@clerk/nextjs
Clerk SDK for NextJS
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| typosquat | typosquat.levenshtein:next | AI (typosquat): @clerk/nextjs is the official Clerk SDK for Next.js, not a typosquat. The scoped namespace, age, and download volume confirm legitimacy. This rule will always fire due to edit distance and is a stable false positive. | ai | |
| dependencies | unvetted-dep:@clerk/shared | AI (dependencies): @clerk/shared is a first-party Clerk internal package within the same @clerk/ namespace; expected dependency for all Clerk SDKs. | ai | |
| dependencies | unvetted-dep:@clerk/backend | AI (dependencies): @clerk/backend is a first-party Clerk internal package within the same @clerk/ namespace; expected dependency for all Clerk SDKs. | ai |
Versions (showing 25 of 25)
| Version | Deps | Published |
|---|---|---|
| 7.4.3 | 5 / 2 | |
| 7.4.2 | 5 / 2 | |
| 7.4.1 | 5 / 2 | |
| 7.4.0 | 5 / 2 | |
| 7.3.7 | 5 / 2 | |
| 7.3.6 | 5 / 2 | |
| 7.3.5 | 5 / 2 | |
| 7.3.4 | 5 / 2 | |
| 7.3.3 | 5 / 2 | |
| 7.3.2 | 5 / 2 | |
| 7.3.1 | 5 / 2 | |
| 7.3.0 | 5 / 2 | |
| 7.2.9 | 5 / 2 | |
| 7.2.8 | 5 / 2 | |
| 7.2.7 | 5 / 2 | |
| 7.2.6 | 5 / 2 | |
| 7.2.5 | 5 / 2 | |
| 7.2.4 | 5 / 2 | |
| 7.2.3 | 5 / 2 | |
| 7.2.2 | 5 / 2 | |
| 7.2.1 | 5 / 2 | |
| 6.39.5 | 6 / 2 | |
| 6.39.4 | 6 / 2 | |
| 6.39.3 | 6 / 2 | |
| 5.7.6 | 7 / 7 |
v7.4.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v7.4.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v7.4.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v7.4.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v7.3.7
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v7.3.6
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v7.3.5
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v7.3.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v7.3.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v7.3.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v7.3.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v7.3.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v7.2.9
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v7.2.7
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v7.2.6
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v7.2.5
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v7.2.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v7.2.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v7.2.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v7.2.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v6.39.5
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v6.39.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v6.39.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.7.6
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.