@datadog/mobile-react-native-navigation Apache-2.0 22 versions

@datadog/mobile-react-native-navigation

npm Repository Homepage

A client-side React Native module to interact with Datadog

22

Versions

Apache-2.0

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

datadog

Keywords

datadogreact-nativeiosandroid

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
provenance	publisher-changed	AI (provenance): Datadog migrated publishing to GitHub Actions CI with SLSA attestation; this is the expected pattern for the org.	ai	2026/05/07
publish-pattern	dormant-publish	AI (publish-pattern): Dormancy aligns with CI/CD pipeline migration; 104 versions in registry confirms active package history.	ai	2026/05/07

Versions (showing 22 of 22)

Version	Deps	Published
3.5.0	0 / 6	2026-05-25
3.4.0	0 / 6	2026-04-29
3.3.0	0 / 6	2026-04-14
3.2.0	0 / 6	2026-03-25
3.1.2	0 / 6	2026-03-06
3.1.1	0 / 6	2026-02-25
3.1.0	0 / 6	2026-02-18
3.0.3	0 / 6	2026-02-17
3.0.2	0 / 6	2026-02-09
3.0.1	0 / 6	2026-01-29
3.0.0	0 / 6	2026-01-22
2.14.8	0 / 6	2026-06-01
2.14.7	0 / 6	2026-05-07
2.14.6	0 / 6	2026-04-14
2.14.5	0 / 6	2026-03-25
2.14.4	0 / 6	2026-03-06
2.14.3	0 / 6	2026-02-17
2.14.2	0 / 6	2026-02-09
2.14.1	0 / 6	2026-01-15
2.14.0	0 / 6	2025-12-11
2.13.2	0 / 6	2025-11-11
2.13.1	0 / 6	2025-11-06

v3.5.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.4.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.3.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.2.0

2 findings

HIGH Publisher changed: datadog → GitHub Actions (on 2026-03-25) provenance

This version was published by a different npm account than previous versions on 2026-03-25. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.1.2

2 findings

HIGH Publisher changed: datadog → GitHub Actions (on 2026-03-06) provenance

This version was published by a different npm account than previous versions on 2026-03-06. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.1.1

2 findings

HIGH Publisher changed: datadog → GitHub Actions (on 2026-02-25) provenance

This version was published by a different npm account than previous versions on 2026-02-25. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.1.0

2 findings

HIGH Publisher changed: datadog → GitHub Actions (on 2026-02-18) provenance

This version was published by a different npm account than previous versions on 2026-02-18. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.3

2 findings

HIGH Publisher changed: datadog → GitHub Actions (on 2026-02-17) provenance

This version was published by a different npm account than previous versions on 2026-02-17. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.2

2 findings

HIGH Publisher changed: datadog → GitHub Actions (on 2026-02-09) provenance

This version was published by a different npm account than previous versions on 2026-02-09. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.1

2 findings

HIGH Publisher changed: datadog → GitHub Actions (on 2026-01-29) provenance

This version was published by a different npm account than previous versions on 2026-01-29. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.0

2 findings

HIGH Publisher changed: datadog → GitHub Actions (on 2026-01-22) provenance

This version was published by a different npm account than previous versions on 2026-01-22. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.14.8

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.14.7

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.14.6

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.14.5

2 findings

HIGH Publisher changed: datadog → GitHub Actions (on 2026-03-25) provenance

This version was published by a different npm account than previous versions on 2026-03-25. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.14.4

2 findings

HIGH Publisher changed: datadog → GitHub Actions (on 2026-03-06) provenance

This version was published by a different npm account than previous versions on 2026-03-06. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.14.3

2 findings

HIGH Publisher changed: datadog → GitHub Actions (on 2026-02-17) provenance

This version was published by a different npm account than previous versions on 2026-02-17. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.14.2

2 findings

HIGH Publisher changed: datadog → GitHub Actions (on 2026-02-09) provenance

This version was published by a different npm account than previous versions on 2026-02-09. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.14.1

2 findings

HIGH Publisher changed: datadog → GitHub Actions (on 2026-01-15) provenance

This version was published by a different npm account than previous versions on 2026-01-15. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.14.0

2 findings

HIGH Publisher changed: datadog → GitHub Actions (on 2025-12-11) provenance

This version was published by a different npm account than previous versions on 2025-12-11. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.13.2

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.13.1

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.