← Home

@davidsneighbour/prettier-config

npm Repository Homepage

Prettier configuration for use in @davidsneighbour projects.

4
Versions
MIT
License
No
Install Scripts
Verified
Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

davidsneighbour

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
publish-pattern dormant-publish AI (publish-pattern): Established package with SLSA provenance, consistent author identity, and matching repo; dormancy gap is not indicative of takeover. ai
dependencies unvetted-dep:prettier-eslint AI (dependencies): prettier-eslint is a well-known prettier integration; stable false positive for this config package. ai
dependencies unvetted-dep:prettier-plugin-go-template AI (dependencies): Legitimate prettier plugin for Go templates; expected dependency for this config package. ai
phantom-deps phantom-dep:@prettier/plugin-php AI (phantom-deps): Config-only package; plugin declared as dep, referenced in config not imported. ai
phantom-deps phantom-dep:@prettier/plugin-xml AI (phantom-deps): Config-only package; plugin declared as dep, referenced in config not imported. ai
phantom-deps phantom-dep:prettier-plugin-toml AI (phantom-deps): Config-only package; plugin declared as dep, referenced in config not imported. ai
phantom-deps phantom-dep:prettier AI (phantom-deps): Config-only package; plugins/prettier are declared deps used via config, not imported directly. ai
phantom-deps phantom-dep:prettier-plugin-go-template AI (phantom-deps): Config-only package; plugin declared as dep, referenced in config not imported. ai
phantom-deps phantom-dep:prettier-plugin-tailwindcss AI (phantom-deps): Config-only package; plugin declared as dep, referenced in config not imported. ai
phantom-deps phantom-dep:prettier-plugin-properties AI (phantom-deps): Config-only package; plugin declared as dep, referenced in config not imported. ai
phantom-deps phantom-dep:prettier-eslint AI (phantom-deps): Config-only package; declared dep used via config reference, not direct import. ai
phantom-deps phantom-dep:prettier-plugin-sh AI (phantom-deps): Config-only package; plugin declared as dep, referenced in config not imported. ai

Versions (showing 4 of 4)

Version Deps Published
2026.0.4 9 / 0
2026.0.3 9 / 0
2026.0.2 9 / 0
2025.3.7 9 / 0

v2026.0.4

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2026.0.3

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2026.0.2

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2025.3.7

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.