All instar versions

[email protected] rejected Risk: 100 MIT

instar @0.24.4

rejected
This version was rejected. It did not pass GreenFlagged's security review and is not served by the registry. The findings and risk dispositions below explain why.
npm Repository Homepage Tarball
100
Risk Score
MIT
License
Yes
Install Scripts
14
Dependencies
10
Dev Dependencies
3118.7 KB
Package Size
Published

Persistent autonomy infrastructure for AI agents

Maintainers

jkheadley

Keywords

instarai-agentautonomous-agentclaudeclaude-codeagent-frameworktelegram-botjob-scheduleragent-memoryagent-identityllmmcpclimoltlobster

Dependencies (14)

PackageConstraintRegistry Status
ws ^8.19.0 auto_approved
zod ^4.3.6 auto_approved
croner ^8.0.0 No greenflagged match
express ^4.18.0 auto_approved
commander ^12.0.0 auto_approved
picocolors ^1.0.0 auto_approved
@a2a-js/sdk ^0.3.10 auto_approved
cloudflared ^0.7.1 auto_approved
@noble/ciphers ^2.1.1 auto_approved
better-sqlite3 ^12.8.0 auto_approved
proper-lockfile ^4.1.2 auto_approved
@inquirer/prompts ^8.2.1 auto_approved
@huggingface/transformers ^3.8.1 auto_approved
@modelcontextprotocol/sdk ^1.27.1 auto_approved

Dev Dependencies (10)

PackageConstraintRegistry Status
husky ^9.1.7 auto_approved
vitest ^2.0.0 No greenflagged match
@types/ws ^8.18.1 auto_approved
supertest ^7.2.2 auto_approved
typescript ^5.9.3 auto_approved
@types/node ^20.11.0 auto_approved
@types/express ^4.17.21 No greenflagged match
@types/supertest ^6.0.3 No greenflagged match
@types/better-sqlite3 ^7.6.13 auto_approved
@types/proper-lockfile ^4.1.4 No greenflagged match

