@carbon/themes
Themes for applying color in the Carbon Design System
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | large-new-source-files | AI (source-diff): New files consistent with added build:types step generating .d.ts outputs; expected for this package's build pattern. | ai | |
| publish-pattern | dormant-publish | AI (publish-pattern): Carbon Design System monorepo; CI-published with SLSA provenance; dormancy likely reflects release cadence, not takeover. | ai | |
| install-scripts | install-script:postinstall | AI (install-scripts): IBM telemetry postinstall is a documented, stable pattern across all Carbon Design System packages. | ai | |
| phantom-deps | phantom-dep:@ibm/telemetry-js | AI (phantom-deps): @ibm/telemetry-js is used via CLI invocation in postinstall, not direct import; false positive for this package. | ai |
Versions (showing 24 of 24)
| Version | Deps | Published |
|---|---|---|
| 11.75.0 | 5 / 14 | |
| 11.74.0 | 5 / 11 | |
| 11.73.0 | 5 / 11 | |
| 11.72.0 | 5 / 11 | |
| 11.71.0 | 5 / 11 | |
| 11.70.0 | 5 / 11 | |
| 11.69.0 | 5 / 11 | |
| 11.68.0 | 5 / 11 | |
| 11.67.0 | 5 / 11 | |
| 11.66.0 | 5 / 11 | |
| 11.65.0 | 5 / 11 | |
| 11.64.0 | 5 / 11 | |
| 11.63.0 | 5 / 11 | |
| 11.62.0 | 5 / 11 | |
| 11.61.0 | 5 / 11 | |
| 11.60.0 | 5 / 11 | |
| 11.59.0 | 5 / 11 | |
| 11.58.0 | 5 / 11 | |
| 11.57.0 | 5 / 11 | |
| 11.56.0 | 5 / 11 | |
| 11.55.0 | 5 / 11 | |
| 11.54.0 | 5 / 11 | |
| 11.53.0 | 5 / 11 | |
| 11.52.0 | 5 / 11 |
v11.75.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v11.74.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v11.73.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v11.71.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v11.70.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v11.69.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v11.68.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v11.67.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v11.66.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v11.65.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v11.64.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v11.63.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v0.2). This is the strongest supply chain integrity signal.
v11.62.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v0.2). This is the strongest supply chain integrity signal.
v11.61.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v0.2). This is the strongest supply chain integrity signal.
v11.60.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v0.2). This is the strongest supply chain integrity signal.
v11.59.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v0.2). This is the strongest supply chain integrity signal.
v11.58.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v0.2). This is the strongest supply chain integrity signal.
v11.57.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v0.2). This is the strongest supply chain integrity signal.
v11.56.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v0.2). This is the strongest supply chain integrity signal.
v11.55.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v0.2). This is the strongest supply chain integrity signal.
v11.54.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v0.2). This is the strongest supply chain integrity signal.
v11.53.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v0.2). This is the strongest supply chain integrity signal.
v11.52.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v0.2). This is the strongest supply chain integrity signal.