What is the improvement or update you wish to see?
Hi there,
It's not a bug, and not a feature request.
So, I decide post this as documentation issue.
I noticed that version 0.34.3 of @auth/core was published to npm, but it seems to be missing its provenance data. All other recent versions are signed with provenance, but this version is not.
Additionally, I couldn't find a corresponding release note or GitHub release for v0.34.3.
Could you please confirm if this version was published intentionally (e.g., a manual publish from a local environment due to CI issues), or if there is any reason to be concerned about the integrity of this release?
Thank you for your time and for maintaining this awesome project!
Is there any context that might help us understand?
git tag is here: https://github.com/nextauthjs/next-auth/releases/tag/%40auth%2Fcore%400.34.3
but, I can't find GitHub release for this.
npm package is here: https://www.npmjs.com/package/@auth/core/v/0.34.3
and not contain valid provenance.
I concerned that your npm account may be compromised.
Does the docs page already exist? Please link to it.
No response
What is the improvement or update you wish to see?
Hi there,
It's not a bug, and not a feature request.
So, I decide post this as documentation issue.
I noticed that version 0.34.3 of @auth/core was published to npm, but it seems to be missing its provenance data. All other recent versions are signed with provenance, but this version is not.
Additionally, I couldn't find a corresponding release note or GitHub release for v0.34.3.
Could you please confirm if this version was published intentionally (e.g., a manual publish from a local environment due to CI issues), or if there is any reason to be concerned about the integrity of this release?
Thank you for your time and for maintaining this awesome project!
Is there any context that might help us understand?
git tag is here: https://github.com/nextauthjs/next-auth/releases/tag/%40auth%2Fcore%400.34.3
but, I can't find GitHub release for this.
npm package is here: https://www.npmjs.com/package/@auth/core/v/0.34.3
and not contain valid provenance.
I concerned that your npm account may be compromised.
Does the docs page already exist? Please link to it.
No response