openteamsinc
npm/sigstore
Risk Profile
Package
Source
Risk Profile
Maturity:
Stale
The last commit was over a year ago
Health:
Moderate Risk
Package is at least a year ahead of the source code
Legal:
Moderate Risk
Package license does not match the source code license
License includes a patent grant clause
Security:
Healthy
Package
npm
sigstore
Version
3.1.0
Last Release Date
5 months ago
License
Apache-2.0
Dependencies
@sigstore/bundle
^3.1.0
@sigstore/core
^2.0.0
@sigstore/protobuf-specs
^0.4.0
@sigstore/sign
^3.1.0
@sigstore/tuf
^3.1.0
@sigstore/verify
^2.1.0
Source
Location
sigstore/sigstore-js
Last Source Update
over 1 year ago
Licenses
Apache License 2.0
Apache License 2.0
Apache License 2.0
Apache License 2.0
Apache License 2.0
Apache License 2.0
Apache License 2.0
Apache License 2.0
Apache License 2.0
Apache License 2.0
Distribution Destinations
npm/sigstore-monorepo
npm/@sigstore/cli
npm/@sigstore/oci
npm/@sigstore/tuf
npm/@sigstore/core
npm/@sigstore/jest
npm/@sigstore/mock
npm/@sigstore/sign
npm/@sigstore/bundle
npm/sigstore
npm/@sigstore/verify
npm/@types/sigstore-jest-extended
npm/@sigstore/conformance
npm/@sigstore/mock-server
npm/@sigstore/rekor-types
