Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: move health check to header #218

Merged
merged 6 commits into from
Jan 29, 2025
Merged

feat: move health check to header #218

merged 6 commits into from
Jan 29, 2025

Conversation

alex-mcgovern
Copy link
Collaborator

@alex-mcgovern alex-mcgovern commented Jan 29, 2025
edited
Loading

  • prepatory step for showing token usage in dashboard
  • move "health check" to it's own menu item in the header, so we can begin re-styling the cards in the dashboard page
  • closes Move "health check" widget to header #197
Screen.Recording.2025-01-29.at.9.03.16.AM.mov

@stacklok-cloud-staging Stacklok Cloud (Staging)
Copy link

Minder Vulnerability Report ✅

Minder analyzed this PR and found it does not add any new vulnerable dependencies.

Vulnerability scan of b8b3b986:

  • 🐞 vulnerable packages: 0
  • 🛠 fixes available for: 0

stacklok-cloud-staging[bot]
stacklok-cloud-staging bot reviewed Jan 29, 2025
View reviewed changes
Copy link

@stacklok-cloud-staging stacklok-cloud-staging bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dependency Information

Minder analyzed the dependencies introduced in this pull request and detected that some dependencies do not meet your security profile.

📦 Dependency: @nodelib/fs.scandir

Trusty Score: 0

Scoring details
Component Score
Package activity 4.6
Repository activity 2.5
User activity 6.7
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 19
Number of git tags or releases 71
Versions matched to tags or releases 18

📦 Dependency: @nodelib/fs.stat

Trusty Score: 0

Scoring details
Component Score
Package activity 4.6
Repository activity 2.5
User activity 6.7
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 15
Number of git tags or releases 67
Versions matched to tags or releases 14

📦 Dependency: @nodelib/fs.walk

Trusty Score: 0

Scoring details
Component Score
Package activity 4.6
Repository activity 2.5
User activity 6.7
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 16
Number of git tags or releases 71
Versions matched to tags or releases 15

📦 Dependency: @snyk/github-codeowners

Trusty Score: 0

Scoring details
Component Score
Package activity 5.4
Repository activity 3.8
User activity 7
Provenance unknown
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 2
Number of git tags or releases 1
Versions matched to tags or releases 1

📦 Dependency: aggregate-error

Trusty Score: 0

Scoring details
Component Score
Package activity 6.4
Repository activity 3.2
User activity 9.6
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 8
Number of git tags or releases 7
Versions matched to tags or releases 7

📦 Dependency: ansi-regex

Trusty Score: 0

Scoring details
Component Score
Package activity 6.8
Repository activity 3.7
User activity 9.8
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 15
Number of git tags or releases 14
Versions matched to tags or releases 14

📦 Dependency: clean-stack

Trusty Score: 0

Scoring details
Component Score
Package activity 6.5
Repository activity 3.4
User activity 9.7
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 10
Number of git tags or releases 9
Versions matched to tags or releases 9

📦 Dependency: clone

Trusty Score: 0

Scoring details
Component Score
Package activity 6.7
Repository activity 4.9
User activity 8.5
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 38
Number of git tags or releases 37
Versions matched to tags or releases 35

📦 Dependency: commander

Trusty Score: 0

Scoring details
Component Score
Package activity 8.7
Repository activity 7.3
User activity 10
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 75
Number of git tags or releases 70
Versions matched to tags or releases 50
Alternatives
Package Score Description
yargs 0
minimist 0

📦 Dependency: defaults

Trusty Score: 0

Scoring details
Component Score
Package activity 5.6
Repository activity 2.1
User activity 9.1
Provenance unknown
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 5
Number of git tags or releases 2
Versions matched to tags or releases 2

📦 Dependency: easy-table

Trusty Score: 0

Scoring details
Component Score
Package activity 5.3
Repository activity 3.6
User activity 7.1
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 9
Number of git tags or releases 9
Versions matched to tags or releases 7
Alternatives
Package Score Description
cli-table 0
table 0
tty-table 0

📦 Dependency: enhanced-resolve

Trusty Score: 0

Scoring details
Component Score
Package activity 7.3
Repository activity 5.5
User activity 9.2
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 131
Number of git tags or releases 78
Versions matched to tags or releases 73