Transitive Dependency Tree

176 transitive deps max depth 10
  ├─ @a2a-js/sdk ^0.3.10 → 0.3.13
  ├─ @huggingface/transformers ^3.8.1 → 3.8.1
  ├─ @inquirer/prompts ^8.2.1 → 8.5.2
  ├─ @modelcontextprotocol/sdk ^1.27.1 → 1.29.0
  ├─ @noble/ciphers ^2.1.1 → 2.2.0
  ├─ better-sqlite3 ^12.8.0 → 12.10.0
  ├─ cloudflared ^0.7.1 → 0.7.1
  ├─ commander ^12.0.0 → 12.1.0
  ├─ croner ^8.0.0
  ├─ express ^4.18.0 → 4.22.2
  ├─ picocolors ^1.0.0 → 1.1.1
  ├─ proper-lockfile ^4.1.2 → 4.1.2
  ├─ ws ^8.19.0 → 8.21.0
├─ zod ^4.3.6 → 4.3.6
  ├─ @hono/node-server ^1.19.9 → 1.19.14
  ├─ @huggingface/jinja ^0.5.3 → 0.5.8
  ├─ @inquirer/checkbox ^5.2.1 → 5.2.1
  ├─ @inquirer/confirm ^6.1.1 → 6.1.1
  ├─ @inquirer/editor ^5.2.2 → 5.2.2
  ├─ @inquirer/expand ^5.1.1 → 5.1.1
  ├─ @inquirer/input ^5.1.2 → 5.1.2
  ├─ @inquirer/number ^4.1.1 → 4.1.1
  ├─ @inquirer/password ^5.1.1 → 5.1.1
  ├─ @inquirer/rawlist ^5.3.1 → 5.3.1
  ├─ @inquirer/search ^4.2.1 → 4.2.1
  ├─ @inquirer/select ^5.2.1 → 5.2.1
  ├─ accepts ~1.3.8 → 1.3.8
  ├─ ajv ^8.17.1 → 8.20.0
  ├─ ajv-formats ^3.0.1 → 3.0.1
  ├─ array-flatten 1.1.1 → 1.1.1
  ├─ bindings ^1.5.0 → 1.5.0
  ├─ body-parser ~1.20.5 → 1.20.5
  ├─ content-disposition ~0.5.4 → 0.5.4
  ├─ content-type ^1.0.5 → 1.0.5
  ├─ content-type ~1.0.4 → 1.0.5
  ├─ cookie ~0.7.1 → 0.7.2
  ├─ cookie-signature ~1.0.6 → 1.0.7
  ├─ cors ^2.8.5 → 2.8.6
  ├─ cross-spawn ^7.0.5 → 7.0.6
  ├─ debug 2.6.9
  ├─ depd 2.0.0 → 2.0.0
  ├─ encodeurl ~2.0.0 → 2.0.0
  ├─ escape-html ~1.0.3 → 1.0.3
  ├─ etag ~1.8.1 → 1.8.1
  ├─ eventsource ^3.0.2 → 3.0.2
  ├─ eventsource-parser ^3.0.0 → 3.1.0
  ├─ express ^5.2.1 → 5.2.1
  ├─ express-rate-limit ^8.2.1 → 8.4.1
  ├─ finalhandler ~1.3.1 → 1.3.2
  ├─ fresh ~0.5.2 → 0.5.2
  ├─ graceful-fs ^4.2.4 → 4.2.11
  ├─ hono ^4.11.4 → 4.12.23
  ├─ http-errors ~2.0.0 → 2.0.1
  ├─ jose ^6.1.3 → 6.2.2
  ├─ json-schema-typed ^8.0.2 → 8.0.2
  ├─ merge-descriptors 1.0.3 → 1.0.3
  ├─ methods ~1.1.2 → 1.1.2
  ├─ on-finished ~2.4.1 → 2.4.1
  ├─ onnxruntime-node 1.21.0
  ├─ onnxruntime-web 1.22.0-dev.20250409-89f8206ba4
  ├─ parseurl ~1.3.3 → 1.3.3
  ├─ path-to-regexp ~0.1.12 → 0.1.13
  ├─ pkce-challenge ^5.0.0
  ├─ prebuild-install ^7.1.1 → 7.1.3
  ├─ proxy-addr ~2.0.7 → 2.0.7
  ├─ qs ~6.15.1 → 6.15.2
  ├─ range-parser ~1.2.1 → 1.2.1
  ├─ raw-body ^3.0.0 → 3.0.2
