cheerio
Tiny, fast, and elegant implementation of core jQuery designed specifically for the server
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| dependencies | unvetted-dep:lodash.bind | AI (dependencies): lodash.bind is an official lodash project sub-package; part of lodash's modular v4 release strategy, not a suspicious third-party dep. | ai | |
| phantom-deps | phantom-dep:entities | AI (phantom-deps): entities is declared in package.json as a direct dep and used by htmlparser2; phantom-dep finding is a false positive for this package. | ai | |
| dependencies | unvetted-dep:lodash.assignin | AI (dependencies): lodash.assignin is an official lodash project sub-package; part of lodash's modular v4 release strategy. | ai | |
| dependencies | unvetted-dep:lodash.reject | AI (dependencies): lodash.reject is an official lodash project sub-package; part of lodash's modular v4 release strategy. | ai | |
| dependencies | unvetted-dep:lodash.reduce | AI (dependencies): lodash.reduce is an official lodash project sub-package; part of lodash's modular v4 release strategy. | ai | |
| dependencies | unvetted-dep:lodash.pick | AI (dependencies): lodash.pick is an official lodash project sub-package; part of lodash's modular v4 release strategy. | ai | |
| semgrep | semgrep:eval-usage | AI (semgrep): eval() in cheerio's parse.js is part of the HTML parsing pipeline using htmlparser2 output, not arbitrary external code execution. Consistent with early cheerio architecture. | ai | |
| source-diff | obfuscated-file:coverage/lcov-report/prettify.js | AI (source-diff): This is Google's prettify.js syntax highlighter, a standard minified artifact bundled with Istanbul lcov coverage reports. It is not runtime code and poses no security risk. | ai | |
| source-diff | net-exec-file:benchmark/jquery-2.0.3.js | AI (source-diff): File is the canonical jQuery 2.0.3 source used as a benchmark fixture. Network/exec patterns are jQuery's own AJAX and eval utilities, not malware. Stable false positive for this package. | ai | |
| maintainer-change | maintainer-takeover | AI (maintainer-change): Felix Böhm (feedic) is a long-standing cheerio ecosystem contributor who maintains htmlparser2, domhandler, domutils, etc. This is a documented legitimate maintainer transition, not a hijack. | ai | |
| maintainer-change | maintainer-added | AI (maintainer-change): jugglinmike and feedic are known cheerio contributors; addition is part of a legitimate project governance transition. | ai | |
| maintainer-change | maintainer-removed | AI (maintainer-change): Original author Matt Mueller stepping back is consistent with the documented cheerio project history; feedic has been the de facto maintainer for years. | ai | |
| provenance | publisher-changed | AI (provenance): Publisher change to feedic (Felix Böhm) is a legitimate transition; feedic has 78 approved packages and 5211 days of registry history. | ai | |
| publish-pattern | new-deps-added | AI (publish-pattern): All new deps (parse5, undici, domhandler, domutils, etc.) are legitimate HTML parsing ecosystem packages, many maintained by feedic himself. Expected for a major version upgrade. | ai | |
| dependencies | unvetted-dep:soupselect | AI (dependencies): soupselect is a legitimate CSS selector library; pinned to 0.2.x. Stable for this package. | ai | |
| source-diff | source-size-tripled | AI (source-diff): Early-version growth from stub to real implementation; 23KB is a normal library size with no payload indicators. | ai | |
| semgrep | semgrep:dynamic-require | AI (semgrep): Dynamic require in cheerio.js loads a fixed, hardcoded list of plugin names split from a static string — not truly dynamic or exploitable. | ai | |
| phantom-deps | phantom-dep:soupselect | AI (phantom-deps): soupselect is a legitimate declared dependency used inside the CoffeeScript source; phantom detection is a false positive for this dual-source package structure. | ai | |