📦 Dependency: fast-glob

Trusty Score: 0

Scoring details
Component Score
Package activity 7.1
Repository activity 5.1
User activity 9.2
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 44
Number of git tags or releases 40
Versions matched to tags or releases 37
Alternatives
Package Score Description
glob 0
micromatch 0

📦 Dependency: graceful-fs

Trusty Score: 0

Scoring details
Component Score
Package activity 7.3
Repository activity 5.2
User activity 9.4
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 69
Number of git tags or releases 68
Versions matched to tags or releases 67

📦 Dependency: jiti

Trusty Score: 0

Scoring details
Component Score
Package activity 7
Repository activity 4.5
User activity 9.5
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 100
Number of git tags or releases 97
Versions matched to tags or releases 95
Alternatives
Package Score Description
ts-node 0

📦 Dependency: knip

Trusty Score: 0

Alternatives
Package Score Description
depcheck 0

📦 Dependency: p-map

Trusty Score: 0

Scoring details
Component Score
Package activity 7.1
Repository activity 4.4
User activity 9.8
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 8
Number of git tags or releases 7
Versions matched to tags or releases 7

📦 Dependency: parse-ms

Trusty Score: 0

Scoring details
Component Score
Package activity 6.2
Repository activity 2.8
User activity 9.6
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 9
Number of git tags or releases 8
Versions matched to tags or releases 8

📦 Dependency: picomatch

Trusty Score: 0

Scoring details
Component Score
Package activity 7
Repository activity 4.7
User activity 9.3
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 28
Number of git tags or releases 23
Versions matched to tags or releases 23
Alternatives
Package Score Description
glob 0
micromatch 0
minimatch 0

📦 Dependency: pretty-ms

Trusty Score: 0

Scoring details
Component Score
Package activity 7
Repository activity 4
User activity 10
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 27
Number of git tags or releases 27
Versions matched to tags or releases 26

📦 Dependency: smol-toml

Trusty Score: 0

Scoring details
Component Score
Package activity 4.8
Repository activity 2.7
User activity 6.8
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 13
Number of git tags or releases 12
Versions matched to tags or releases 11
Alternatives
Package Score Description
toml 0

📦 Dependency: strip-json-comments

Trusty Score: 0

Scoring details
Component Score
Package activity 6.9
Repository activity 3.9
User activity 9.9
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 18
Number of git tags or releases 18
Versions matched to tags or releases 17

📦 Dependency: summary

Trusty Score: 0

Scoring details
Component Score
Package activity 4.6
Repository activity 1.7
User activity 7.6
Provenance unknown

📦 Dependency: tapable

Trusty Score: 0

Scoring details
Component Score
Package activity 7.8
Repository activity 6
User activity 9.5
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 48
Number of git tags or releases 39
Versions matched to tags or releases 35

📦 Dependency: wcwidth

Trusty Score: 0

Scoring details
Component Score
Package activity 4.6
Repository activity 2.4
User activity 6.7
Provenance unknown
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 3
Number of git tags or releases 1
Versions matched to tags or releases 1

📦 Dependency: zod

Trusty Score: 0

Scoring details
Component Score
Package activity 8.3
Repository activity 8
User activity 8.6
Provenance verified_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 366
Number of git tags or releases 92
Versions matched to tags or releases 76

This package has been digitally signed using sigtore.
Source repository https://github.com/colinhacks/zod
Cerificate Issuer CN=sigstore-intermediate,O=sigstore.dev
GitHub action workflow .github/workflows/release.yml
Rekor (public ledger) entry https://search.sigstore.dev/?logIndex=154600538
Alternatives
Package Score Description
yup 0
joi 0
io-ts 0

📦 Dependency: zod-validation-error

Trusty Score: 0

Scoring details
Component Score
Package activity 4.9
Repository activity 3.7
User activity 6.1
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 30
Number of git tags or releases 26
Versions matched to tags or releases 26

stacklok-cloud-staging[bot]
stacklok-cloud-staging bot reviewed Jan 29, 2025
View reviewed changes
Copy link

@stacklok-cloud-staging stacklok-cloud-staging bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dependency Information

Minder analyzed the dependencies introduced in this pull request and detected that some dependencies do not meet your security profile.

