@authn-sh/ui AGPL-3.0-only 9 versions

@authn-sh/ui

npm Repository Homepage

Design primitives for authn.sh — internal to the @authn-sh React/Vue SDKs.

9

Versions

AGPL-3.0-only

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

vagnercsouza

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
license	copyleft-license:AGPL-3.0-only	AI (license): AGPL-3.0 is intentional and disclosed; appropriate for internal design-system package.	ai	2026/05/18
dependencies	unvetted-dep:@radix-ui/react-avatar	AI (dependencies): Radix UI primitive; consistent with all other @radix-ui deps in this package, stable false positive.	ai	2026/05/12
phantom-deps	phantom-dep:@radix-ui/react-popover	AI (phantom-deps): Declared as runtime dep; may be used indirectly or in config; stable false positive for this UI library.	ai	2026/05/12
typosquat	typosquat.levenshtein:qs	AI (typosquat): Scoped org package with SLSA provenance; not targeting qs.	ai	2026/05/12
typosquat	typosquat.levenshtein:joi	AI (typosquat): Scoped org package with SLSA provenance; not targeting joi.	ai	2026/05/12
typosquat	typosquat.levenshtein:yup	AI (typosquat): Scoped org package with SLSA provenance; not targeting yup.	ai	2026/05/12
typosquat	typosquat.levenshtein:pg	AI (typosquat): Scoped org package with SLSA provenance; not targeting pg.	ai	2026/05/12
typosquat	typosquat.levenshtein:uuid	AI (typosquat): Scoped org package with SLSA provenance; not targeting uuid.	ai	2026/05/12

Versions (showing 9 of 9)

Version	Deps	Published
0.7.1	8 / 9	2026-05-15
0.7.0	8 / 9	2026-05-12
0.6.0	8 / 9	2026-05-12
0.5.0	8 / 9	2026-05-11
0.4.0	8 / 9	2026-05-11
0.3.0	8 / 9	2026-05-10
0.2.0	8 / 9	2026-05-10
0.1.0	8 / 9	2026-05-03
0.0.0	0 / 5	2026-05-03

v0.7.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.7.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.6.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.5.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.4.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.3.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.2.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.1.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.0.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.