@almadar/ui — Greenflagged

React UI components, hooks, and providers for Almadar

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures gitHead linked

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

javasop

Keywords

almadaruireactcomponentshooks

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
source-diff	net-exec-file:dist/chunk-4TXM7YAX.js	AI (source-diff): Sample shows standard bundled ESM imports (React, Lucide, internal chunks); no actual network fetch or dynamic code execution present.	ai	2026/05/31
source-diff	large-new-source-files	AI (source-diff): New export entry points (avl, flow, runtime, docs, marketing) explain the file count increase.	ai	2026/05/31
source-diff	source-size-tripled	AI (source-diff): Size increase matches addition of Three.js/ReactFlow/Leaflet bundles as new entry points.	ai	2026/05/31
source-diff	net-exec-file:dist/chunk-SKWPSQHQ.js	AI (source-diff): Bundled chunk contains only ESM imports of React/Lucide/internal modules; no actual network calls or dynamic code execution.	ai	2026/05/31
source-diff	obfuscated-file:dist/avl/index.d.cts	AI (source-diff): TypeScript declaration file with long lines from union types; not obfuscated code.	ai	2026/05/31
source-diff	net-exec-file:dist/chunk-K43H3ZDY.js	AI (source-diff): Bundled UI chunk with standard React/lucide imports; no actual network fetch or dynamic code execution present.	ai	2026/05/30
source-diff	net-exec-file:dist/chunk-SL6WFPKX.js	AI (source-diff): Bundled UI chunk with standard ESM imports; no actual network fetch or dynamic code execution present in the file.	ai	2026/05/30
source-diff	net-exec-file:dist/chunk-FP3PNF7I.js	AI (source-diff): Bundled UI component chunk with React/Three.js imports; no actual network fetch or dynamic code execution in sample.	ai	2026/05/30
source-diff	net-exec-file:dist/components/index.cjs	AI (source-diff): Bundled React UI component code; no actual dropper pattern — legitimate library imports only.	ai	2026/05/18
source-diff	net-exec-file:dist/avl/index.js	AI (source-diff): ESM bundle of Three.js/React UI code; no actual dropper pattern — legitimate library imports only.	ai	2026/05/18
source-diff	net-exec-file:dist/avl/index.cjs	AI (source-diff): Bundled React/Three.js UI code; no actual dropper pattern — legitimate library imports only.	ai	2026/05/18
source-diff	net-exec-file:dist/runtime/index.cjs	AI (source-diff): Bundled React runtime UI code; no actual dropper pattern — legitimate library imports only.	ai	2026/05/18
source-diff	obfuscated-file:dist/components/index.d.ts	AI (source-diff): Long lines in index.d.ts are TypeScript re-export declarations, not obfuscation; stable false positive for this package.	ai	2026/05/03
phantom-deps	phantom-dep:rehype-katex	AI (phantom-deps): Declared dependency; used via react-markdown plugin configuration.	ai	2026/05/03
phantom-deps	phantom-dep:katex	AI (phantom-deps): Declared dependency; used via rehype-katex plugin configuration.	ai	2026/05/03
phantom-deps	phantom-dep:rehype-raw	AI (phantom-deps): Declared dependency; used via react-markdown plugin configuration.	ai	2026/05/03
phantom-deps	phantom-dep:remark-gfm	AI (phantom-deps): Declared dependency; used via react-markdown plugin configuration.	ai	2026/05/03
phantom-deps	phantom-dep:remark-math	AI (phantom-deps): Declared dependency; used via react-markdown plugin configuration.	ai	2026/05/03
phantom-deps	phantom-dep:react-markdown	AI (phantom-deps): Declared dependency; used as component in renderer module.	ai	2026/05/03
phantom-deps	phantom-dep:react-force-graph-2d	AI (phantom-deps): Declared dependency; used as component in renderer module.	ai	2026/05/03
phantom-deps	phantom-dep:react-syntax-highlighter	AI (phantom-deps): Declared dependency; used via react-markdown plugin configuration.	ai	2026/05/03
provenance	no-provenance	AI (provenance): Consistent across all versions of this package; no other risk signals present.	ai	2026/04/30
phantom-deps	phantom-dep:parse-entities	AI (phantom-deps): Referenced in config files; stable false positive for this package.	ai	2026/04/29
phantom-deps	phantom-dep:@almadar/std	AI (phantom-deps): Same org scope; likely used transitively or in config; stable false positive.	ai	2026/04/29
phantom-deps	phantom-dep:hastscript	AI (phantom-deps): Referenced in config/remark pipeline; stable false positive for this package.	ai	2026/04/29
phantom-deps	phantom-dep:refractor	AI (phantom-deps): Used indirectly via react-syntax-highlighter; stable false positive for this package.	ai	2026/04/29
typosquat	typosquat.levenshtein:yup	AI (typosquat): Scoped org package @almadar/ui; not a typosquat of yup.	ai	2026/04/29
typosquat	typosquat.levenshtein:joi	AI (typosquat): Scoped org package @almadar/ui; not a typosquat of joi.	ai	2026/04/29
typosquat	typosquat.levenshtein:qs	AI (typosquat): Scoped org package @almadar/ui; not a typosquat of qs.	ai	2026/04/29
typosquat	typosquat.levenshtein:uuid	AI (typosquat): Scoped org package @almadar/ui; not a typosquat of uuid.	ai	2026/04/29
typosquat	typosquat.levenshtein:pg	AI (typosquat): Scoped org package @almadar/ui; not a typosquat of pg.	ai	2026/04/29

Versions (showing 100 of 355)

Version	Deps	Published
5.16.2	28 / 43	2026-06-05
5.16.1	28 / 43	2026-06-05
5.15.0	28 / 43	2026-06-05
5.14.1	28 / 43	2026-06-05
5.14.0	28 / 43	2026-06-05
5.13.3	28 / 43	2026-06-03
5.13.2	28 / 43	2026-06-02
5.12.1	28 / 43	2026-05-30
5.12.0	28 / 43	2026-05-30
5.11.0	28 / 43	2026-05-30
5.9.10	28 / 43	2026-05-30
5.9.9	28 / 43	2026-05-30
5.9.8	28 / 43	2026-05-29
5.9.7	28 / 43	2026-05-29
5.9.6	28 / 43	2026-05-29
5.9.5	28 / 43	2026-05-29
5.9.4	28 / 43	2026-05-29
5.9.3	28 / 43	2026-05-29
5.9.2	28 / 43	2026-05-29
5.9.1	28 / 43	2026-05-29
5.9.0	28 / 43	2026-05-29
5.8.1	28 / 43	2026-05-28
5.8.0	28 / 43	2026-05-28
5.7.0	28 / 43	2026-05-27
5.6.0	28 / 43	2026-05-27
5.5.9	28 / 43	2026-05-27
5.5.8	28 / 43	2026-05-27
5.5.7	28 / 43	2026-05-26
5.5.6	28 / 43	2026-05-26
5.5.5	28 / 43	2026-05-26
5.5.4	28 / 43	2026-05-26
5.5.3	28 / 43	2026-05-26
5.5.2	28 / 43	2026-05-26
5.5.1	28 / 43	2026-05-26
5.5.0	28 / 43	2026-05-26
5.4.0	28 / 43	2026-05-26
5.3.1	28 / 43	2026-05-26
5.3.0	28 / 43	2026-05-26
5.2.1	28 / 43	2026-05-26
5.2.0	28 / 43	2026-05-26
5.1.6	28 / 43	2026-05-25
5.1.5	28 / 43	2026-05-25
5.1.4	28 / 43	2026-05-25
5.1.3	28 / 43	2026-05-25
5.1.2	28 / 43	2026-05-25
5.1.1	28 / 43	2026-05-25
5.1.0	28 / 43	2026-05-25
5.0.0	25 / 43	2026-05-25
4.57.5	25 / 43	2026-05-22
4.57.4	25 / 43	2026-05-22
4.57.3	25 / 43	2026-05-22
4.57.2	25 / 43	2026-05-22
4.57.1	25 / 43	2026-05-22
4.56.4	25 / 43	2026-05-20
4.56.3	25 / 43	2026-05-20
4.56.2	25 / 43	2026-05-19
4.56.1	25 / 43	2026-05-19
4.56.0	25 / 43	2026-05-19
4.55.0	25 / 43	2026-05-19
4.54.15	25 / 43	2026-05-18
4.54.14	25 / 43	2026-05-18
4.54.13	25 / 43	2026-05-18
4.54.12	25 / 43	2026-05-18
4.54.11	25 / 43	2026-05-18
4.54.10	25 / 43	2026-05-18
4.54.9	25 / 43	2026-05-18
4.54.8	25 / 43	2026-05-18
4.54.7	25 / 43	2026-05-18
4.54.6	25 / 43	2026-05-18
4.54.5	25 / 43	2026-05-18
4.54.4	25 / 43	2026-05-18
4.54.3	25 / 43	2026-05-18
4.54.2	25 / 43	2026-05-18
4.54.1	25 / 43	2026-05-18
4.54.0	25 / 43	2026-05-18
4.53.7	25 / 43	2026-05-16
4.53.6	25 / 43	2026-05-16
4.53.5	25 / 43	2026-05-16
4.53.4	25 / 43	2026-05-16
4.53.3	25 / 43	2026-05-16
4.53.2	25 / 43	2026-05-16
4.53.1	26 / 42	2026-05-16
4.52.0	25 / 42	2026-05-16
4.51.16	25 / 42	2026-05-15
4.51.15	25 / 42	2026-05-15
4.51.14	25 / 42	2026-05-15
4.51.13	25 / 42	2026-05-15
4.51.12	25 / 42	2026-05-15
4.51.11	25 / 42	2026-05-15
4.51.10	25 / 42	2026-05-15
4.51.9	25 / 42	2026-05-15
4.51.8	25 / 42	2026-05-15
4.51.7	25 / 42	2026-05-15
4.51.6	25 / 42	2026-05-15
4.51.5	25 / 42	2026-05-15
4.51.4	25 / 42	2026-05-15
4.51.3	25 / 42	2026-05-15
4.51.2	25 / 42	2026-05-15
4.51.1	25 / 42	2026-05-15
4.51.0	25 / 42	2026-05-15

Showing 100 of 355 Next page →