📦 Dependency: @nodelib/fs.scandir

Trusty Score: 0

Scoring details
Component Score
Package activity 4.6
Repository activity 2.5
User activity 6.7
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 19
Number of git tags or releases 71
Versions matched to tags or releases 18
Alternatives
Package Score Description
klaw 0

📦 Dependency: @nodelib/fs.stat

Trusty Score: 0

Scoring details
Component Score
Package activity 4.6
Repository activity 2.5
User activity 6.7
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 15
Number of git tags or releases 67
Versions matched to tags or releases 14

📦 Dependency: @nodelib/fs.walk

Trusty Score: 0

Scoring details
Component Score
Package activity 4.6
Repository activity 2.5
User activity 6.7
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 16
Number of git tags or releases 71
Versions matched to tags or releases 15

📦 Dependency: @snyk/github-codeowners

Trusty Score: 0

Scoring details
Component Score
Package activity 5.4
Repository activity 3.9
User activity 7
Provenance unknown
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 2
Number of git tags or releases 1
Versions matched to tags or releases 1
Alternatives
Package Score Description
codeowners 0

📦 Dependency: aggregate-error

Trusty Score: 0

Scoring details
Component Score
Package activity 6.4
Repository activity 3.2
User activity 9.6
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 8
Number of git tags or releases 7
Versions matched to tags or releases 7

📦 Dependency: ansi-regex

Trusty Score: 0

Scoring details
Component Score
Package activity 6.8
Repository activity 3.8
User activity 9.8
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 15
Number of git tags or releases 14
Versions matched to tags or releases 14
Alternatives
Package Score Description
ansi-styles 0

📦 Dependency: clean-stack

Trusty Score: 0

Scoring details
Component Score
Package activity 6.6
Repository activity 3.4
User activity 9.7
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 10
Number of git tags or releases 9
Versions matched to tags or releases 9

📦 Dependency: clone

Trusty Score: 0

Scoring details
Component Score
Package activity 6.7
Repository activity 4.9
User activity 8.6
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 38
Number of git tags or releases 37
Versions matched to tags or releases 35

📦 Dependency: commander

Trusty Score: 0

Scoring details
Component Score
Package activity 8.6
Repository activity 7.1
User activity 10
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 75
Number of git tags or releases 70
Versions matched to tags or releases 50
Alternatives
Package Score Description
yargs 0
minimist 0

📦 Dependency: defaults

Trusty Score: 0

Scoring details
Component Score
Package activity 5.6
Repository activity 2.1
User activity 9.1
Provenance unknown
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 5
Number of git tags or releases 2
Versions matched to tags or releases 2

📦 Dependency: easy-table

Trusty Score: 0

Scoring details
Component Score
Package activity 5.3
Repository activity 3.5
User activity 7.1
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 9
Number of git tags or releases 9
Versions matched to tags or releases 7
Alternatives
Package Score Description
cli-table 0
table 0
tty-table 0

📦 Dependency: enhanced-resolve

Trusty Score: 0

Scoring details
Component Score
Package activity 7.3
Repository activity 5.5
User activity 9.2
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 131
Number of git tags or releases 78
Versions matched to tags or releases 73

📦 Dependency: fast-glob

Trusty Score: 0

Scoring details
Component Score
Package activity 7.1
Repository activity 5.1
User activity 9.2
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 44
Number of git tags or releases 40
Versions matched to tags or releases 37
Alternatives
Package Score Description
glob 0
micromatch 0

📦 Dependency: graceful-fs

Trusty Score: 0

Scoring details
Component Score
Package activity 7.1
Repository activity 5.2
User activity 8.9
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 69
Number of git tags or releases 68
Versions matched to tags or releases 67

📦 Dependency: jiti

Trusty Score: 0

Scoring details
Component Score
Package activity 7.1
Repository activity 4.6
User activity 9.5
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 100
Number of git tags or releases 97
Versions matched to tags or releases 95
Alternatives
Package Score Description
ts-node 0

📦 Dependency: knip

Trusty Score: 0

Scoring details
Component Score
Package activity 7.3
Repository activity 5.8
User activity 8.7
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 435
Number of git tags or releases 388
Versions matched to tags or releases 175
Alternatives
Package Score Description
depcheck 0

📦 Dependency: p-map

Trusty Score: 0

Scoring details
Component Score
Package activity 7.1
Repository activity 4.5
User activity 9.8
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 8
Number of git tags or releases 7
Versions matched to tags or releases 7
Alternatives
Package Score Description
p-limit 0
p-all 0

