@auth0/auth0-vue No license 4 versions

@auth0/auth0-vue

npm Repository Homepage

4

Versions

—

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

auth0-ossauth0npmauth0brokkrjesseleoktajeffoktajeffbsmith-auth0sanjay.manikandhanniltorresatkohenry.mcardlenicolas.villalobosadam-mcgrath_oktajosecarlos-chavez_atkotj.oktasgarcia-atkoroger.chanmaaantonelewisbyrne-oktatarunpreet.kaur

Keywords

auth0loginAuthorization Code Grant FlowPKCESingle Page Application authenticationSPA authenticationVue

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
npm-metadata	url-dep:@auth0/component-cdn-uploader	AI (npm-metadata): Internal Auth0 CDN uploader tool in devDependencies only; not a runtime dependency risk.	ai	2026/05/20
source-diff	encoded-string-file:dist/auth0-vue.development.js	AI (source-diff): Long strings are minified rollup bundle output of auth0-spa-js; not obfuscated payloads.	ai	2026/05/20
source-diff	encoded-string-file:dist/auth0-vue.production.esm.js	AI (source-diff): Long strings are minified rollup bundle output of auth0-spa-js; not obfuscated payloads.	ai	2026/05/20
source-diff	encoded-string-file:dist/auth0-vue.production.js	AI (source-diff): Long strings are minified rollup bundle output of auth0-spa-js; not obfuscated payloads.	ai	2026/05/20

Versions (showing 4 of 4)

Version	Deps	Published
2.7.0	2 / 41	2026-05-08
2.6.1	2 / 41	2026-05-04
2.6.0	2 / 42	2026-04-28
2.5.0	2 / 42	2025-12-12

v2.7.0

4 findings

HIGH Long encoded string in modified file: dist/auth0-vue.development.js source-diff

Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.

HIGH Long encoded string in modified file: dist/auth0-vue.production.esm.js source-diff

Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.

HIGH Long encoded string in modified file: dist/auth0-vue.production.js source-diff

Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.6.1

4 findings

HIGH Long encoded string in modified file: dist/auth0-vue.development.js source-diff

Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.

HIGH Long encoded string in modified file: dist/auth0-vue.production.esm.js source-diff

Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.

HIGH Long encoded string in modified file: dist/auth0-vue.production.js source-diff

Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.5.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.