Run npm audit signatures #3238
Unanswered
vitalik203
asked this question in
Commit Convention
Replies: 1 comment
-
See context in semantic-release/npm#763 (comment) tl;dr update your npm cli to the latest version |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
npm audit signatures
shell: /usr/bin/bash -e {0}
audited 552 packages in 4s
545 packages have verified registry signatures
55 packages have verified attestations
7 packages have invalid attestations:
@semantic-release/commit-analyzer@12.0.0 (https://registry.npmjs.org/)
@semantic-release/github@10.0.2 (https://registry.npmjs.org/)
@semantic-release/npm@12.0.0 (https://registry.npmjs.org/)
axios@1.6.8 (https://registry.npmjs.org/)
playwright@1.42.1 (https://registry.npmjs.org/)
playwright-core@1.42.1 (https://registry.npmjs.org/)
semantic-release@23.0.5 (https://registry.npmjs.org/)
Someone might have tampered with these packages since they were published on the registry!
Process completed with exit code 1.
Beta Was this translation helpful? Give feedback.
All reactions