📦 Dependency: parse-ms

Trusty Score: 0

Scoring details
Component Score
Package activity 6.2
Repository activity 2.8
User activity 9.6
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 9
Number of git tags or releases 8
Versions matched to tags or releases 8
Alternatives
Package Score Description
ms 0
millisecond 0

📦 Dependency: picomatch

Trusty Score: 0

Scoring details
Component Score
Package activity 7
Repository activity 4.7
User activity 9.3
Provenance historical_provenance_match
Typosquatting ⚠️ Dependency may be trying to impersonate a well known package
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 28
Number of git tags or releases 23
Versions matched to tags or releases 23
Alternatives
Package Score Description
glob 0
micromatch 0
minimatch 0
fast-glob 0

📦 Dependency: pretty-ms

Trusty Score: 0

Scoring details
Component Score
Package activity 7
Repository activity 4
User activity 10
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 27
Number of git tags or releases 27
Versions matched to tags or releases 26
Alternatives
Package Score Description
ms 0

📦 Dependency: smol-toml

Trusty Score: 0

Scoring details
Component Score
Package activity 4.8
Repository activity 2.8
User activity 6.8
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 13
Number of git tags or releases 12
Versions matched to tags or releases 11
Alternatives
Package Score Description
toml 0

📦 Dependency: strip-json-comments

Trusty Score: 0

Scoring details
Component Score
Package activity 6.9
Repository activity 3.9
User activity 10
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 18
Number of git tags or releases 18
Versions matched to tags or releases 17
Alternatives
Package Score Description
strip-json-comments-cli 0

📦 Dependency: summary

Trusty Score: 0

Scoring details
Component Score
Package activity 4.6
Repository activity 1.7
User activity 7.6
Provenance unknown
Alternatives
Package Score Description
simple-statistics 0
statistics 0

📦 Dependency: tapable

Trusty Score: 0

Scoring details
Component Score
Package activity 7.8
Repository activity 6
User activity 9.6
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 48
Number of git tags or releases 39
Versions matched to tags or releases 35
Alternatives
Package Score Description
hookable 0
pluggable 0

📦 Dependency: wcwidth

Trusty Score: 0

Scoring details
Component Score
Package activity 4.5
Repository activity 2.3
User activity 6.8
Provenance unknown
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 3
Number of git tags or releases 1
Versions matched to tags or releases 1

📦 Dependency: zod

Trusty Score: 0

Scoring details
Component Score
Package activity 8.3
Repository activity 8
User activity 8.6
Provenance verified_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 366
Number of git tags or releases 92
Versions matched to tags or releases 76

This package has been digitally signed using sigtore.
Source repository https://github.com/colinhacks/zod
Cerificate Issuer CN=sigstore-intermediate,O=sigstore.dev
GitHub action workflow .github/workflows/release.yml
Rekor (public ledger) entry https://search.sigstore.dev/?logIndex=154600538
Alternatives
Package Score Description
yup 0
joi 0
io-ts 0

📦 Dependency: zod-validation-error

Trusty Score: 0

Scoring details
Component Score
Package activity 5
Repository activity 3.8
User activity 6.1
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 30
Number of git tags or releases 26
Versions matched to tags or releases 26
Alternatives
Package Score Description
zod 0

stacklok-cloud-staging[bot]
stacklok-cloud-staging bot reviewed Jan 29, 2025
View reviewed changes
Copy link

@stacklok-cloud-staging stacklok-cloud-staging bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dependency Information

Minder analyzed the dependencies introduced in this pull request and detected that some dependencies do not meet your security profile.

📦 Dependency: @nodelib/fs.scandir

Trusty Score: 0

Scoring details
Component Score
Package activity 4.6
Repository activity 2.5
User activity 6.7
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 19
Number of git tags or releases 71
Versions matched to tags or releases 18
Alternatives
Package Score Description
klaw 0

📦 Dependency: @nodelib/fs.stat

Trusty Score: 0

Scoring details
Component Score
Package activity 4.6
Repository activity 2.5
User activity 6.7
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 15
Number of git tags or releases 67
Versions matched to tags or releases 14
Alternatives
Package Score Description
fs-extra-promise 0

📦 Dependency: @nodelib/fs.walk

Trusty Score: 0

Scoring details
Component Score
Package activity 4.6
Repository activity 2.5
User activity 6.7
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 16
Number of git tags or releases 71
Versions matched to tags or releases 15
Alternatives
Package Score Description
globby 0
fast-glob 0
klaw 0

