All @1001-digital/components versions
@1001-digital/components @1.5.0
rejected
This version was rejected.
It did not pass GreenFlagged's security review and is not served by the registry.
The findings and risk dispositions below explain why.
46
Risk Score
—
License
No
Install Scripts
6
Dependencies
2
Dev Dependencies
22.3 KB
Package Size
Published
Maintainers
jwahdatehagh
Dependencies (6)
| Package | Constraint | Registry Status |
|---|---|---|
| luxon | ^3.7.0 | auto_approved |
| reka-ui | ^2.9.0 | auto_approved |
| @iconify/vue | ^5.0.0 | auto_approved |
| @vueuse/core | ^14.2.1 | auto_approved |
| @internationalized/date | ^3.12.0 | auto_approved |
| @visualizevalue/opepicons | ^0.1.0 | No greenflagged match |
Dev Dependencies (2)
| Package | Constraint | Registry Status |
|---|---|---|
| vue | ^3.5.30 | auto_approved |
| @types/luxon | ^3.7.0 | auto_approved |
Transitive Dependency Tree
23 transitive deps
max depth 5
├─
@iconify/vue
^5.0.0
→ 5.0.1
├─
@internationalized/date
^3.12.0
→ 3.12.2
├─
@visualizevalue/opepicons
^0.1.0
├─
@vueuse/core
^14.2.1
→ 14.3.0
├─
luxon
^3.7.0
→ 3.7.2
├─
reka-ui
^2.9.0
→ 2.9.9
├─
@floating-ui/dom
^1.6.13
→ 1.7.6
├─
@floating-ui/vue
^1.1.6
→ 1.1.11
├─
@iconify/types
^2.0.0
→ 2.0.0
├─
@internationalized/date
^3.5.0
→ 3.12.2
├─
@internationalized/number
^3.5.0
→ 3.6.7
├─
@swc/helpers
^0.5.0
→ 0.5.23
├─
@tanstack/vue-virtual
^3.12.0
→ 3.13.28
├─
@types/web-bluetooth
^0.0.21
→ 0.0.21
├─
@vueuse/core
^14.1.0
→ 14.3.0
├─
@vueuse/metadata
14.3.0
├─
@vueuse/shared
14.3.0
├─
@vueuse/shared
^14.1.0
→ 14.3.0
├─
aria-hidden
^1.2.4
→ 1.2.6
├─
defu
^6.1.5
→ 6.1.7
├─
ohash
^2.0.11
→ 2.0.11
├─
@floating-ui/core
^1.7.5
→ 1.7.5
├─
@floating-ui/dom
^1.7.6
→ 1.7.6
├─
@floating-ui/utils
^0.2.11
→ 0.2.11
├─
@swc/helpers
^0.5.0
→ 0.5.23
├─
@tanstack/virtual-core
3.17.0
→ 3.17.0
├─
@types/web-bluetooth
^0.0.21
→ 0.0.21
├─
@vueuse/metadata
14.3.0
├─
@vueuse/shared
14.3.0
├─
tslib
^2.8.0
→ 2.8.1
├─
tslib
^2.0.0
→ 2.8.1
├─
vue-demi
>=0.13.0
→ 0.14.6
├─
@floating-ui/core
^1.7.5
→ 1.7.5
├─
@floating-ui/utils
^0.2.11
→ 0.2.11
├─
tslib
^2.8.0
→ 2.8.1
├─
@floating-ui/utils
^0.2.11
→ 0.2.11
Risk Dispositions (1 applicable to this version, 0 other)
Accepted rules are downgraded to INFO on future analyses; rejected rules escalate to CRITICAL.
| Rule | Source | Disposition | Author | Reason | |
|---|---|---|---|---|---|
bogus-package |
bogus-package | reject | AI | AI (bogus-package): Publisher's 92% rejection rate + missing repo/description/keywords pattern generalizes to this namespace. |
SAST Findings (1)
LOW
No provenance attestation
provenance
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
Review Summary
Risk score: 46. Findings: 1 critical (+40), 2 low (+6), 5 info (+0).
Published to npm: