object.getownpropertydescriptors MIT 19 versions

object.getownpropertydescriptors

npm Repository Homepage

ES2017 spec-compliant shim for `Object.getOwnPropertyDescriptors` that works in ES5.

19

Versions

MIT

License

No

Install Scripts

Missing

Provenance

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures gitHead linked

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

ljharb

Keywords

Object.getOwnPropertyDescriptorsdescriptorproperty descriptorES8ES2017shimpolyfillgetOwnPropertyDescriptores-shim API

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
dependencies	unvetted-dep:@es-shims/api	AI (dependencies): @es-shims/api is a CLI tooling dep from the same author (ljharb) used for es-shim API compliance checks in scripts; not imported in runtime code.	ai	2026/04/24
publish-pattern	new-deps-added	AI (publish-pattern): @es-shims/api is a legitimate es-shims ecosystem tooling dependency by the same author; consistent with the package's es-shim API compliance pattern.	ai	2026/04/24
phantom-deps	phantom-dep:@es-shims/api	AI (phantom-deps): @es-shims/api is a CLI tool invoked via npm scripts, not require()'d in source — phantom detection is expected and benign here.	ai	2026/04/24
dependencies	unvetted-dep:gopd	AI (dependencies): gopd is a well-known es-shims utility by the same author (ljharb); its use in this property descriptor polyfill is entirely appropriate and stable.	ai	2026/04/23
publish-pattern	dormant-publish	AI (publish-pattern): This is a mature ES2017 polyfill; long dormancy between releases is expected. Publisher ljharb has an extensive trusted track record with no account compromise indicators.	ai	2026/04/23

Versions (showing 19 of 19)

Version	Deps	Published
2.1.9	7 / 14	2025-12-10
2.1.8	7 / 13	2024-03-20
2.1.7	5 / 13	2023-09-01
2.1.6	5 / 13	2023-04-20
2.1.5	4 / 13	2022-11-07
2.1.4	4 / 12	2022-05-20
2.1.3	3 / 9	2021-10-04
2.1.2	3 / 9	2021-02-20
2.1.1	3 / 9	2020-11-27
2.1.0	2 / 9	2019-12-13
2.0.3	2 / 9	2016-07-26
2.0.2	2 / 10	2016-02-04
2.0.1	2 / 10	2016-01-28
2.0.0	3 / 9	2016-01-28
1.0.4	2 / 8	2015-07-21
1.0.3	2 / 8	2015-06-28
1.0.2	2 / 8	2015-05-23
1.0.1	2 / 8	2015-03-20
1.0.0	2 / 7	2015-02-17

v2.1.9

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.1.8

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.1.7

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.1.6

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.1.5

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.1.4

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.1.3

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.1.2

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.1.1

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.1.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.3

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.2

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.1

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.0.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.4

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.3

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.2

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.1

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.