Evidence

Proof humans can read.

The registry still publishes raw JSON for agents. The website now explains each proof first, then exposes the machine file as an explicit verification link.

Verified registry

Packages

Witnesses

3cc66da329...a7f631cf

Root hash

Quarantine

Yanked

Package

repo-readme-audit

Audit repository README files for installation clarity, trust evidence and agent-safe instructions.

Canonical: pkg:did:key:z6MkgXXLN2Qt3GKL9KJPo7SH7WGcQqRYcpT5MrwbTJ9qHpZu/repo-readme-audit@0.1.0
Digest: aa102c984a663b1fb4811740667ac1b14a80c9000870dfc6d3e854b9b3c0ba58
Publisher: did:key:z6MkgXXLN2Qt3GKL9KJPo7SH7WGcQqRYcpT5MrwbTJ9qHpZu
Source: a50ed66d2493eca8a0966d4f06c78d7277f63b3d
Trust: verified/100

APM package machine receipt

Artifacts

What each proof means

Discovery

The manifest agents use to find the registry, installer, advisory feed, transparency log and witness.

Machine file

Registry

The package index carrying signed package evidence, digests, source commits, compatibility receipts and warnings.

Machine file

Checkpoint

The current transparency tree head. It pins root hash, tree size, timestamp and log identity.

Machine file

Advisories

The signed safety feed used to warn or block risky package versions without deleting Gitlawb content.

Machine file

Security policy

The public reporting route for vulnerabilities, package incidents and registry trust failures.

Machine file

Proof transcript

A machine readable record of the demo path: inspect, install, audit and blocked unsafe manifests.

Machine file

Review packet

The machine readable audit handoff with targets, commands, claim boundaries and sign off fields.

Machine file

Evidence manifest

The index of public review artifacts, live health endpoints and proof files reviewers can reproduce.

Machine file

Evidence ledger

The adoption and review receipt ledger. It stays at zero until external redacted evidence exists.

Machine file

Synthetic monitor

The reproducible monitor command for site, registry, advisories, witness, node and Gitlawb receive pack probes.

Machine file

Package proof

Merkle proof for repo-readme-audit, bound to leaf da41c8c905863e2e5469e37b008c0ab83805d3921f0cadb65edb30073ab8a1e6.

Machine file

Package witness

Witness statement for repo-readme-audit, signed outside the registry log identity.

Machine file

Roots

Current pinned values

Log: did:key:z6MkugeJcjgGhG1EpUMhhJ1Q5SoYn65T4cmiuBFE8E82TMyk
Witness: z6Mkv8WH...EkewWJ
Checkpoint: 3cc66da3292900a4ac482b2c301db5c6e0a00c2461847a29fec5275da7f631cf
Tree size: 32
Generated: 2026-05-16T21:44:02.000Z
Registry: https://nipmod.com/registry/packages.json
Advisories: https://nipmod.com/advisories.json