  ├─ retry ^0.12.0 → 0.12.0
  ├─ safe-buffer 5.2.1 → 5.2.1
  ├─ send ~0.19.0 → 0.19.2
  ├─ serve-static ~1.16.2 → 1.16.3
  ├─ setprototypeof 1.2.0 → 1.2.0
  ├─ sharp ^0.34.1 → 0.34.1
  ├─ signal-exit ^3.0.2 → 3.0.7
  ├─ statuses ~2.0.1 → 2.0.2
  ├─ type-is ~1.6.18 → 1.6.18
  ├─ utils-merge 1.0.1 → 1.0.1
  ├─ uuid ^11.1.0 → 11.1.0
  ├─ vary ~1.1.2 → 1.1.2
  ├─ zod ^3.25 || ^4.0 → 4.3.6
├─ zod-to-json-schema ^3.25.1 → 3.25.2
  ├─ @inquirer/ansi ^2.0.7 → 2.0.7
  ├─ @inquirer/core ^11.2.1 → 11.2.1
  ├─ @inquirer/external-editor ^3.0.3 → 3.0.3
  ├─ @inquirer/figures ^2.0.7 → 2.0.7
  ├─ @inquirer/type ^4.0.7 → 4.0.7
  ├─ accepts ^2.0.0 → 2.0.0
  ├─ ajv ^8.0.0 → 8.20.0
  ├─ body-parser ^2.2.1 → 2.2.2
  ├─ bytes ~3.1.2 → 3.1.2
  ├─ color ^4.2.3 → 4.2.3
  ├─ content-disposition ^1.0.0 → 1.1.0
  ├─ content-type ^1.0.5 → 1.0.5
  ├─ content-type ~1.0.5 → 1.0.5
  ├─ cookie ^0.7.1 → 0.7.2
  ├─ cookie-signature ^1.2.1 → 1.2.2
  ├─ debug 2.6.9
  ├─ debug ^4.4.0 → 4.4.3
  ├─ depd ~2.0.0 → 2.0.0
  ├─ depd 2.0.0 → 2.0.0
  ├─ depd ^2.0.0 → 2.0.0
  ├─ destroy ~1.2.0 → 1.2.0
  ├─ destroy 1.2.0 → 1.2.0
  ├─ detect-libc ^2.0.3 → 2.1.2
  ├─ detect-libc ^2.0.0 → 2.1.2
  ├─ ee-first 1.1.1 → 1.1.1
  ├─ encodeurl ~2.0.0 → 2.0.0
  ├─ encodeurl ^2.0.0 → 2.0.0
  ├─ escape-html ^1.0.3 → 1.0.3
  ├─ escape-html ~1.0.3 → 1.0.3
  ├─ etag ~1.8.1 → 1.8.1
  ├─ etag ^1.8.1 → 1.8.1
  ├─ eventsource-parser ^3.0.0 → 3.1.0
  ├─ expand-template ^2.0.3 → 2.0.3
  ├─ fast-deep-equal ^3.1.3 → 3.1.3
  ├─ fast-uri ^3.0.1 → 3.1.1
  ├─ file-uri-to-path 1.0.0 → 1.0.0
  ├─ finalhandler ^2.1.0 → 2.1.1
  ├─ forwarded 0.2.0 → 0.2.0
  ├─ fresh ~0.5.2 → 0.5.2
  ├─ fresh ^2.0.0
  ├─ github-from-package 0.0.0
  ├─ http-errors ^2.0.0 → 2.0.1
  ├─ http-errors ~2.0.1 → 2.0.1
  ├─ iconv-lite ~0.7.0 → 0.7.2
  ├─ iconv-lite ~0.4.24 → 0.4.24
  ├─ inherits ~2.0.4 → 2.0.4
  ├─ ip-address 10.1.0 → 10.1.0
  ├─ ipaddr.js 1.9.1 → 1.9.1
  ├─ json-schema-traverse ^1.0.0 → 1.0.0
  ├─ media-typer 0.3.0 → 0.3.0
  ├─ merge-descriptors ^2.0.0 → 2.0.0
  ├─ mime 1.6.0 → 1.6.0
  ├─ mime-types ^3.0.0 → 3.0.2
  ├─ mime-types ~2.1.34 → 2.1.35
  ├─ mime-types ~2.1.24 → 2.1.35
  ├─ minimist ^1.2.3 → 1.2.8
  ├─ mkdirp-classic ^0.5.3 → 0.5.3
  ├─ ms 2.1.3 → 2.1.3
  ├─ napi-build-utils ^2.0.0
  ├─ negotiator 0.6.3 → 0.6.3
