@everymatrix/general-player-login-form-nd
9
Versions
—
License
No
Install Scripts
Missing
Provenance
Supply chain provenance
Status for the latest visible version.
No SLSA provenance
npm registry signatures
gitHead linked
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
clokzeoleksandr.v.stepanovtaras.maksymivnatalya.anisimovaemfe_releasemariana.gheorgheadrian.priponandriizadvirnyiraulvasileemstrulea.sebastianstefan.vladgoe.sutadragos.bodeamaria.bumbarstefanaotong.woodtikarncatalinpoclidcristi.ungureanuliviuclement.everymatrixmihaibalanfrankie24
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:components/GeneralPlayerLoginFormNd-BL6jCEoV.js | AI (source-diff): Standard minified Svelte/JS bundle output; readable framework code visible in sample, not obfuscation. | ai | |
| source-diff | obfuscated-file:components/GeneralPlayerLoginFormNd-Bq2-n76r.js | AI (source-diff): Standard minified Svelte/JS bundle output; readable framework code visible in sample, not obfuscation. | ai | |
| source-diff | obfuscated-file:components/GeneralPlayerSmsVerificationForm-458aJWpZ.cjs | AI (source-diff): Standard CJS build output; contains only i18n translations and component logic. | ai | |
| source-diff | obfuscated-file:components/GeneralPlayerLoginFormNd-CvfNpsrG.cjs | AI (source-diff): Standard CJS build output from Svelte/Vite bundler; stable for this scoped package. | ai | |
| source-diff | obfuscated-file:components/GeneralPlayerLoginFormNd-2zAEC5xl.js | AI (source-diff): Standard ESM build output from Svelte/Vite bundler. | ai | |
| source-diff | obfuscated-file:components/GeneralPlayerLoginFormNd-CRhH59_Q.js | AI (source-diff): Standard ESM build output from Svelte/Vite bundler. | ai | |
| maintainer-change | maintainer-removed | AI (maintainer-change): Internal @everymatrix team transition; publisher has 14k+ approved packages in same org. | ai | |
| source-diff | obfuscated-file:components/GeneralPlayerLoginFormNd-C923XW7k.js | AI (source-diff): Standard minified Svelte bundle output; not intentionally obfuscated. Stable pattern for this component library. | ai | |
| source-diff | obfuscated-file:components/GeneralPlayerLoginFormNd-BdJbw-ly.js | AI (source-diff): Standard minified Svelte bundle output; not intentionally obfuscated. Stable pattern for this component library. | ai | |
| npm-metadata | no-description | AI (npm-metadata): Stable pattern for this internal component package across all versions. | ai | |
| provenance | no-provenance | AI (provenance): No provenance has been provided across the package's history; not a new regression. | ai | |
| bogus-package | bogus-package | AI (bogus-package): Internal component package; no repo/description is consistent across all 422 versions. | ai |