@djangocfg/nextjs
Next.js server utilities: sitemap, health, OG images, contact forms, navigation, config
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| typosquat | typosquat.levenshtein:next | AI (typosquat): Scoped package @djangocfg/nextjs is part of a Django config ecosystem, not a typosquat of 'next'. | ai | |
| semgrep | semgrep:dynamic-require | AI (semgrep): Dynamic require resolves a package.json path via createRequire — benign version-lookup pattern, stable for this package. | ai | |
| phantom-deps | phantom-dep:@serwist/sw | AI (phantom-deps): Referenced in config files as a peer/optional dep, not directly imported — stable false positive for this package. | ai |
Versions (showing 100 of 169)
| Version | Deps | Published |
|---|---|---|
| 2.1.431 | 8 / 15 | |
| 2.1.430 | 8 / 15 | |
| 2.1.429 | 8 / 15 | |
| 2.1.428 | 8 / 15 | |
| 2.1.427 | 8 / 15 | |
| 2.1.426 | 8 / 15 | |
| 2.1.425 | 8 / 15 | |
| 2.1.424 | 8 / 15 | |
| 2.1.423 | 8 / 15 | |
| 2.1.422 | 8 / 15 | |
| 2.1.421 | 8 / 15 | |
| 2.1.420 | 8 / 15 | |
| 2.1.419 | 8 / 15 | |
| 2.1.418 | 8 / 15 | |
| 2.1.417 | 8 / 15 | |
| 2.1.416 | 8 / 15 | |
| 2.1.415 | 8 / 15 | |
| 2.1.413 | 8 / 15 | |
| 2.1.412 | 8 / 15 | |
| 2.1.411 | 8 / 15 | |
| 2.1.409 | 8 / 15 | |
| 2.1.408 | 8 / 15 | |
| 2.1.407 | 8 / 15 | |
| 2.1.404 | 8 / 15 | |
| 2.1.402 | 8 / 15 | |
| 2.1.400 | 8 / 15 | |
| 2.1.399 | 8 / 15 | |
| 2.1.397 | 8 / 15 | |
| 2.1.395 | 8 / 15 | |
| 2.1.394 | 8 / 15 | |
| 2.1.393 | 8 / 15 | |
| 2.1.390 | 8 / 15 | |
| 2.1.389 | 8 / 15 | |
| 2.1.387 | 8 / 15 | |
| 2.1.385 | 8 / 15 | |
| 2.1.384 | 8 / 15 | |
| 2.1.383 | 8 / 15 | |
| 2.1.382 | 8 / 15 | |
| 2.1.381 | 8 / 15 | |
| 2.1.380 | 8 / 15 | |
| 2.1.379 | 8 / 15 | |
| 2.1.378 | 8 / 15 | |
| 2.1.377 | 8 / 15 | |
| 2.1.376 | 8 / 15 | |
| 2.1.375 | 8 / 15 | |
| 2.1.374 | 8 / 15 | |
| 2.1.373 | 8 / 15 | |
| 2.1.372 | 8 / 15 | |
| 2.1.371 | 8 / 15 | |
| 2.1.369 | 8 / 15 | |
| 2.1.368 | 8 / 15 | |
| 2.1.367 | 8 / 15 | |
| 2.1.366 | 8 / 15 | |
| 2.1.365 | 8 / 15 | |
| 2.1.364 | 8 / 15 | |
| 2.1.363 | 8 / 15 | |
| 2.1.362 | 8 / 15 | |
| 2.1.361 | 8 / 15 | |
| 2.1.360 | 8 / 15 | |
| 2.1.359 | 8 / 15 | |
| 2.1.358 | 8 / 15 | |
| 2.1.357 | 8 / 15 | |
| 2.1.356 | 8 / 15 | |
| 2.1.355 | 8 / 15 | |
| 2.1.354 | 8 / 15 | |
| 2.1.353 | 8 / 15 | |
| 2.1.352 | 8 / 15 | |
| 2.1.351 | 8 / 15 | |
| 2.1.350 | 8 / 15 | |
| 2.1.349 | 8 / 15 | |
| 2.1.348 | 8 / 15 | |
| 2.1.347 | 8 / 15 | |
| 2.1.346 | 8 / 15 | |
| 2.1.345 | 8 / 15 | |
| 2.1.344 | 8 / 15 | |
| 2.1.342 | 8 / 15 | |
| 2.1.341 | 8 / 15 | |
| 2.1.340 | 8 / 15 | |
| 2.1.339 | 8 / 15 | |
| 2.1.338 | 8 / 15 | |
| 2.1.337 | 8 / 15 | |
| 2.1.336 | 8 / 15 | |
| 2.1.335 | 8 / 15 | |
| 2.1.334 | 8 / 15 | |
| 2.1.333 | 8 / 15 | |
| 2.1.332 | 8 / 15 | |
| 2.1.331 | 8 / 15 | |
| 2.1.327 | 8 / 15 | |
| 2.1.322 | 8 / 15 | |
| 2.1.321 | 8 / 15 | |
| 2.1.320 | 8 / 15 | |
| 2.1.319 | 8 / 15 | |
| 2.1.318 | 8 / 15 | |
| 2.1.317 | 8 / 15 | |
| 2.1.316 | 8 / 15 | |
| 2.1.315 | 8 / 15 | |
| 2.1.314 | 8 / 15 | |
| 2.1.313 | 8 / 15 | |
| 2.1.312 | 8 / 15 | |
| 2.1.310 | 8 / 15 |
v2.1.431
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.430
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.429
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.428
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.427
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.426
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.425
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.424
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.423
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.422
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.421
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.420
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.419
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.418
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.417
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.416
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.415
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.413
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.412
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.411
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.409
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.408
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.407
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.404
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.402
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.400
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.399
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.397
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.395
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.394
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.393
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.390
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.389
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.387
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.385
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.384
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.383
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.382
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.381
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.380
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.379
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.378
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.377
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.376
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.375
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.374
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.373
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.372
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.371
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.369
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.368
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.367
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.366
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.365
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.364
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.363
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.362
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.361
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.360
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.359
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.358
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.357
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.356
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.355
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.354
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.353
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.352
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.351
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.350
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.349
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.348
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.347
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.346
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.345
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.344
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.342
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.341
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.340
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.339
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.338
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.337
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.336
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.1.335
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.1.333
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.332
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.331
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.327
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.322
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.321
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.320
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.319
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.318
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.317
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.316
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.315
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.314
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.313
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.312
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.310
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.