← Home

google-closure-compiler

npm Repository Homepage

Check, compile, optimize and compress Javascript with Closure-Compiler

100
Versions
Apache-2.0
License
No
Install Scripts
Verified
Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

chadhikesblicklylharker

Keywords

javascriptcompileroptimizerminifierclosuregulpplugingruntplugin

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
phantom-deps phantom-dep:chalk AI (phantom-deps): chalk is a legitimate runtime dep used by the gulp plugin interface in this package; phantom-dep analyzer does not traverse all entry points in this ESM wrapper package. ai
phantom-deps phantom-dep:vinyl AI (phantom-deps): vinyl is a legitimate runtime dep for the gulp plugin interface; false positive due to incomplete source traversal by the analyzer. ai
phantom-deps phantom-dep:vinyl-sourcemaps-apply AI (phantom-deps): vinyl-sourcemaps-apply is a legitimate runtime dep for sourcemap support in the gulp plugin; false positive due to incomplete source traversal. ai
phantom-deps phantom-dep:google-closure-compiler-java AI (phantom-deps): google-closure-compiler-java is the sibling Java JAR package invoked via subprocess/path resolution, not direct import. This is the documented architecture of the closure-compiler-npm package family. ai
semgrep semgrep:child-process-import AI (semgrep): child_process use in contrib/nodejs/cluster.js is legitimate — this is a Node.js externs file for a compiler tool, not malicious code. ai

Versions (showing 100 of 320)

Version Deps Published
20250810.0.0 5 / 6
20250805.0.0 5 / 6
20250803.0.0 5 / 6
20250730.0.0 5 / 6
20250729.0.0 5 / 6
20250727.0.0 5 / 6
20250723.0.0 5 / 6
20250721.0.0 5 / 6
20250720.0.0 5 / 6
20250716.0.0 5 / 6
20250715.0.0 5 / 6
20250714.0.0 5 / 6
20250713.0.0 5 / 6
20250709.0.0 5 / 6
20250708.0.0 5 / 6
20250701.0.0 5 / 6
20250630.0.0 5 / 6
20250629.0.0 5 / 6
20250625.0.0 5 / 6
20250624.0.0 5 / 6
20250623.0.0 5 / 6
20250619.0.0 5 / 6
20250615.0.0 5 / 6
20250609.0.0 5 / 6
20250608.0.0 5 / 6
20250603.0.0 5 / 6
20250601.0.0 5 / 6
20250528.0.0 5 / 6
20250526.0.0 5 / 6
20250520.0.0 5 / 6
20250519.0.0 5 / 6
20250518.0.0 5 / 6
20250514.0.0 5 / 6
20250512.0.0 5 / 6
20250511.0.0 5 / 6
20250506.0.0 5 / 6
20250505.0.0 5 / 6
20250504.0.0 5 / 6
20250430.0.0 5 / 6
20250429.0.0 5 / 6
20250428.0.0 5 / 6
20250427.0.0 5 / 6
20250420.0.0 5 / 6
20250415.0.0 5 / 6
20250414.0.0 5 / 6
20250413.0.0 5 / 6
20250407.0.0 5 / 6
20250402.0.0 5 / 6
20250226.0.0 5 / 6
20240317.0.0 5 / 9
20231112.0.0 5 / 9
20230802.0.0 8 / 9
20230502.0.0 8 / 9
20230411.0.0 8 / 9
20230228.0.0 8 / 9
20230206.0.0 8 / 9
20230103.0.0 8 / 9
20221102.0.1 8 / 9
20221102.0.0 8 / 9
20221004.0.0 8 / 9
20220905.0.0 8 / 9
20220803.0.0 8 / 9
20220719.0.0 8 / 11
20220601.0.0 8 / 11
20220502.0.0 8 / 11
20220405.0.0 8 / 11
20220301.0.0 5 / 11
20220202.0.0 5 / 11
20220104.0.0 5 / 11
20211201.0.0 5 / 11
20211107.0.0 8 / 11
20211006.0.0 8 / 11
20210907.0.0 8 / 11
20210906.0.0 8 / 11
20210808.0.0 8 / 11
20210601.0.0 8 / 11
20210505.0.0 8 / 11
20210406.0.0 8 / 11
20210302.0.0 8 / 11
20210202.0.0 8 / 11
20210106.0.0 8 / 11
20201207.0.0 8 / 11
20201102.0.1 8 / 11
20201102.0.0 8 / 11
20201006.0.0 8 / 11
20200927.0.0 8 / 11
20200920.0.0 8 / 11
20200830.0.0 8 / 11
20200719.0.0 9 / 11
20200628.0.0 9 / 11
20200614.0.0 9 / 11
20200517.0.0 9 / 11
20200504.0.0 9 / 11
20200426.0.0 9 / 11
20200406.0.0 9 / 11
20200315.0.0 9 / 11
20200224.0.0 9 / 11
20200204.0.0 9 / 11
20200112.0.0 9 / 11
20200101.0.0 9 / 11
Showing 100 of 320 Next page →

v20250810.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250805.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250803.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250730.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250729.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250727.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250723.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250721.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250720.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250716.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250715.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250714.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250713.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250709.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250708.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250701.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250630.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250629.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250625.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250624.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250623.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250619.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250615.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250609.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250608.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250603.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250601.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250528.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250526.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250520.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250519.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250518.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250514.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250512.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250511.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250506.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250505.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250504.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250430.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250429.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250428.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250427.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250420.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250415.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250414.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250413.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250407.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250402.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v20250226.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.