@bull-board/ui
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:dist/static/js/async/11153.03304bed.js | AI (source-diff): Webpack-minified CodeMirror chunk; expected for UI package. | ai | |
| source-diff | obfuscated-file:dist/static/js/async/19367.41cb624f.js | AI (source-diff): Webpack-bundled chunk; standard minified output. | ai | |
| source-diff | obfuscated-file:dist/static/js/async/12506.4df1bf8a.js | AI (source-diff): Webpack-bundled locale chunk; standard minified output. | ai | |
| source-diff | obfuscated-file:dist/static/js/async/12700.61b82ee1.js | AI (source-diff): Webpack-bundled locale chunk; standard minified output. | ai | |
| source-diff | obfuscated-file:dist/static/js/async/13410.436fbd27.js | AI (source-diff): Webpack-bundled chunk; standard minified output. | ai | |
| source-diff | obfuscated-file:dist/static/js/async/14302.e411a392.js | AI (source-diff): Webpack-bundled chunk; standard minified output. | ai | |
| source-diff | obfuscated-file:dist/static/js/async/14939.01eb94e4.js | AI (source-diff): Webpack-bundled chunk; standard minified output. | ai | |
| source-diff | obfuscated-file:dist/static/js/async/15114.4d20ed6a.js | AI (source-diff): Webpack-bundled chunk; standard minified output. | ai | |
| source-diff | obfuscated-file:dist/static/js/async/15283.50a0ae59.js | AI (source-diff): Webpack-bundled chunk; standard minified output. | ai | |
| source-diff | obfuscated-file:dist/static/js/async/1531.caf4684b.js | AI (source-diff): Webpack-bundled chunk; standard minified output. | ai | |
| source-diff | obfuscated-file:dist/static/js/async/16752.3bde98cb.js | AI (source-diff): Webpack-bundled chunk; standard minified output. | ai | |
| source-diff | obfuscated-file:dist/static/js/async/17553.2939fda7.js | AI (source-diff): Webpack-bundled chunk; standard minified output. | ai | |
| source-diff | obfuscated-file:dist/static/js/async/17597.ded69ad6.js | AI (source-diff): Webpack-bundled chunk; standard minified output. | ai | |
| source-diff | obfuscated-file:dist/static/js/async/18582.6d29734d.js | AI (source-diff): Webpack-bundled chunk; standard minified output. | ai | |
| source-diff | obfuscated-file:dist/static/js/async/18707.63c3608e.js | AI (source-diff): Webpack-bundled chunk; standard minified output. | ai | |
| source-diff | obfuscated-file:dist/static/js/async/10518.e5ba10f5.js | AI (source-diff): Webpack-bundled date-fns locale chunks; standard for a UI package shipping pre-built assets. | ai | |
| source-diff | obfuscated-file:dist/static/js/async/1074.f5737cfe.js | AI (source-diff): Webpack-bundled locale chunk; standard minified output. | ai | |
| source-diff | obfuscated-file:dist/static/js/async/11153.2127688b.js | AI (source-diff): Webpack-bundled CodeMirror/UI chunk; standard minified output. | ai | |
| source-diff | obfuscated-file:dist/static/js/async/11272.b03de1a0.js | AI (source-diff): Webpack-bundled locale chunk (Tamil); standard minified output. | ai | |
| source-diff | obfuscated-file:dist/static/js/async/12106.6b21c0cf.js | AI (source-diff): Webpack-bundled locale chunk (Latvian); standard minified output. | ai | |
| source-diff | obfuscated-file:dist/static/js/async/12347.0e10ff40.js | AI (source-diff): Webpack-bundled locale chunk; standard minified output. | ai | |
| source-diff | obfuscated-file:dist/static/js/main.f9b83451.js | AI (source-diff): Webpack-minified main entry with CSS module hashes; standard build output. | ai | |
| source-diff | net-exec-file:dist/static/js/async/51125.8b45fd61.js | AI (source-diff): Fetch polyfill + webpack dynamic imports in browser bundle; not server-side malware. | ai | |
| source-diff | net-exec-file:dist/static/js/main.f9b83451.js | AI (source-diff): Browser bundle with axios/fetch and webpack require; expected for a dashboard UI. | ai | |
| source-diff | obfuscated-file:dist/static/js/async/10518.b0a21f0d.js | AI (source-diff): Standard webpack-minified bundle of date-fns; expected for a UI package shipping built assets. | ai | |
| source-diff | obfuscated-file:dist/static/js/async/51125.8b45fd61.js | AI (source-diff): Webpack-minified chunk with LICENSE.txt; standard build output. | ai | |
| source-diff | obfuscated-file:dist/static/js/6693.47be15e9.js | AI (source-diff): Webpack-minified chunk (aria-hidden, date-fns locale); standard build output. | ai | |
| source-diff | obfuscated-file:dist/static/js/async/90409.1795e0fb.js | AI (source-diff): Webpack-minified chunk containing fetch polyfill; standard build output. | ai | |
| source-diff | obfuscated-file:dist/static/js/lib-react.719eb9c0.js | AI (source-diff): Minified React bundle; expected for a UI package. | ai | |
| typosquat | typosquat.levenshtein:uuid | AI (typosquat): Scoped @bull-board/ui package; Levenshtein match against short names is a false positive. | ai | |
| typosquat | typosquat.levenshtein:joi | AI (typosquat): Scoped @bull-board/ui package; Levenshtein match against short names is a false positive. | ai | |
| typosquat | typosquat.levenshtein:yup | AI (typosquat): Scoped @bull-board/ui package; Levenshtein match against short names is a false positive. | ai | |
| typosquat | typosquat.levenshtein:pg | AI (typosquat): Scoped @bull-board/ui package; Levenshtein match against short names is a false positive. | ai | |
| typosquat | typosquat.levenshtein:qs | AI (typosquat): Scoped @bull-board/ui package; Levenshtein match against short names is a false positive. | ai |
Versions (showing 16 of 16)
| Version | Deps | Published |
|---|---|---|
| 7.0.0 | 1 / 40 | |
| 6.21.3 | 1 / 40 | |
| 6.21.2 | 1 / 40 | |
| 6.21.1 | 1 / 39 | |
| 6.21.0 | 1 / 39 | |
| 6.20.7 | 1 / 39 | |
| 6.20.6 | 1 / 39 | |
| 6.18.3 | 1 / 39 | |
| 6.18.1 | 1 / 39 | |
| 6.16.4 | 1 / 38 | |
| 6.16.2 | 1 / 38 | |
| 6.16.1 | 1 / 38 | |
| 6.16.0 | 1 / 38 | |
| 6.15.0 | 1 / 38 | |
| 6.14.2 | 1 / 38 | |
| 6.14.1 | 1 / 38 |
v7.0.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v6.21.3
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v6.21.2
9 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v6.21.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v6.21.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v6.20.7
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v6.20.6
23 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v6.18.3
23 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v6.18.1
23 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v6.16.4
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v6.16.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v6.16.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v6.16.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v6.15.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v6.14.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v6.14.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.