0.2 | 1 / 3 | |
| 3.0.1 | 1 / 3 | |
| 3.0.0 | 1 / 3 | |
| 2.1.9 | 1 / 2 | |
| 2.1.8 | 1 / 2 | |
| 2.1.7 | 1 / 2 | |
| 2.1.6 | 1 / 2 | |
| 2.1.5 | 1 / 2 | |
| 2.1.4 | 1 / 2 | |
| 2.1.3 | 1 / 2 | |
| 2.1.2 | 1 / 2 | |
| 2.1.1 | 1 / 2 | |
| 2.1.0 | 1 / 2 | |
| 2.0.5 | 1 / 2 | |
| 2.0.4 | 1 / 2 | |
| 2.0.3 | 1 / 2 | |
| 2.0.2 | 1 / 2 |
v4.1.7
1 finding
INFO
Has SLSA provenance attestation
provenance
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.1.6
1 finding
INFO
Has SLSA provenance attestation
provenance
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.