@decocms/start — Greenflagged

Deco framework for TanStack Start - CMS bridge, admin protocol, hooks, schema generation

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

camudogimenes-decocxcrazydeviljonasjesusfirstdoitvinventura

Keywords

decotanstackcmsframework

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
semgrep	semgrep:shady-links-raw-ip	AI (semgrep): 127.0.0.1:0 is a localhost no-op fallback for OTLP when unconfigured; not a real network target.	ai	2026/05/31
publish-pattern	rapid-publish	AI (publish-pattern): Package uses automated CI/CD releases (GitHub Actions + SLSA provenance); rapid publishes are expected.	ai	2026/05/30
source-diff	large-new-source-files	AI (source-diff): Active framework package with frequent releases; large file additions reflect feature development, not injection.	ai	2026/05/29
dependencies	unvetted-dep:@deco-cx/warp-node	AI (dependencies): Same org (@deco-cx) as the publisher; internal dependency, not a third-party risk.	ai	2026/04/30
semgrep	semgrep:env-spread	AI (semgrep): env spread is in a CLI migration script passing env to a child process — intentional and not a secret leak.	ai	2026/04/29
phantom-deps	phantom-dep:tsx	AI (phantom-deps): tsx is a declared runtime dependency used as a script runner, not a direct import.	ai	2026/04/29

Versions (showing 100 of 129)

Version	Deps	Published
6.4.7	7 / 14	2026-06-04
6.4.6	7 / 14	2026-06-03
6.4.5	7 / 14	2026-06-03
6.4.4	7 / 14	2026-06-03
6.4.3	7 / 14	2026-06-03
6.4.2	7 / 14	2026-06-03
6.4.1	7 / 14	2026-06-03
6.4.0	7 / 14	2026-06-01
6.3.1	7 / 14	2026-06-01
6.3.0	7 / 14	2026-05-29
6.2.1	7 / 14	2026-05-27
6.2.0	7 / 14	2026-05-25
6.1.0	7 / 14	2026-05-25
6.0.1	7 / 14	2026-05-21
6.0.0	7 / 14	2026-05-21
5.4.2	7 / 14	2026-05-21
5.4.1	7 / 14	2026-05-21
5.4.0	7 / 14	2026-05-21
5.3.0	7 / 14	2026-05-19
5.2.2	7 / 14	2026-05-19
5.0.0	7 / 14	2026-05-08
4.6.0	14 / 14	2026-05-08
2.30.1	15 / 14	2026-05-07
2.30.0	15 / 14	2026-05-07
2.25.0	4 / 16	2026-05-01
2.24.0	4 / 16	2026-05-01
2.16.0	4 / 16	2026-05-01
2.1.0	4 / 16	2026-04-29
2.0.1	1 / 15	2026-04-28
2.0.0	1 / 15	2026-04-28
1.7.0	1 / 15	2026-04-28
1.6.3	1 / 15	2026-04-27
1.6.2	1 / 15	2026-04-22
1.6.1	1 / 15	2026-04-22
1.6.0	1 / 15	2026-04-22
1.5.0	1 / 15	2026-04-15
1.4.4	1 / 15	2026-04-15
1.4.3	1 / 15	2026-04-13
1.4.2	1 / 15	2026-04-13
1.4.1	1 / 15	2026-04-08
1.4.0	1 / 15	2026-04-08
1.3.7	1 / 15	2026-04-08
1.3.6	1 / 15	2026-04-08
1.3.5	1 / 15	2026-04-08
1.3.4	1 / 15	2026-04-08
1.3.3	1 / 15	2026-04-08
1.3.2	1 / 15	2026-04-07
1.3.1	1 / 15	2026-04-07
1.3.0	1 / 15	2026-04-07
1.2.10	1 / 15	2026-04-07
1.2.9	1 / 15	2026-04-03
1.2.8	1 / 15	2026-04-03
1.2.7	1 / 15	2026-04-03
1.2.6	1 / 15	2026-04-03
1.2.5	1 / 15	2026-04-03
1.2.4	1 / 15	2026-04-03
1.2.3	1 / 15	2026-04-03
1.2.2	1 / 15	2026-04-03
1.2.1	1 / 15	2026-04-02
1.2.0	1 / 15	2026-04-02
1.1.0	1 / 15	2026-04-02
1.0.0	1 / 15	2026-04-02
0.43.0	1 / 14	2026-04-02
0.42.3	1 / 12	2026-04-01
0.42.2	1 / 12	2026-03-31
0.42.1	1 / 12	2026-03-31
0.42.0	1 / 12	2026-03-31
0.41.0	0 / 12	2026-03-31
0.40.1	0 / 12	2026-03-31
0.40.0	0 / 12	2026-03-31
0.39.0	0 / 12	2026-03-30
0.38.0	0 / 12	2026-03-30
0.37.3	0 / 12	2026-03-30
0.37.2	0 / 12	2026-03-29
0.37.1	0 / 12	2026-03-28
0.37.0	0 / 12	2026-03-28
0.36.5	0 / 12	2026-03-27
0.36.4	0 / 12	2026-03-27
0.36.3	0 / 12	2026-03-27
0.36.2	0 / 12	2026-03-27
0.36.1	0 / 12	2026-03-27
0.36.0	0 / 12	2026-03-27
0.35.1	0 / 12	2026-03-27
0.35.0	0 / 12	2026-03-27
0.34.1	0 / 12	2026-03-27
0.34.0	0 / 12	2026-03-27
0.33.0	0 / 12	2026-03-27
0.32.3	0 / 12	2026-03-27
0.32.2	0 / 12	2026-03-27
0.32.1	0 / 12	2026-03-27
0.32.0	0 / 12	2026-03-27
0.31.1	0 / 12	2026-03-25
0.31.0	0 / 12	2026-03-25
0.30.4	0 / 12	2026-03-23
0.30.3	0 / 12	2026-03-23
0.30.2	0 / 12	2026-03-22
0.30.1	0 / 12	2026-03-21
0.30.0	0 / 12	2026-03-20
0.29.3	0 / 12	2026-03-20
0.29.2	0 / 12	2026-03-20

Showing 100 of 129 Next page →