libnpmpack
Programmatic API for the bits behind npm pack
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| provenance | missing-githead | AI (provenance): libnpmpack is an npm CLI workspace package published by the npm team (gar). Missing gitHead reflects a CI/CD pipeline change, not a security concern, consistent across npm CLI workspace packages. | ai | |
| publish-pattern | new-deps-added | AI (publish-pattern): @npmcli/arborist is a first-party npm CLI team package; its addition to libnpmpack is functionally appropriate and not a suspicious third-party dependency. | ai | |
| maintainer-change | maintainer-takeover | AI (maintainer-change): Transition from claudiahdz to the npm CLI team at GitHub (fritzy, darcyclarke, nlf, gar, lukekarrys) is a documented, legitimate org-level maintainer change for official npm tooling packages. | ai | |
| provenance | publisher-changed | AI (provenance): Publisher change reflects the npm team transition at GitHub; fritzy is a known npm CLI team member publishing official npm workspace packages. | ai | |
| maintainer-change | maintainer-added | AI (maintainer-change): New maintainers are all known npm CLI team members at GitHub; addition is consistent with org-level team management of official npm packages. | ai | |
| dependencies | unvetted-dep:move-concurrently | AI (dependencies): move-concurrently is a standard file-move utility used throughout npm tooling; no security concerns for this npm official package. | ai | |
| dependencies | unvetted-dep:byte-size | AI (dependencies): byte-size is a well-known, widely-used byte formatting utility with no security concerns; stable false positive for this npm official package. | ai | |
| maintainer-change | maintainer-removed | AI (maintainer-change): gar and hashtagchris are former npm employees; removal reflects normal org personnel changes for this long-lived npm/GitHub org package. | ai | |
| dependencies | unvetted-dep:pacote | AI (dependencies): pacote is a core npm CLI dependency maintained by the npm/GitHub org; unvetted status reflects coverage gap, not real risk. | ai | |
| dependencies | unvetted-dep:@npmcli/arborist | AI (dependencies): @npmcli/arborist is a core npm CLI dependency maintained by the npm/GitHub org; unvetted status reflects coverage gap, not real risk. | ai | |
| dependencies | unvetted-dep:@npmcli/run-script | AI (dependencies): @npmcli/run-script is a core npm CLI dependency maintained by the npm/GitHub org; unvetted status reflects coverage gap, not real risk. | ai | |
| provenance | no-provenance | AI (provenance): libnpmpack is an official npm CLI workspace package; lack of Sigstore provenance is common and not a risk indicator for this well-known package. | ai |
Versions (showing 51 of 81)
| Version | Deps | Published |
|---|---|---|
| 9.1.9 | 4 / 5 | |
| 9.1.8 | 4 / 5 | |
| 9.1.7 | 4 / 5 | |
| 9.1.6 | 4 / 5 | |
| 9.1.5 | 4 / 5 | |
| 9.1.4 | 4 / 5 | |
| 9.1.3 | 4 / 5 | |
| 9.1.2 | 4 / 5 | |
| 9.1.1 | 4 / 5 | |
| 9.1.0 | 4 / 5 | |
| 9.0.13 | 4 / 5 | |
| 9.0.12 | 4 / 5 | |
| 9.0.11 | 4 / 5 | |
| 9.0.10 | 4 / 5 | |
| 9.0.9 | 4 / 5 | |
| 9.0.8 | 4 / 5 | |
| 9.0.7 | 4 / 5 | |
| 9.0.6 | 4 / 5 | |
| 9.0.5 | 4 / 5 | |
| 9.0.4 | 4 / 5 | |
| 9.0.3 | 4 / 5 | |
| 9.0.2 | 4 / 5 | |
| 9.0.1 | 4 / 5 | |
| 9.0.0 | 4 / 5 | |
| 8.0.5 | 4 / 5 | |
| 8.0.4 | 4 / 5 | |
| 8.0.3 | 4 / 5 | |
| 8.0.2 | 4 / 5 | |
| 8.0.1 | 4 / 5 | |
| 8.0.0 | 4 / 5 | |
| 7.0.4 | 4 / 5 | |
| 7.0.3 | 4 / 5 | |
| 7.0.2 | 4 / 5 | |
| 7.0.1 | 4 / 5 | |
| 7.0.0 | 4 / 5 | |
| 6.0.9 | 4 / 5 | |
| 6.0.8 | 4 / 5 | |
| 6.0.7 | 4 / 5 | |
| 6.0.6 | 4 / 5 | |
| 6.0.5 | 4 / 5 | |
| 6.0.4 | 4 / 5 | |
| 6.0.3 | 4 / 5 | |
| 6.0.2 | 4 / 5 | |
| 6.0.1 | 4 / 5 | |
| 6.0.0 | 4 / 5 | |
| 5.0.21 | 4 / 5 | |
| 5.0.20 | 4 / 5 | |
| 5.0.19 | 4 / 5 | |
| 5.0.18 | 4 / 5 | |
| 5.0.17 | 4 / 5 | |
| 5.0.16 | 4 / 5 |
v9.1.9
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v9.1.8
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v9.1.7
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v9.1.6
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v9.1.5
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v9.1.4
3 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: gar.