📦 Dependency: @snyk/github-codeowners

Trusty Score: 0

Scoring details
Component Score
Package activity 5.4
Repository activity 3.9
User activity 7
Provenance unknown
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 2
Number of git tags or releases 1
Versions matched to tags or releases 1
Alternatives
Package Score Description
codeowners 0

📦 Dependency: aggregate-error

Trusty Score: 0

Scoring details
Component Score
Package activity 6.4
Repository activity 3.2
User activity 9.6
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 8
Number of git tags or releases 7
Versions matched to tags or releases 7

📦 Dependency: ansi-regex

Trusty Score: 0

Scoring details
Component Score
Package activity 6.8
Repository activity 3.8
User activity 9.8
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 15
Number of git tags or releases 14
Versions matched to tags or releases 14
Alternatives
Package Score Description
ansi-styles 0

📦 Dependency: clean-stack

Trusty Score: 0

Scoring details
Component Score
Package activity 6.6
Repository activity 3.4
User activity 9.7
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 10
Number of git tags or releases 9
Versions matched to tags or releases 9

📦 Dependency: clone

Trusty Score: 0

Scoring details
Component Score
Package activity 6.7
Repository activity 4.9
User activity 8.6
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 38
Number of git tags or releases 37
Versions matched to tags or releases 35
Alternatives
Package Score Description
rfdc 0
clone-deep 0
fast-copy 0

📦 Dependency: commander

Trusty Score: 0

Scoring details
Component Score
Package activity 8.6
Repository activity 7.1
User activity 10
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 75
Number of git tags or releases 70
Versions matched to tags or releases 50
Alternatives
Package Score Description
yargs 0
minimist 0

📦 Dependency: defaults

Trusty Score: 0

Scoring details
Component Score
Package activity 5.6
Repository activity 2.1
User activity 9.1
Provenance unknown
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 5
Number of git tags or releases 2
Versions matched to tags or releases 2

📦 Dependency: easy-table

Trusty Score: 0

Scoring details
Component Score
Package activity 5.3
Repository activity 3.5
User activity 7.1
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 9
Number of git tags or releases 9
Versions matched to tags or releases 7
Alternatives
Package Score Description
cli-table 0
table 0
tty-table 0

📦 Dependency: enhanced-resolve

Trusty Score: 0

Scoring details
Component Score
Package activity 7.3
Repository activity 5.5
User activity 9.2
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 131
Number of git tags or releases 78
Versions matched to tags or releases 73

📦 Dependency: fast-glob

Trusty Score: 0

Scoring details
Component Score
Package activity 7.1
Repository activity 5.1
User activity 9.2
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 44
Number of git tags or releases 40
Versions matched to tags or releases 37
Alternatives
Package Score Description
glob 0
micromatch 0

📦 Dependency: graceful-fs

Trusty Score: 0

Scoring details
Component Score
Package activity 7.1
Repository activity 5.2
User activity 8.9
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 69
Number of git tags or releases 68
Versions matched to tags or releases 67
Alternatives
Package Score Description
fs-extra-promise 0

📦 Dependency: jiti

Trusty Score: 0

Scoring details
Component Score
Package activity 7.1
Repository activity 4.6
User activity 9.5
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 100
Number of git tags or releases 97
Versions matched to tags or releases 95
Alternatives
Package Score Description
ts-node 0

📦 Dependency: knip

Trusty Score: 0

Scoring details
Component Score
Package activity 7.3
Repository activity 5.8
User activity 8.7
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 435
Number of git tags or releases 388
Versions matched to tags or releases 175
Alternatives
Package Score Description
depcheck 0

📦 Dependency: p-map

Trusty Score: 0

Scoring details
Component Score
Package activity 7.1
Repository activity 4.5
User activity 9.8
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 8
Number of git tags or releases 7
Versions matched to tags or releases 7
Alternatives
Package Score Description
p-limit 0
p-all 0

📦 Dependency: parse-ms

Trusty Score: 0

Scoring details
Component Score
Package activity 6.2
Repository activity 2.8
User activity 9.6
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 9
Number of git tags or releases 8
Versions matched to tags or releases 8
Alternatives
Package Score Description
ms 0
millisecond 0

