@ant-design/cssinjs-utils

A cssinjs util library to support Ant Design (antd) and its ecosystem libraries.

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures gitHead linked

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

afc163zombiejchenshuai2144arvinxxmadcccranranup123blueboylijianyumoimerlijiananmickey_fanlu

Keywords

reactcssinjscssinjs-utilantdant-design

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
dependencies	unvetted-peer-dep:react-dom	AI (dependencies): react-dom is a standard peer dependency for React component libraries; expected for CSS-in-JS utilities.	ai	2026/04/21
dependencies	unvetted-dep:@rc-component/util	AI (dependencies): @rc-component/util is a standard rc-ecosystem utility; replacement of rc-util is routine maintenance for this package.	ai	2026/04/21
publish-pattern	new-deps-added	AI (publish-pattern): @rc-component/util is the rc-component org's successor to rc-util, maintained by the same Ant Design team. This swap is a routine migration, not a supply-chain risk.	ai	2026/04/21
maintainer-change	maintainer-removed	AI (maintainer-change): Removal of vagusx paired with new maintainers indicates routine handoff, not takeover.	ai	2026/04/21
provenance	publisher-changed	AI (provenance): Publisher transition from afc163 to zombiej is consistent with Ant Design ecosystem maintainer changes; no compromise indicators.	ai	2026/04/21
maintainer-change	maintainer-added	AI (maintainer-change): Maintainer additions align with publisher change; consistent with Ant Design ecosystem governance transitions.	ai	2026/04/21
dependencies	unvetted-dep:rc-util	AI (dependencies): rc-util is a standard utility library used across the React component ecosystem; expected dependency for this package.	ai	2026/04/21
provenance	no-provenance	AI (provenance): Established Ant Design ecosystem package with 1.9M weekly downloads and clean publisher history; lack of provenance attestation is not a meaningful risk signal here.	ai	2026/04/21

Versions (showing 13 of 13)

Show 1 prerelease

Version	Deps	Published
2.1.2	3 / 20	2026-03-04
2.1.1	3 / 20	2026-02-09
2.1.0	3 / 20	2026-02-09
2.0.2	3 / 20	2025-11-25
2.0.1	3 / 20	2025-11-17
2.0.0	3 / 20	2025-11-17
1.1.3	3 / 20	2024-12-05
1.1.1	3 / 20	2024-10-12
1.1.0	3 / 20	2024-09-14
1.0.3	3 / 19	2024-07-23
1.0.2	3 / 19	2024-07-23
1.0.1	3 / 19	2024-07-17
1.0.0	3 / 19	2024-07-15