@bpinternal/zui No license 10 versions

@bpinternal/zui

npm Repository Homepage

10

Versions

—

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

allardydavidvitoramichael.massonfranklevasseurchsir17slvnperronbotpress-cloud-ops

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
typosquat	typosquat.levenshtein:uuid	AI (typosquat): Scoped Botpress package; 'zui' is an intentional name, not a typosquat of uuid.	ai	2026/05/18
typosquat	typosquat.levenshtein:joi	AI (typosquat): Scoped Botpress package; 'zui' is an intentional name, not a typosquat of joi.	ai	2026/05/18
typosquat	typosquat.levenshtein:yup	AI (typosquat): Scoped Botpress package; 'zui' is an intentional name, not a typosquat of yup.	ai	2026/05/18
typosquat	typosquat.levenshtein:zod	AI (typosquat): Package is explicitly a Zod fork; 'zui' is intentional, not a typosquat.	ai	2026/05/18
bogus-package	bogus-package	AI (bogus-package): Established Botpress library with 113 versions and SLSA provenance; sparse README is not indicative of spam.	ai	2026/05/18

Versions (showing 10 of 10)

Version	Deps	Published
2.3.0	0 / 8	2026-05-29
2.2.1	0 / 8	2026-05-27
2.1.1	0 / 8	2026-03-26
2.1.0	0 / 8	2026-03-23
2.0.0	0 / 8	2026-03-17
1.3.3	0 / 10	2026-02-11
1.3.2	0 / 10	2026-01-06
1.3.1	0 / 18	2025-12-11
1.3.0	0 / 18	2025-12-11
1.2.3	0 / 18	2025-12-05

v2.3.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.2.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.1.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.1.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.0.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.3.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.3.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.3.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.3.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.2.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.