  ├─ node-abi ^3.3.0 → 3.92.0
  ├─ object-assign ^4 → 4.1.1
  ├─ on-finished ^2.4.1 → 2.4.1
  ├─ on-finished ~2.4.1 → 2.4.1
  ├─ once ^1.4.0 → 1.4.0
  ├─ parseurl ^1.3.3 → 1.3.3
  ├─ parseurl ~1.3.3 → 1.3.3
  ├─ path-key ^3.1.0 → 3.1.1
  ├─ proxy-addr ^2.0.7 → 2.0.7
  ├─ pump ^3.0.0 → 3.0.4
  ├─ qs ^6.14.0 → 6.15.2
  ├─ qs ~6.15.1 → 6.15.2
  ├─ range-parser ~1.2.1 → 1.2.1
  ├─ range-parser ^1.2.1 → 1.2.1
  ├─ raw-body ~2.5.3 → 2.5.3
  ├─ rc ^1.2.7 → 1.2.8
  ├─ require-from-string ^2.0.2 → 2.0.2
  ├─ router ^2.2.0 → 2.2.0
  ├─ safe-buffer 5.2.1 → 5.2.1
  ├─ semver ^7.7.1 → 7.8.1
  ├─ send ^1.1.0 → 1.2.1
  ├─ send ~0.19.1 → 0.19.2
  ├─ serve-static ^2.2.0 → 2.2.1
  ├─ setprototypeof ~1.2.0 → 1.2.0
  ├─ shebang-command ^2.0.0 → 2.0.0
  ├─ side-channel ^1.1.0 → 1.1.0
  ├─ simple-get ^4.0.0 → 4.0.1
  ├─ statuses ~2.0.2 → 2.0.2
  ├─ statuses ^2.0.1 → 2.0.2
  ├─ tar-fs ^2.0.0 → 2.1.4
  ├─ toidentifier ~1.0.1 → 1.0.1
  ├─ tunnel-agent ^0.6.0 → 0.6.0
  ├─ type-is ^2.0.1 → 2.0.1
  ├─ type-is ~1.6.18 → 1.6.18
  ├─ unpipe ~1.0.0 → 1.0.0
  ├─ vary ^1.1.2 → 1.1.2
  ├─ vary ^1 → 1.1.2
├─ which ^2.0.1 → 2.0.2
  ├─ @inquirer/ansi ^2.0.7 → 2.0.7
  ├─ @inquirer/figures ^2.0.7 → 2.0.7
  ├─ @inquirer/type ^4.0.7 → 4.0.7
  ├─ bytes ^3.1.2 → 3.1.2
  ├─ bytes ~3.1.2 → 3.1.2
  ├─ chardet ^2.1.1 → 2.1.1
  ├─ chownr ^1.1.1
  ├─ cli-width ^4.1.0 → 4.1.0
  ├─ color-convert ^2.0.1 → 2.0.1
  ├─ color-string ^1.9.0 → 1.9.1
  ├─ content-type ^1.0.5 → 1.0.5
  ├─ debug ^4.4.0 → 4.4.3
  ├─ debug ^4.4.3 → 4.4.3
  ├─ debug 2.6.9
  ├─ decompress-response ^6.0.0
  ├─ deep-extend ^0.6.0 → 0.6.0
  ├─ depd 2.0.0 → 2.0.0
  ├─ depd ~2.0.0 → 2.0.0
  ├─ depd ^2.0.0 → 2.0.0
  ├─ destroy 1.2.0 → 1.2.0
  ├─ ee-first 1.1.1 → 1.1.1
  ├─ encodeurl ~2.0.0 → 2.0.0
  ├─ encodeurl ^2.0.0 → 2.0.0
  ├─ end-of-stream ^1.1.0 → 1.4.5
  ├─ es-errors ^1.3.0 → 1.3.0
  ├─ escape-html ~1.0.3 → 1.0.3
  ├─ escape-html ^1.0.3 → 1.0.3
  ├─ etag ~1.8.1 → 1.8.1
  ├─ etag ^1.8.1 → 1.8.1
  ├─ fast-deep-equal ^3.1.3 → 3.1.3
  ├─ fast-uri ^3.0.1 → 3.1.1
  ├─ fast-wrap-ansi ^0.2.0 → 0.2.2
  ├─ forwarded 0.2.0 → 0.2.0
  ├─ fresh ~0.5.2 → 0.5.2
  ├─ fresh ^2.0.0
  ├─ http-errors ^2.0.1 → 2.0.1
  ├─ http-errors ^2.0.0 → 2.0.1
  ├─ http-errors ~2.0.1 → 2.0.1
  ├─ iconv-lite ^0.7.0 → 0.7.2
  ├─ iconv-lite ^0.7.2 → 0.7.2
