@ai-sdk/svelte — Greenflagged

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

vercel-release-botmatheussmatt.straka

Keywords

aisvelte

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
provenance	publisher-changed	AI (provenance): Transition from vercel-release-bot to GitHub Actions is a CI pipeline change within the same Vercel org, confirmed by SLSA provenance attestation.	ai	2026/05/15

Versions (showing 100 of 320)

Version	Deps	Published
3.0.200	2 / 16	2026-06-12
3.0.199	2 / 16	2026-06-11
3.0.198	2 / 16	2026-06-11
3.0.197	2 / 16	2026-06-09
3.0.196	2 / 16	2026-06-04
3.0.195	2 / 16	2026-06-02
3.0.194	2 / 16	2026-06-01
3.0.193	2 / 16	2026-05-28
3.0.192	2 / 16	2026-05-21
3.0.190	2 / 16	2026-05-19
3.0.188	2 / 16	2026-05-12
3.0.187	2 / 16	2026-05-12
3.0.186	2 / 16	2026-05-08
3.0.185	2 / 16	2026-05-05
3.0.184	2 / 16	2026-05-04
3.0.183	2 / 16	2026-05-01
3.0.182	2 / 16	2026-04-30
3.0.181	2 / 16	2026-04-30
3.0.180	2 / 16	2026-04-29
3.0.179	2 / 16	2026-04-17
3.0.178	2 / 16	2026-04-16
3.0.176	2 / 16	2026-04-16
3.0.175	2 / 16	2026-04-16
3.0.174	2 / 16	2026-04-16
3.0.173	2 / 16	2026-04-13
3.0.172	2 / 16	2026-04-09
3.0.171	2 / 16	2026-04-08
3.0.170	2 / 16	2026-04-07
3.0.169	2 / 16	2026-04-06
3.0.168	2 / 16	2026-04-06
3.0.167	2 / 16	2026-04-05
3.0.166	2 / 16	2026-04-02
3.0.165	2 / 16	2026-04-02
3.0.164	2 / 16	2026-04-02
3.0.163	2 / 16	2026-04-02
3.0.162	2 / 16	2026-03-31
3.0.161	2 / 16	2026-03-27
3.0.160	2 / 16	2026-03-24
3.0.159	2 / 16	2026-03-23
3.0.158	2 / 16	2026-03-23
3.0.157	2 / 21	2026-03-20
3.0.156	2 / 21	2026-03-18
3.0.155	2 / 21	2026-03-17
3.0.154	2 / 21	2026-03-13
3.0.153	2 / 21	2026-03-11
3.0.152	2 / 21	2026-03-10
3.0.151	2 / 21	2026-03-09
3.0.150	2 / 21	2026-03-06
3.0.149	2 / 21	2026-03-05
3.0.148	2 / 21	2026-03-05
3.0.147	2 / 21	2026-03-05
3.0.146	2 / 21	2026-03-05
3.0.145	2 / 21	2026-03-04
3.0.144	2 / 21	2026-03-03
3.0.143	2 / 21	2026-03-03
3.0.142	2 / 21	2026-03-02
3.0.141	2 / 21	2026-02-26
3.0.140	2 / 21	2026-02-26
3.0.139	2 / 21	2026-02-26
3.0.138	2 / 21	2026-02-24
3.0.137	2 / 21	2026-02-19
3.0.136	2 / 21	2026-02-18
3.0.135	2 / 21	2026-02-17
3.0.134	2 / 21	2026-02-17
3.0.133	2 / 21	2026-02-13
3.0.132	2 / 21	2026-02-13
3.0.131	2 / 21	2026-02-13
3.0.130	2 / 21	2026-02-12
3.0.129	2 / 21	2026-02-07
3.0.128	2 / 21	2026-02-05
3.0.127	2 / 21	2026-02-05
3.0.126	2 / 21	2026-02-04
3.0.125	2 / 21	2026-02-02
3.0.124	2 / 21	2026-01-30
3.0.123	2 / 21	2026-01-22
3.0.122	2 / 21	2026-01-21
3.0.121	2 / 21	2026-01-13
3.0.120	2 / 21	2026-01-13
3.0.119	2 / 21	2026-01-10
3.0.118	2 / 21	2026-01-05
3.0.117	2 / 21	2025-12-30
3.0.116	2 / 21	2025-12-20
3.0.115	2 / 21	2025-12-17
3.0.114	2 / 21	2025-12-16
3.0.113	2 / 21	2025-12-12
3.0.112	2 / 21	2025-12-11
3.0.111	2 / 21	2025-12-11
3.0.110	2 / 21	2025-12-11
3.0.109	2 / 21	2025-12-10
3.0.108	2 / 21	2025-12-06
3.0.107	2 / 21	2025-12-05
3.0.106	2 / 21	2025-12-02
3.0.105	2 / 21	2025-12-01
3.0.104	2 / 21	2025-11-27
3.0.103	2 / 21	2025-11-27
3.0.102	2 / 21	2025-11-25
3.0.101	2 / 21	2025-11-24
3.0.100	2 / 21	2025-11-22
3.0.99	2 / 21	2025-11-22
3.0.98	2 / 21	2025-11-20

Showing 100 of 320 Next page →

v3.0.200

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.199

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.198

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.197

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.196

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.195

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.194

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.193

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.192

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.190

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.188

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.186

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.185

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.184

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.183

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.182

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.181

2 findings

HIGH Publisher changed: vercel-release-bot → GitHub Actions (on 2026-04-30) provenance

This version was published by a different npm account than previous versions on 2026-04-30. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.180

2 findings

HIGH Publisher changed: vercel-release-bot → GitHub Actions (on 2026-04-29) provenance

This version was published by a different npm account than previous versions on 2026-04-29. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.