chat — Greenflagged

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

matt.strakavercel-release-botcramforcefernandorojo

Keywords

chatslackteamsdiscordgoogle-chatbot

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
source-diff	obfuscated-file:dist/chat-D9UYaaNO.d.ts	AI (source-diff): Bundled .d.ts type declaration file with long lines; not obfuscated. Stable for this package.	ai	2026/05/20
provenance	publisher-changed	AI (provenance): Vercel uses GitHub Actions / vercel-release-bot for automated npm publishing; this is the expected publisher for this org.	ai	2026/05/01
maintainer-change	maintainer-added	AI (maintainer-change): vercel-release-bot is Vercel's standard release automation account; stable for this package.	ai	2026/05/01
dependencies	unvetted-dep:mdast-util-to-string	AI (dependencies): mdast-util-to-string is a well-known, widely-used package in the unified/remark ecosystem; no security concern for this package.	ai	2026/04/27
provenance	no-provenance	AI (provenance): Established package with strong publisher track record; lack of provenance attestation is a hygiene note, not a security risk.	ai	2026/04/27
typosquat	typosquat.levenshtein:chalk	AI (typosquat): chat is a long-established Vercel package for chat platform abstraction; the levenshtein match to chalk is coincidental with no impersonation intent.	ai	2026/04/25

Versions (showing 16 of 16)

Version	Deps	Published
4.29.0	7 / 7	2026-05-18
4.28.1	7 / 5	2026-05-08
4.27.0	7 / 5	2026-04-30
4.26.0	7 / 5	2026-04-14
4.25.0	7 / 5	2026-04-11
4.23.0	7 / 5	2026-03-26
4.20.2	7 / 5	2026-03-16
4.15.0	6 / 5	2026-02-26
4.13.0	6 / 5	2026-02-20
4.4.1	6 / 5	2026-01-21
4.4.0	5 / 5	2026-01-20
4.3.0	5 / 5	2026-01-05
4.1.0	5 / 5	2026-01-03
4.0.2	5 / 5	2026-01-02
4.0.1	5 / 5	2026-01-02
4.0.0	5 / 5	2026-01-02

v4.29.0

2 findings

HIGH New obfuscated file: dist/chat-D9UYaaNO.d.ts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4.28.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4.27.0

2 findings

HIGH Publisher changed: cramforce → GitHub Actions (on 2026-04-30) provenance

This version was published by a different npm account than previous versions on 2026-04-30. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.