  ├─ iconv-lite ~0.4.24 → 0.4.24
  ├─ inherits ~2.0.4 → 2.0.4
  ├─ ini ~1.3.0 → 1.3.8
  ├─ ipaddr.js 1.9.1 → 1.9.1
  ├─ is-promise ^4.0.0 → 4.0.0
  ├─ isexe ^2.0.0 → 2.0.0
  ├─ json-schema-traverse ^1.0.0 → 1.0.0
  ├─ media-typer ^1.1.0 → 1.1.0
  ├─ media-typer 0.3.0 → 0.3.0
  ├─ mime 1.6.0 → 1.6.0
  ├─ mime-db ^1.54.0 → 1.54.0
  ├─ mime-db 1.52.0
  ├─ mime-types ~2.1.24 → 2.1.35
  ├─ mime-types ^3.0.0 → 3.0.2
  ├─ mime-types ^3.0.2 → 3.0.2
  ├─ minimist ^1.2.0 → 1.2.8
  ├─ mkdirp-classic ^0.5.2 → 0.5.3
  ├─ ms 2.1.3 → 2.1.3
  ├─ ms ^2.1.3 → 2.1.3
  ├─ mute-stream ^3.0.0 → 3.0.0
  ├─ negotiator ^1.0.0 → 1.0.0
  ├─ object-inspect ^1.13.3 → 1.13.4
  ├─ on-finished ~2.4.1 → 2.4.1
  ├─ on-finished ^2.4.1 → 2.4.1
  ├─ once ^1.3.1 → 1.4.0
  ├─ parseurl ^1.3.3 → 1.3.3
  ├─ path-to-regexp ^8.0.0 → 8.4.2
  ├─ pump ^3.0.0 → 3.0.4
  ├─ qs ^6.14.1 → 6.15.2
  ├─ range-parser ^1.2.1 → 1.2.1
  ├─ range-parser ~1.2.1 → 1.2.1
  ├─ raw-body ^3.0.1 → 3.0.2
  ├─ require-from-string ^2.0.2 → 2.0.2
  ├─ safe-buffer ^5.0.1 → 5.2.1
  ├─ safer-buffer >= 2.1.2 < 3.0.0 → 2.1.2
  ├─ safer-buffer >= 2.1.2 < 3 → 2.1.2
  ├─ semver ^7.3.5 → 7.8.1
  ├─ send ^1.2.0 → 1.2.1
  ├─ setprototypeof ~1.2.0 → 1.2.0
  ├─ shebang-regex ^3.0.0
  ├─ side-channel ^1.1.0 → 1.1.0
  ├─ side-channel-list ^1.0.0 → 1.0.1
  ├─ side-channel-map ^1.0.1 → 1.0.1
  ├─ side-channel-weakmap ^1.0.2 → 1.0.2
  ├─ signal-exit ^4.1.0 → 4.1.0
  ├─ simple-concat ^1.0.0 → 1.0.1
  ├─ statuses ~2.0.2 → 2.0.2
  ├─ statuses ^2.0.1 → 2.0.2
  ├─ statuses ^2.0.2 → 2.0.2
  ├─ strip-json-comments ~2.0.1 → 2.0.1
  ├─ tar-stream ^2.1.4 → 2.2.0
  ├─ toidentifier ~1.0.1 → 1.0.1
  ├─ type-is ^2.0.1 → 2.0.1
  ├─ unpipe ~1.0.0 → 1.0.0
├─ wrappy 1 → 1.0.2
  ├─ bl ^4.0.3 → 4.1.0
  ├─ bytes ~3.1.2 → 3.1.2
  ├─ call-bound ^1.0.2 → 1.0.4
  ├─ color-name ~1.1.4 → 1.1.4
  ├─ color-name ^1.0.0 → 1.1.4
  ├─ content-type ^1.0.5 → 1.0.5
  ├─ debug ^4.4.3 → 4.4.3
  ├─ depd ~2.0.0 → 2.0.0
  ├─ ee-first 1.1.1 → 1.1.1
  ├─ encodeurl ^2.0.0 → 2.0.0
  ├─ end-of-stream ^1.1.0 → 1.4.5
  ├─ end-of-stream ^1.4.1 → 1.4.5
  ├─ es-errors ^1.3.0 → 1.3.0
  ├─ escape-html ^1.0.3 → 1.0.3
  ├─ etag ^1.8.1 → 1.8.1
  ├─ fast-string-width ^3.0.2
  ├─ fresh ^2.0.0
  ├─ fs-constants ^1.0.0 → 1.0.0
  ├─ get-intrinsic ^1.2.5 → 1.3.1
  ├─ http-errors ~2.0.1 → 2.0.1
