@adyen/adyen-web No license 5 versions

@adyen/adyen-web

npm Repository Homepage

5

Versions

—

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

bponomarenkoadyencomvergilfromadyencamilocvalexandrefromadyennostalgic-octopus

Keywords

adyenadyen-webcheckoutpaymentpaymentscomponents

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
source-diff	obfuscated-file:dist/es-legacy/components/Donation/DonationCampaignService.js	AI (source-diff): Minified rollup build output; standard for adyen-web dist artifacts across all versions.	ai	2026/05/14
phantom-deps	phantom-dep:classnames	AI (phantom-deps): classnames is a declared runtime dep used indirectly; stable false positive for this package.	ai	2026/05/14
phantom-deps	phantom-dep:@types/googlepay	AI (phantom-deps): Type-only package loaded by convention; stable false positive for this package.	ai	2026/05/14
phantom-deps	phantom-dep:@types/applepayjs	AI (phantom-deps): Type-only package loaded by convention; stable false positive for this package.	ai	2026/05/14

Versions (showing 5 of 5)

Version	Deps	Published
6.37.0	4 / 54	2026-05-21
6.36.0	4 / 54	2026-05-13
6.35.0	4 / 54	2026-05-05
6.34.1	4 / 54	2026-04-30
6.34.0	4 / 54	2026-04-23

v6.37.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.36.0

2 findings

HIGH New obfuscated file: dist/es-legacy/components/Donation/DonationCampaignService.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.35.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.34.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.34.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.