@auth0/universal-components-react
3
Versions
Apache-2.0
License
No
Install Scripts
Verified
Provenance
Supply chain provenance
Status for the latest visible version.
SLSA provenance attestation
npm registry signatures
gitHead linked
Maintainers
auth0-ossauth0npmauth0brokkrjesseleoktajeffoktajeffbsmith-auth0sanjay.manikandhanniltorresatkohenry.mcardlenicolas.villalobosadam-mcgrath_oktajosecarlos-chavez_atkotj.oktasgarcia-atkoroger.chanmaaantonelewisbyrne-oktatarunpreet.kaur
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| phantom-deps | phantom-dep:zod | AI (phantom-deps): zod is used as a validation schema dep referenced in config/build tooling, not directly imported in library source. | ai | |
| phantom-deps | phantom-dep:shadcn | AI (phantom-deps): shadcn is a CLI/build tool used in registry:build script, not a runtime import. | ai | |
| phantom-deps | phantom-dep:@types/qrcode | AI (phantom-deps): Type-only package; framework-scoped, not directly imported in source. | ai | |
| phantom-deps | phantom-dep:@radix-ui/react-label | AI (phantom-deps): Radix UI component used via config/re-export pattern; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:postcss-prefix-selector | AI (phantom-deps): PostCSS plugin referenced in build config, not directly imported in JS source. | ai |
v2.0.0
1 finding
INFO
Has SLSA provenance attestation
provenance
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.1.0
1 finding
INFO
Has SLSA provenance attestation
provenance
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.0.0
1 finding
INFO
Has SLSA provenance attestation
provenance
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.