📦 Dependency: picomatch

Trusty Score: 0

Scoring details
Component Score
Package activity 7
Repository activity 4.7
User activity 9.3
Provenance historical_provenance_match
Typosquatting ⚠️ Dependency may be trying to impersonate a well known package
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 28
Number of git tags or releases 23
Versions matched to tags or releases 23
Alternatives
Package Score Description
glob 0
micromatch 0
minimatch 0
fast-glob 0

📦 Dependency: pretty-ms

Trusty Score: 0

Scoring details
Component Score
Package activity 7
Repository activity 4
User activity 10
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 27
Number of git tags or releases 27
Versions matched to tags or releases 26
Alternatives
Package Score Description
ms 0

📦 Dependency: smol-toml

Trusty Score: 0

Scoring details
Component Score
Package activity 4.8
Repository activity 2.8
User activity 6.8
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 13
Number of git tags or releases 12
Versions matched to tags or releases 11
Alternatives
Package Score Description
toml 0

📦 Dependency: strip-json-comments

Trusty Score: 0

Scoring details
Component Score
Package activity 6.9
Repository activity 3.9
User activity 10
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 18
Number of git tags or releases 18
Versions matched to tags or releases 17
Alternatives
Package Score Description
strip-json-comments-cli 0

📦 Dependency: summary

Trusty Score: 0

Scoring details
Component Score
Package activity 4.6
Repository activity 1.7
User activity 7.6
Provenance unknown
Alternatives
Package Score Description
simple-statistics 0
statistics 0

📦 Dependency: tapable

Trusty Score: 0

Scoring details
Component Score
Package activity 7.8
Repository activity 6
User activity 9.6
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 48
Number of git tags or releases 39
Versions matched to tags or releases 35
Alternatives
Package Score Description
hookable 0
pluggable 0

📦 Dependency: wcwidth

Trusty Score: 0

Scoring details
Component Score
Package activity 4.5
Repository activity 2.3
User activity 6.8
Provenance unknown
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 3
Number of git tags or releases 1
Versions matched to tags or releases 1

📦 Dependency: zod

Trusty Score: 0

Scoring details
Component Score
Package activity 8.3
Repository activity 8
User activity 8.6
Provenance verified_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 366
Number of git tags or releases 92
Versions matched to tags or releases 76

This package has been digitally signed using sigtore.
Source repository https://github.com/colinhacks/zod
Cerificate Issuer CN=sigstore-intermediate,O=sigstore.dev
GitHub action workflow .github/workflows/release.yml
Rekor (public ledger) entry https://search.sigstore.dev/?logIndex=154600538
Alternatives
Package Score Description
yup 0
joi 0
io-ts 0

📦 Dependency: zod-validation-error

Trusty Score: 0

Scoring details
Component Score
Package activity 5
Repository activity 3.8
User activity 6.1
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 30
Number of git tags or releases 26
Versions matched to tags or releases 26
Alternatives
Package Score Description
zod 0

alex-mcgovern
alex-mcgovern commented Jan 29, 2025
View reviewed changes
knip.ts
Comment on lines +1 to +10
import type { KnipConfig } from "knip";

const config: KnipConfig = {
entry: ["src/main.tsx"],
ignore: ["src/api/generated/**/*"],
ignoreDependencies: ["husky"],
project: ["src/**/*.{js,jsx,ts,tsx}"],
};

export default config;
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Useful for finding dead code after a refactor

@coveralls
Copy link
Collaborator

coveralls commented Jan 29, 2025
edited
Loading

Pull Request Test Coverage Report for Build 13027898084

Details

  • 39 of 45 (86.67%) changed or added relevant lines in 4 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage increased (+0.3%) to 67.461%
Changes Missing Coverage Covered Lines Changed/Added Lines %
src/features/header/components/header-status-menu.tsx 36 42 85.71%
Totals Coverage Status
Change from base Build 13015218057: 0.3%
Covered Lines: 794
Relevant Lines: 1070
💛 - Coveralls

@alex-mcgovern alex-mcgovern merged commit d9652bb into main Jan 29, 2025
9 checks passed
@alex-mcgovern alex-mcgovern deleted the feat/move-health-check-to-header branch January 29, 2025 09:15
@stacklokbot stacklokbot mentioned this pull request Jan 28, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@stacklok-cloud-staging stacklok-cloud-staging[bot] stacklok-cloud-staging[bot] left review comments

@peppescg peppescg peppescg approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Move "health check" widget to header
3 participants
@alex-mcgovern @coveralls @peppescg