  ├─ http-errors ^2.0.1 → 2.0.1
  ├─ iconv-lite ~0.7.0 → 0.7.2
  ├─ inherits ~2.0.4 → 2.0.4
  ├─ inherits ^2.0.3 → 2.0.4
  ├─ media-typer ^1.1.0 → 1.1.0
  ├─ mime-db 1.52.0
  ├─ mime-db ^1.54.0 → 1.54.0
  ├─ mime-types ^3.0.2 → 3.0.2
  ├─ mime-types ^3.0.0 → 3.0.2
  ├─ ms ^2.1.3 → 2.1.3
  ├─ object-inspect ^1.13.4 → 1.13.4
  ├─ object-inspect ^1.13.3 → 1.13.4
  ├─ on-finished ^2.4.1 → 2.4.1
  ├─ once ^1.3.1 → 1.4.0
  ├─ once ^1.4.0 → 1.4.0
  ├─ range-parser ^1.2.1 → 1.2.1
  ├─ readable-stream ^3.1.1 → 3.6.2
  ├─ safer-buffer >= 2.1.2 < 3 → 2.1.2
  ├─ safer-buffer >= 2.1.2 < 3.0.0 → 2.1.2
  ├─ setprototypeof ~1.2.0 → 1.2.0
  ├─ side-channel ^1.1.0 → 1.1.0
  ├─ side-channel-list ^1.0.0 → 1.0.1
  ├─ side-channel-map ^1.0.1 → 1.0.1
  ├─ side-channel-weakmap ^1.0.2 → 1.0.2
  ├─ simple-swizzle ^0.2.2 → 0.2.4
  ├─ statuses ~2.0.2 → 2.0.2
  ├─ statuses ^2.0.2 → 2.0.2
  ├─ toidentifier ~1.0.1 → 1.0.1
  ├─ unpipe ~1.0.0 → 1.0.0
├─ wrappy 1 → 1.0.2
  ├─ async-function ^1.0.0
  ├─ async-generator-function ^1.0.0 → 1.0.0
  ├─ buffer ^5.5.0 → 5.7.1
  ├─ call-bind-apply-helpers ^1.0.2 → 1.0.2
  ├─ call-bound ^1.0.2 → 1.0.4
  ├─ depd ~2.0.0 → 2.0.0
  ├─ ee-first 1.1.1 → 1.1.1
  ├─ es-define-property ^1.0.1 → 1.0.1
  ├─ es-errors ^1.3.0 → 1.3.0
  ├─ es-object-atoms ^1.1.1 → 1.1.2
  ├─ function-bind ^1.1.2 → 1.1.2
  ├─ generator-function ^2.0.0 → 2.0.1
  ├─ get-intrinsic ^1.2.5 → 1.3.1
  ├─ get-intrinsic ^1.3.0 → 1.3.1
  ├─ get-proto ^1.0.1
  ├─ gopd ^1.2.0 → 1.2.0
  ├─ has-symbols ^1.1.0 → 1.1.0
  ├─ hasown ^2.0.2 → 2.0.4
  ├─ inherits ^2.0.4 → 2.0.4
  ├─ inherits ~2.0.4 → 2.0.4
  ├─ inherits ^2.0.3 → 2.0.4
  ├─ is-arrayish ^0.3.1
  ├─ math-intrinsics ^1.1.0 → 1.1.0
  ├─ mime-db ^1.54.0 → 1.54.0
  ├─ ms ^2.1.3 → 2.1.3
  ├─ object-inspect ^1.13.4 → 1.13.4
  ├─ object-inspect ^1.13.3 → 1.13.4
  ├─ once ^1.4.0 → 1.4.0
  ├─ readable-stream ^3.4.0 → 3.6.2
  ├─ safer-buffer >= 2.1.2 < 3.0.0 → 2.1.2
  ├─ setprototypeof ~1.2.0 → 1.2.0
  ├─ side-channel-list ^1.0.0 → 1.0.1
  ├─ side-channel-map ^1.0.1 → 1.0.1
  ├─ side-channel-weakmap ^1.0.2 → 1.0.2
  ├─ statuses ~2.0.2 → 2.0.2
  ├─ string_decoder ^1.1.1 → 1.3.0
  ├─ toidentifier ~1.0.1 → 1.0.1
  ├─ util-deprecate ^1.0.1 → 1.0.2
├─ wrappy 1 → 1.0.2
  ├─ async-function ^1.0.0
  ├─ async-generator-function ^1.0.0 → 1.0.0
