Package Health

k2gl/composer-attest

Composer plugin that verifies GitHub build-provenance attestations for the packages you install.

Latest 1.1.0PackagistPackagist

69%

Total Score

Dependencies
Dependencies
Evaluates the health and security of package dependencies

100

Maturity
Maturity
Indicates package age, release frequency, and adoption metrics

6

Supply Chain
Supply Chain
Evaluates supply chain security practices and risks

100

Vulnerabilities

We didn't find any vulnerabilities for this package.

Package versions

Maintainers

Nick Harin

Direct Dependencies

DependencyLast ReleaseScore
k2gl/sigstore-verify
Version ^1.4

Weekly Downloads

Info

Last Published
1 hour ago
Created
1 day ago