[Accepted risk] This version was published by a different npm account than previous versions on 2026-03-11. This could indicate a legitimate maintainer transition or an account compromise.
v9.1.3
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v9.1.2
2 findingsThis version was published by a different npm account than previous versions on 2026-02-19. This could indicate a legitimate maintainer transition or an account compromise.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v9.1.1
2 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version was published by a different npm account than previous versions on 2026-02-11. This could indicate a legitimate maintainer transition or an account compromise.
v9.1.0
2 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: gar.
v9.0.13
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v9.0.12
2 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version was published by a different npm account than previous versions on 2025-12-09. This could indicate a legitimate maintainer transition or an account compromise.
v9.0.11
2 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version was published by a different npm account than previous versions on 2025-11-25. This could indicate a legitimate maintainer transition or an account compromise.
v9.0.10
2 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version was published by a different npm account than previous versions on 2025-11-19. This could indicate a legitimate maintainer transition or an account compromise.
v9.0.9
2 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version was published by a different npm account than previous versions on 2025-10-08. This could indicate a legitimate maintainer transition or an account compromise.
v9.0.8
2 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version was published by a different npm account than previous versions on 2025-09-24. This could indicate a legitimate maintainer transition or an account compromise.
v9.0.7
2 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version was published by a different npm account than previous versions on 2025-09-03. This could indicate a legitimate maintainer transition or an account compromise.
v9.0.6
2 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version was published by a different npm account than previous versions on 2025-07-24. This could indicate a legitimate maintainer transition or an account compromise.
v9.0.5
3 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: gar.
[Accepted risk] This version was published by a different npm account than previous versions on 2025-06-12. This could indicate a legitimate maintainer transition or an account compromise.
v9.0.4
2 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version was published by a different npm account than previous versions on 2025-05-21. This could indicate a legitimate maintainer transition or an account compromise.
v9.0.3
2 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: gar.
v9.0.2
2 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version was published by a different npm account than previous versions on 2025-04-08. This could indicate a legitimate maintainer transition or an account compromise.
v9.0.1
2 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: gar.
v9.0.0
2 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: gar.
v8.0.5
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v8.0.4
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v8.0.3
3 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: gar.
[Accepted risk] This version was published by a different npm account than previous versions on 2026-03-11. This could indicate a legitimate maintainer transition or an account compromise.
v8.0.2
3 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: gar.
[Accepted risk] This version was published by a different npm account than previous versions on 2026-03-04. This could indicate a legitimate maintainer transition or an account compromise.
v8.0.1
3 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: gar.
[Accepted risk] This version was published by a different npm account than previous versions on 2025-06-25. This could indicate a legitimate maintainer transition or an account compromise.
v8.0.0
2 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: gar.
v7.0.4
3 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: gar.
[Accepted risk] This version was published by a different npm account than previous versions on 2024-07-10. This could indicate a legitimate maintainer transition or an account compromise.
v7.0.3
3 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: gar.
[Accepted risk] This version was published by a different npm account than previous versions on 2024-05-29. This could indicate a legitimate maintainer transition or an account compromise.
v7.0.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.0.1
3 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: gar.
[Accepted risk] This version was published by a different npm account than previous versions on 2024-04-30. This could indicate a legitimate maintainer transition or an account compromise.
v7.0.0
3 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: gar.
[Accepted risk] This version was published by a different npm account than previous versions on 2024-04-25. This could indicate a legitimate maintainer transition or an account compromise.
v6.0.9
3 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: gar.
[Accepted risk] This version was published by a different npm account than previous versions on 2024-04-10. This could indicate a legitimate maintainer transition or an account compromise.
v6.0.8
2 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version was published by a different npm account than previous versions on 2024-04-03. This could indicate a legitimate maintainer transition or an account compromise.
v6.0.7
2 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: gar.
v6.0.6
2 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: gar.
v6.0.5
2 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: gar.
v6.0.4
4 findingsAll previous maintainers (claudiahdz) were replaced by new maintainers (npm-cli-ops, saquibkhan, fritzy, gar, lukekarrys). This is a strong signal of a potential package hijack and requires careful review.
This version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: gar.
This version was published by a different npm account than previous versions on 2023-12-06. This could indicate a legitimate maintainer transition or an account compromise.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v6.0.3
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v6.0.2
2 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version was published by a different npm account than previous versions on 2023-10-03. This could indicate a legitimate maintainer transition or an account compromise.
v6.0.1
2 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version was published by a different npm account than previous versions on 2023-09-08. This could indicate a legitimate maintainer transition or an account compromise.
v6.0.0
2 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version was published by a different npm account than previous versions on 2023-08-31. This could indicate a legitimate maintainer transition or an account compromise.
v5.0.21
2 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: gar.
v5.0.20
3 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: gar.
[Accepted risk] This version was published by a different npm account than previous versions on 2023-10-06. This could indicate a legitimate maintainer transition or an account compromise.
v5.0.19
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v5.0.18
2 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: gar.
v5.0.17
2 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: gar.
v5.0.16
3 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
[Accepted risk] This version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: gar.
[Accepted risk] This version was published by a different npm account than previous versions on 2023-04-19. This could indicate a legitimate maintainer transition or an account compromise.