  ├─ base64-js ^1.3.1 → 1.5.1
  ├─ call-bind-apply-helpers ^1.0.2 → 1.0.2
  ├─ call-bound ^1.0.2 → 1.0.4
  ├─ es-define-property ^1.0.1 → 1.0.1
  ├─ es-errors ^1.3.0 → 1.3.0
  ├─ es-object-atoms ^1.1.1 → 1.1.2
  ├─ function-bind ^1.1.2 → 1.1.2
  ├─ generator-function ^2.0.0 → 2.0.1
  ├─ get-intrinsic ^1.2.5 → 1.3.1
  ├─ get-intrinsic ^1.3.0 → 1.3.1
  ├─ get-proto ^1.0.1
  ├─ gopd ^1.2.0 → 1.2.0
  ├─ has-symbols ^1.1.0 → 1.1.0
  ├─ hasown ^2.0.2 → 2.0.4
  ├─ ieee754 ^1.1.13 → 1.2.1
  ├─ inherits ^2.0.3 → 2.0.4
  ├─ math-intrinsics ^1.1.0 → 1.1.0
  ├─ object-inspect ^1.13.3 → 1.13.4
  ├─ object-inspect ^1.13.4 → 1.13.4
  ├─ safe-buffer ~5.2.0 → 5.2.1
  ├─ side-channel-map ^1.0.1 → 1.0.1
  ├─ string_decoder ^1.1.1 → 1.3.0
  ├─ util-deprecate ^1.0.1 → 1.0.2
├─ wrappy 1 → 1.0.2
  ├─ async-function ^1.0.0
  ├─ async-generator-function ^1.0.0 → 1.0.0
  ├─ call-bind-apply-helpers ^1.0.2 → 1.0.2
  ├─ call-bound ^1.0.2 → 1.0.4
  ├─ es-define-property ^1.0.1 → 1.0.1
  ├─ es-errors ^1.3.0 → 1.3.0
  ├─ es-object-atoms ^1.1.1 → 1.1.2
  ├─ function-bind ^1.1.2 → 1.1.2
  ├─ generator-function ^2.0.0 → 2.0.1
  ├─ get-intrinsic ^1.2.5 → 1.3.1
  ├─ get-intrinsic ^1.3.0 → 1.3.1
  ├─ get-proto ^1.0.1
  ├─ gopd ^1.2.0 → 1.2.0
  ├─ has-symbols ^1.1.0 → 1.1.0
  ├─ hasown ^2.0.2 → 2.0.4
  ├─ math-intrinsics ^1.1.0 → 1.1.0
  ├─ object-inspect ^1.13.3 → 1.13.4
├─ safe-buffer ~5.2.0 → 5.2.1
  ├─ async-function ^1.0.0
  ├─ async-generator-function ^1.0.0 → 1.0.0
  ├─ call-bind-apply-helpers ^1.0.2 → 1.0.2
  ├─ es-define-property ^1.0.1 → 1.0.1
  ├─ es-errors ^1.3.0 → 1.3.0
  ├─ es-object-atoms ^1.1.1 → 1.1.2
  ├─ function-bind ^1.1.2 → 1.1.2
  ├─ generator-function ^2.0.0 → 2.0.1
  ├─ get-intrinsic ^1.3.0 → 1.3.1
  ├─ get-proto ^1.0.1
  ├─ gopd ^1.2.0 → 1.2.0
  ├─ has-symbols ^1.1.0 → 1.1.0
  ├─ hasown ^2.0.2 → 2.0.4
├─ math-intrinsics ^1.1.0 → 1.1.0
  ├─ async-function ^1.0.0
  ├─ async-generator-function ^1.0.0 → 1.0.0
  ├─ call-bind-apply-helpers ^1.0.2 → 1.0.2
  ├─ es-define-property ^1.0.1 → 1.0.1
  ├─ es-errors ^1.3.0 → 1.3.0
  ├─ es-object-atoms ^1.1.1 → 1.1.2
  ├─ function-bind ^1.1.2 → 1.1.2
  ├─ generator-function ^2.0.0 → 2.0.1
  ├─ get-proto ^1.0.1
  ├─ gopd ^1.2.0 → 1.2.0
  ├─ has-symbols ^1.1.0 → 1.1.0
  ├─ hasown ^2.0.2 → 2.0.4
  ├─ math-intrinsics ^1.1.0 → 1.1.0

