← Home

esm-env

npm Repository Homepage

Uses export conditions to return environment information in a way that works with major bundlers and runtimes.

9
Versions
MIT
License
No
Install Scripts
Verified
Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

benmccann

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
provenance missing-githead AI (provenance): Package has SLSA provenance attestation via Sigstore, which provides stronger supply chain integrity than gitHead. Missing gitHead likely reflects a CI tooling change, not a security concern. ai

Versions (showing 9 of 9)

Version Deps Published
1.2.2 0 / 0
1.2.1 0 / 0
1.2.0 0 / 0
1.1.4 0 / 0
1.1.3 0 / 0
1.1.2 0 / 0
1.1.1 0 / 0
1.1.0 0 / 0
1.0.0 0 / 0