@canonical/react-components LGPL-3.0 28 versions

@canonical/react-components

npm Repository Homepage

![CI](https://github.com/canonical/react-components/workflows/CI/badge.svg?branch=main)

28

Versions

LGPL-3.0

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

ilayda21frankbanhuwshimianthonydillonsteverydzamylily1011bartazjpmartinsptpetesfrenchmariadias143jmuzinamtrujedlerdabehniacanonical-organizationedisile-canonicalsteciuk-canonicalad.vlengr-aliando.gqninfa_jeonndv99goulin-canonicalimmortalcodesalvaromateoonibenjo-canonical

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
phantom-deps	phantom-dep:@types/jest	AI (phantom-deps): Framework-scoped types loaded by convention in TypeScript/Jest projects.	ai	2026/05/14
phantom-deps	phantom-dep:@types/node	AI (phantom-deps): Framework-scoped types loaded by convention in TypeScript/Node projects.	ai	2026/05/14
phantom-deps	phantom-dep:@types/react	AI (phantom-deps): Framework-scoped types loaded by convention in React projects.	ai	2026/05/14
phantom-deps	phantom-dep:@types/react-dom	AI (phantom-deps): Framework-scoped types loaded by convention in React projects.	ai	2026/05/14
phantom-deps	phantom-dep:@types/react-table	AI (phantom-deps): Framework-scoped types loaded by convention in TypeScript projects.	ai	2026/05/14
phantom-deps	phantom-dep:jest-environment-jsdom	AI (phantom-deps): Referenced in jest config; standard test environment setup.	ai	2026/05/14

Versions (showing 28 of 28)

Version	Deps	Published
4.5.3	10 / 71	2026-05-26
4.5.2	10 / 71	2026-05-06
4.5.1	10 / 71	2026-05-04
4.5.0	10 / 71	2026-04-29
4.4.1	10 / 71	2026-04-28
4.4.0	10 / 71	2026-04-24
4.3.1	10 / 71	2026-04-17
4.3.0	10 / 71	2026-04-14
4.2.0	10 / 71	2026-04-08
4.1.0	10 / 71	2026-04-06
4.0.1	10 / 71	2026-03-20
4.0.0	10 / 71	2026-03-13
3.12.4	10 / 71	2026-03-13
3.12.3	10 / 71	2026-03-02
3.12.2	10 / 71	2026-02-20
3.12.1	10 / 71	2026-02-18
3.12.0	10 / 71	2026-02-13
3.11.1	10 / 71	2026-02-11
3.11.0	10 / 71	2026-02-11
3.10.0	10 / 71	2026-02-10
3.9.1	10 / 71	2026-02-09
3.9.0	10 / 71	2026-01-22
3.8.3	10 / 71	2026-01-13
3.8.2	10 / 71	2026-01-13
3.8.1	10 / 71	2026-01-13
3.8.0	10 / 71	2025-12-10
3.7.1	10 / 71	2025-12-05
3.7.0	10 / 71	2025-11-25

v4.5.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4.5.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4.5.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4.4.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4.4.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4.3.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4.3.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4.2.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4.1.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4.0.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4.0.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.12.4

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.12.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.12.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.12.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.12.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.11.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.11.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.10.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.9.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.9.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.8.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.8.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.8.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.8.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.7.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.7.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.