← Home

readdir-cluster

npm Repository Homepage

Create a cluster of workers to iterate through the filesystem

33
Versions
Artistic-2.0
License
No
Install Scripts
Missing
Provenance

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures gitHead linked

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

bevryme

Keywords

clusterdirectoryes2015es2017es2022es5export-defaultfolderfsnestednodereaddirrecursivescantreetypedtypestypescriptwatchwatchingwatchman

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
source-diff large-new-source-files AI (source-diff): bevry packages ship multiple compiled TypeScript editions (ES5/ES2015/ES2017/ES2022/ESM/types); large file counts are expected and stable for this package. ai
source-diff source-size-tripled AI (source-diff): Size increase is due to shipping 7 compiled editions from TypeScript source; this is the documented bevry multi-edition build pattern, stable for this package. ai
publish-pattern new-deps-added AI (publish-pattern): The 'editions' dependency is a bevry-maintained package for multi-edition module resolution, published by the same org. Not a suspicious addition. ai

Versions (showing 33 of 33)

Version Deps Published
6.0.0 1 / 15
5.3.0 0 / 10
5.2.0 0 / 10
5.1.0 0 / 10
5.0.0 0 / 10
4.0.0 0 / 10
3.18.0 0 / 10
3.17.0 0 / 10
3.16.0 0 / 10
3.15.0 0 / 10
3.14.0 0 / 10
3.13.0 0 / 10
3.12.0 0 / 10
3.11.0 0 / 10
3.10.0 0 / 10
3.9.0 0 / 10
3.8.0 0 / 10
3.7.0 1 / 10
3.6.0 0 / 10
3.5.0 0 / 10
3.4.0 0 / 10
3.3.0 0 / 10
3.2.0 0 / 10
3.1.0 0 / 10
3.0.0 0 / 10
2.3.0 0 / 9
2.2.0 0 / 9
2.1.0 0 / 9
2.0.0 0 / 9
1.3.0 1 / 13
1.1.0 1 / 8
1.0.1 1 / 7
1.0.0 1 / 8

v6.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v5.3.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v5.2.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v5.1.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v5.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.