@enymo/adminium
This template provides a minimal setup to get React working in Vite with HMR and some ESLint rules.
Supply chain provenance
Status for the latest visible version.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| phantom-deps | phantom-dep:@enymo/ts-nullsafe | AI (phantom-deps): Same-org scoped dependency; likely used via re-exports. Stable pattern for this package. | ai | |
| phantom-deps | phantom-dep:immer | AI (phantom-deps): Declared dependency; likely used via re-exports or config. Stable pattern for this package. | ai | |
| phantom-deps | phantom-dep:@dnd-kit/core | AI (phantom-deps): Declared dependency; likely used via re-exports or config. Stable pattern for this package. | ai | |
| phantom-deps | phantom-dep:@dnd-kit/sortable | AI (phantom-deps): Declared dependency; likely used via re-exports or config. Stable pattern for this package. | ai | |
| phantom-deps | phantom-dep:@dnd-kit/modifiers | AI (phantom-deps): Declared dependency; likely used via re-exports or config. Stable pattern for this package. | ai | |
| phantom-deps | phantom-dep:@dnd-kit/utilities | AI (phantom-deps): Declared dependency; likely used via re-exports or config. Stable pattern for this package. | ai | |
| dependencies | unvetted-dep:@enymo/comparison | AI (dependencies): Same-org first-party dependency; stable false positive for this package. | ai | |
| dependencies | unvetted-dep:@enymo/ts-nullsafe | AI (dependencies): Same-org first-party dependency; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:dayjs | AI (phantom-deps): dayjs is a declared runtime dependency; phantom-dep heuristic misfires on this package's build setup. | ai | |
| bogus-package | bogus-package | AI (bogus-package): Org-scoped internal library; sparse README and no keywords are typical for private ecosystem packages. | ai | |
| phantom-deps | phantom-dep:lodash | AI (phantom-deps): lodash is a declared runtime dependency; phantom-dep heuristic false positive for this package. | ai | |
| phantom-deps | phantom-dep:@enymo/comparison | AI (phantom-deps): Same-org dependency; phantom-dep heuristic false positive for this package. | ai |
Versions (showing 10 of 10)
| Version | Deps | Published |
|---|---|---|
| 0.9.7 | 7 / 22 | |
| 0.9.3 | 7 / 22 | |
| 0.9.2 | 7 / 22 | |
| 0.9.0 | 7 / 22 | |
| 0.8.4 | 7 / 22 | |
| 0.8.1 | 7 / 22 | |
| 0.7.5 | 7 / 21 | |
| 0.7.4 | 7 / 21 | |
| 0.4.0 | 6 / 20 | |
| 0.1.1 | 9 / 20 |
v0.9.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.8.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.8.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.5
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.4.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.