@atlaskit/emoji
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| phantom-deps | phantom-dep:react-loadable | AI (phantom-deps): Phantom deps in monorepo UI libraries are common; declared for build/peer management, not direct imports. | ai | |
| phantom-deps | phantom-dep:@atlaskit/tokens | AI (phantom-deps): Same-org scoped phantom dep typical in Atlassian monorepo; declared for transitive stability. | ai | |
| phantom-deps | phantom-dep:@atlaskit/media-client | AI (phantom-deps): Same-org scoped phantom dep typical in Atlassian monorepo; declared for transitive stability. | ai | |
| phantom-deps | phantom-dep:@atlaskit/afm-i18n-platform-elements-emoji | AI (phantom-deps): Same-org scoped phantom dep typical in Atlassian monorepo; declared for transitive stability. | ai | |
| provenance | no-provenance | AI (provenance): Atlassian publishes this package through their artifact pipeline without Sigstore provenance; consistent across all their packages and not a security concern. | ai |
Versions (showing 51 of 150)
| Version | Deps | Published |
|---|---|---|
| 70.16.1 | 33 / 28 | |
| 70.16.0 | 33 / 28 | |
| 70.15.3 | 33 / 28 | |
| 70.15.2 | 32 / 28 | |
| 70.15.1 | 32 / 28 | |
| 70.15.0 | 32 / 28 | |
| 70.14.3 | 32 / 28 | |
| 70.14.2 | 32 / 28 | |
| 70.14.1 | 32 / 28 | |
| 70.14.0 | 32 / 28 | |
| 70.13.0 | 31 / 28 | |
| 70.12.0 | 31 / 28 | |
| 70.11.2 | 32 / 28 | |
| 70.11.1 | 31 / 28 | |
| 70.11.0 | 31 / 28 | |
| 70.10.14 | 31 / 28 | |
| 70.10.13 | 31 / 28 | |
| 70.10.12 | 31 / 28 | |
| 70.10.11 | 31 / 28 | |
| 70.10.10 | 31 / 29 | |
| 70.10.9 | 31 / 29 | |
| 70.10.8 | 31 / 29 | |
| 70.10.7 | 31 / 29 | |
| 70.10.6 | 31 / 29 | |
| 70.10.5 | 31 / 29 | |
| 70.10.4 | 31 / 29 | |
| 70.10.3 | 31 / 29 | |
| 70.10.2 | 31 / 28 | |
| 70.10.1 | 31 / 28 | |
| 70.10.0 | 31 / 28 | |
| 70.9.2 | 31 / 28 | |
| 70.9.1 | 31 / 28 | |
| 70.9.0 | 31 / 28 | |
| 70.8.0 | 31 / 28 | |
| 70.7.2 | 31 / 28 | |
| 70.7.1 | 31 / 28 | |
| 70.7.0 | 31 / 28 | |
| 70.6.2 | 29 / 28 | |
| 70.6.1 | 29 / 28 | |
| 70.6.0 | 29 / 28 | |
| 70.5.2 | 28 / 28 | |
| 70.5.1 | 28 / 28 | |
| 70.5.0 | 28 / 28 | |
| 70.4.2 | 28 / 28 | |
| 70.4.1 | 28 / 28 | |
| 70.4.0 | 28 / 28 | |
| 70.3.4 | 28 / 28 | |
| 70.3.3 | 28 / 28 | |
| 70.3.2 | 28 / 28 | |
| 70.3.1 | 28 / 28 | |
| 70.3.0 | 28 / 28 |
v70.16.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.16.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.15.3
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.15.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.15.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.15.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.14.3
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.14.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.14.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.14.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.13.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.12.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.11.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.11.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.11.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.10.14
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.10.13
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.10.12
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.10.11
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.10.10
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.10.9
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.10.8
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.10.7
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.10.6
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.10.5
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.10.4
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.10.3
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.10.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.10.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.10.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.9.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.9.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.9.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.8.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.7.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.7.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.7.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.6.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.6.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.6.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.5.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.5.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.5.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.4.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.4.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.4.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.3.4
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.3.3
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.3.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.3.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v70.3.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.