sinon-chai (BSD-2-Clause OR WTFPL) 36 versions

sinon-chai

npm Repository Homepage

Extends Chai with assertions for the Sinon.JS mocking framework.

36

Versions

(BSD-2-Clause OR WTFPL)

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

domenicchaijssimondel

Keywords

chaichai-pluginbrowservendormocks-and-spiessinontestingspiesstubsmocks

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
provenance	publisher-changed	AI (provenance): simondel is a long-standing maintainer (1857 days, 36 approved versions). Legitimate maintainer transition for sinon-chai.	ai	2026/04/24
license	uncommon-license:WTFPL	AI (license): Dual-licensed (BSD-2-Clause OR WTFPL); BSD-2-Clause is standard permissive. Stable for this package.	ai	2026/04/24

Versions (showing 36 of 36)

Version	Deps	Published
4.0.1	0 / 7	2025-08-22
4.0.0	0 / 7	2024-07-25
3.7.0	0 / 6	2021-05-25
3.6.0	0 / 6	2021-03-23
3.5.0	0 / 6	2020-02-20
3.4.0	0 / 6	2019-12-24
3.3.0	0 / 6	2018-11-26
3.2.0	0 / 6	2018-06-12
3.1.0	0 / 6	2018-05-23
3.0.0	0 / 6	2018-03-06
2.14.0	0 / 6	2017-09-28
2.13.0	0 / 7	2017-08-14
2.12.0	0 / 6	2017-07-18
2.11.0	0 / 6	2017-06-11
2.10.0	0 / 7	2017-05-01
2.9.0	0 / 7	2017-03-21
2.8.0	0 / 7	2015-06-07
2.7.0	0 / 7	2015-02-14
2.6.0	0 / 7	2014-10-05
2.5.0	0 / 7	2014-01-25
2.4.0	0 / 7	2013-04-20
2.3.1	1 / 6	2013-01-09
2.3.0	1 / 6	2012-12-16
2.2.0	1 / 6	2012-11-13
2.1.2	1 / 5	2012-06-14
2.1.1	1 / 5	2012-06-14
2.1.0	1 / 5	2012-05-26
2.0.1	1 / 5	2012-05-15
2.0.0	1 / 5	2012-05-15
1.3.1	1 / 5	2012-04-27
1.3.0	1 / 5	2012-04-21
1.2.2	1 / 4	2012-04-17
1.2.1	1 / 4	2012-04-15
1.2.0	1 / 4	2012-04-09
1.1.0	2 / 3	2012-03-04
1.0.0	2 / 3	2012-02-13

v3.7.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v3.6.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v3.5.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v3.4.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v3.3.0

2 findings

HIGH Publisher changed: domenic → simondel (on 2018-11-26) provenance

This version was published by a different npm account than previous versions on 2018-11-26. This could indicate a legitimate maintainer transition or an account compromise.

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v3.2.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v3.1.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v3.0.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.