← Home

@davidsneighbour/stylelint-config

npm Repository Homepage

Stylelint configuration for use in @davidsneighbour projects.

6
Versions
MIT
License
No
Install Scripts
Verified
Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

davidsneighbour

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
phantom-deps phantom-dep:stylelint AI (phantom-deps): Stylelint config packages reference deps via config, not direct imports; stable false positive for this package type. ai
phantom-deps phantom-dep:stylelint-order AI (phantom-deps): Plugin referenced in config files, not imported directly; expected pattern for stylelint config packages. ai
phantom-deps phantom-dep:stylelint-config-standard-scss AI (phantom-deps): Config extension referenced in config files, not imported directly; expected pattern for stylelint config packages. ai
phantom-deps phantom-dep:@davidsneighbour/browserslist-config AI (phantom-deps): Same-org dep referenced in config, not imported directly; stable false positive for this package. ai
phantom-deps phantom-dep:stylelint-no-unsupported-browser-features AI (phantom-deps): Plugin referenced in config files, not imported directly; expected pattern for stylelint config packages. ai

Versions (showing 6 of 6)

Version Deps Published
2026.0.6 5 / 0
2026.0.4 5 / 0
2026.0.2 5 / 0
2026.0.1 5 / 0
2025.3.8 5 / 0
2025.3.7 5 / 0

v2026.0.6

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2026.0.4

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2026.0.2

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2026.0.1

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2025.3.8

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2025.3.7

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.