| phantom-deps | phantom-dep:htmlparser | AI (phantom-deps): htmlparser is a legitimate declared dependency used inside the CoffeeScript source; phantom detection is a false positive for this dual-source package structure. | ai | |
| dependencies | unvetted-dep:encoding-sniffer | AI (dependencies): encoding-sniffer is a legitimate utility for HTML encoding detection, appropriate for cheerio's use case. | ai | |
| dependencies | unvetted-dep:undici | AI (dependencies): undici is the official Node.js HTTP client, a legitimate dependency for cheerio's fetch functionality. | ai | |
| dependencies | unvetted-dep:parse5-parser-stream | AI (dependencies): parse5-parser-stream is a standard HTML parsing dependency, expected for cheerio's HTML5 parsing support. | ai | |
| provenance | no-provenance | AI (provenance): Package predates Sigstore; lack of provenance is expected and not a security concern for this legacy version. | ai | |
| dependencies | unvetted-dep:htmlparser2 | AI (dependencies): htmlparser2 is a core, long-standing dependency of the cheerio ecosystem maintained by the same author. | ai |
Versions (showing 52 of 52)
| Version | Deps | Published |
|---|---|---|
| 1.2.0 | 11 / 27 | |
| 1.1.2 | 11 / 27 | |
| 1.1.1 | 11 / 27 | |
| 1.1.0 | 11 / 27 | |
| 1.0.0 | 11 / 26 | |
| 0.22.0 | 16 / 9 | |
| 0.20.0 | 6 / 7 | |
| 0.19.0 | 5 / 8 | |
| 0.18.0 | 5 / 8 | |
| 0.17.0 | 5 / 6 | |
| 0.16.0 | 4 / 6 | |
| 0.15.0 | 4 / 5 | |
| 0.14.0 | 4 / 5 | |
| 0.13.1 | 4 / 5 | |
| 0.13.0 | 4 / 5 | |
| 0.12.4 | 4 / 3 | |
| 0.12.3 | 4 / 2 | |
| 0.12.2 | 4 / 2 | |
| 0.12.1 | 4 / 2 | |
| 0.12.0 | 4 / 2 | |
| 0.11.0 | 4 / 2 | |
| 0.10.8 | 4 / 2 | |
| 0.10.7 | 4 / 2 | |
| 0.10.6 | 4 / 2 | |
| 0.10.5 | 4 / 2 | |
| 0.10.4 | 4 / 2 | |
| 0.10.3 | 4 / 2 | |
| 0.10.2 | 4 / 2 | |
| 0.10.1 | 4 / 2 | |
| 0.10.0 | 4 / 2 | |
| 0.9.2 | 4 / 2 | |
| 0.9.1 | 4 / 2 | |
| 0.9.0 | 4 / 2 | |
| 0.8.3 | 4 / 3 | |
| 0.8.2 | 4 / 3 | |
| 0.8.1 | 3 / 3 | |
| 0.8.0 | 3 / 3 | |
| 0.5.2 | 3 / 3 | |
| 0.3.0 | 3 / 5 | |
| 0.2.2 | 3 / 4 | |
| 0.2.1 | 3 / 4 | |
| 0.2.0 | 3 / 4 | |
| 0.1.5 | 3 / 4 | |
| 0.1.4 | 3 / 3 | |
| 0.1.3 | 3 / 3 | |
| 0.1.2 | 3 / 3 | |
| 0.1.1 | 3 / 3 | |
| 0.0.4 | 2 / 3 | |
| 0.0.3 | 2 / 3 | |
| 0.0.2 | 2 / 3 | |
| 0.0.1 | 2 / 0 | |
| 1.0.0-rc.12 | 7 / 24 |
v1.2.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.1.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.22.0
2 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version was published by a different npm account than previous versions on 2016-08-23. This could indicate a legitimate maintainer transition or an account compromise.
v0.18.0
2 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version was published by a different npm account than previous versions on 2014-11-06. This could indicate a legitimate maintainer transition or an account compromise.
v0.17.0
2 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version was published by a different npm account than previous versions on 2014-06-10. This could indicate a legitimate maintainer transition or an account compromise.
v0.16.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.15.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.14.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.13.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.13.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.3.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.5
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.4
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.3
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.4
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.3
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.0-rc.12
2 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version was published by a different npm account than previous versions on 2022-06-26. This could indicate a legitimate maintainer transition or an account compromise.