@feedlog-ai/vue — Greenflagged

Vue bindings for Feedlog Toolkit Web Components

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

odedsharir

Keywords

feedlogvuecomponentsdata-visualization

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
provenance	publisher-changed	AI (provenance): Publisher changed to GitHub Actions CI/CD with SLSA provenance attestation; this is a legitimate and verifiable automated publishing setup.	ai	2026/05/15
typosquat	typosquat.levenshtein:vite	AI (typosquat): Scoped @feedlog-ai/vue package; not a typosquat of vite — different namespace and purpose.	ai	2026/05/01
typosquat	typosquat.levenshtein:yup	AI (typosquat): Scoped @feedlog-ai/vue package; not a typosquat of yup — different namespace and purpose.	ai	2026/05/01

Versions (showing 51 of 53)

View all versions

Version	Deps	Published
0.2.2	1 / 10	2026-04-30
0.2.1	1 / 10	2026-04-29
0.2.0	1 / 10	2026-04-29
0.1.0	1 / 10	2026-04-11
0.0.51	1 / 10	2026-04-04
0.0.50	1 / 10	2026-04-04
0.0.49	1 / 10	2026-04-03
0.0.48	1 / 10	2026-04-02
0.0.47	1 / 10	2026-04-01
0.0.46	1 / 10	2026-03-29
0.0.45	1 / 10	2026-03-28
0.0.44	1 / 10	2026-03-27
0.0.43	1 / 10	2026-03-27
0.0.42	1 / 10	2026-03-27
0.0.41	1 / 10	2026-03-27
0.0.39	1 / 10	2026-03-27
0.0.38	1 / 10	2026-03-27
0.0.37	1 / 10	2026-03-27
0.0.36	1 / 10	2026-03-13
0.0.35	1 / 10	2026-03-11
0.0.34	1 / 10	2026-03-11
0.0.33	1 / 10	2026-03-09
0.0.32	1 / 10	2026-03-08
0.0.31	1 / 10	2026-03-08
0.0.30	1 / 10	2026-03-02
0.0.29	1 / 10	2026-02-28
0.0.28	1 / 10	2026-02-28
0.0.27	1 / 10	2026-02-19
0.0.26	1 / 10	2026-02-19
0.0.25	1 / 10	2026-02-18
0.0.24	1 / 10	2026-02-18
0.0.23	1 / 10	2026-02-18
0.0.22	1 / 10	2026-02-17
0.0.21	1 / 10	2026-02-17
0.0.20	1 / 10	2026-02-08
0.0.19	1 / 10	2026-02-08
0.0.18	1 / 10	2026-02-08
0.0.17	1 / 10	2026-02-08
0.0.16	1 / 10	2026-02-08
0.0.15	1 / 10	2026-02-05
0.0.14	1 / 10	2026-02-03
0.0.13	1 / 10	2026-02-03
0.0.12	1 / 10	2026-02-02
0.0.11	1 / 10	2026-02-01
0.0.10	1 / 10	2026-01-28
0.0.9	1 / 10	2026-01-26
0.0.8	1 / 10	2026-01-25
0.0.7	1 / 10	2026-01-23
0.0.6	1 / 10	2026-01-23
0.0.5	1 / 10	2026-01-23
0.0.4	1 / 10	2026-01-18

v0.2.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.2.1

2 findings

HIGH Publisher changed: odedsharir → GitHub Actions (on 2026-04-29) provenance

This version was published by a different npm account than previous versions on 2026-04-29. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.2.0

2 findings

HIGH Publisher changed: odedsharir → GitHub Actions (on 2026-04-29) provenance

This version was published by a different npm account than previous versions on 2026-04-29. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.1.0

2 findings

HIGH Publisher changed: odedsharir → GitHub Actions (on 2026-04-11) provenance

This version was published by a different npm account than previous versions on 2026-04-11. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.