Changes from v0.9.36

Dependency Changes

ChangePackageVersion
added zod ^4.3.6
added @a2a-js/sdk ^0.3.10
added @noble/ciphers ^2.1.1
added @huggingface/transformers ^3.8.1
added @modelcontextprotocol/sdk ^1.27.1
changed better-sqlite3 ^12.6.2 → ^12.8.0

Script Changes

+ prepare+ test:push+ test:flaky+ postinstall+ check:release+ generate:manifest+ check:pre-push-gate

File Changes

1115 added 0 removed 238 modified size delta: +8671.6 KB

Risk Dispositions (1 applicable to this version, 1 other)

Accepted rules are downgraded to INFO on future analyses; rejected rules escalate to CRITICAL.

Rule Source Disposition Author Reason
install-script:postinstall install-scripts reject AI AI (install-scripts): Publisher has 3 prior rejections and was first seen 1 day ago; postinstall running child_process execSync is unacceptable from this untrusted publisher.
Show 1 disposition(s) that do not match any finding on this version
Rule Source Disposition Author Reason
regressed-provenance provenance reject AI AI (provenance): Provenance regression combined with a suspicious new publisher is a strong account-compromise signal; this judgment generalizes until provenance is restored via legitimate CI/CD.

SAST Findings (2)

HIGH Package has 'postinstall' script install-scripts

Script: node scripts/fix-better-sqlite3.cjs

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

Review Summary

Risk score: 100 (capped from 365). Findings: 1 high (+25), 34 medium (+340), 1 info (+0).

Commit: f644b8996532 Browse source

Published to npm: