@finos/legend-application-marketplace

Legend Marketplace application core

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures gitHead linked

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

finos-adminmaootexodusneil.slinger

Keywords

legendlegend-applicationlegend-marketplacesearchdiscovery

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
phantom-deps	phantom-dep:@types/react	AI (phantom-deps): Framework-scoped type package loaded by convention in React projects.	ai	2026/04/30
phantom-deps	phantom-dep:@types/react-dom	AI (phantom-deps): Framework-scoped type package loaded by convention in React projects.	ai	2026/04/30
dependencies	unvetted-dep:@finos/legend-art	AI (dependencies): Sibling FINOS legend-studio monorepo package; stable across versions.	ai	2026/04/29
dependencies	unvetted-dep:@finos/legend-lego	AI (dependencies): Sibling FINOS legend-studio monorepo package; stable across versions.	ai	2026/04/29
dependencies	unvetted-dep:react-oidc-context	AI (dependencies): Standard OIDC React library; legitimate dependency.	ai	2026/04/29
dependencies	unvetted-dep:@finos/legend-graph	AI (dependencies): Sibling FINOS legend-studio monorepo package; stable across versions.	ai	2026/04/29
dependencies	unvetted-dep:@finos/legend-shared	AI (dependencies): Sibling FINOS legend-studio monorepo package; stable across versions.	ai	2026/04/29
dependencies	unvetted-dep:@finos/legend-storage	AI (dependencies): Sibling FINOS legend-studio monorepo package; stable across versions.	ai	2026/04/29
dependencies	unvetted-dep:@finos/legend-application	AI (dependencies): Sibling FINOS legend-studio monorepo package; stable across versions.	ai	2026/04/29
dependencies	unvetted-dep:@finos/legend-code-editor	AI (dependencies): Sibling FINOS legend-studio monorepo package; stable across versions.	ai	2026/04/29
dependencies	unvetted-dep:@finos/legend-server-depot	AI (dependencies): Sibling FINOS legend-studio monorepo package; stable across versions.	ai	2026/04/29
dependencies	unvetted-dep:serializr	AI (dependencies): Well-known serialization library; no advisories, legitimate dependency for this FINOS package.	ai	2026/04/29
dependencies	unvetted-dep:@finos/legend-server-marketplace	AI (dependencies): Sibling FINOS legend-studio monorepo package; stable across versions.	ai	2026/04/29
dependencies	unvetted-dep:@finos/legend-extension-dsl-data-space	AI (dependencies): Sibling FINOS legend-studio monorepo package; stable across versions.	ai	2026/04/29
dependencies	unvetted-dep:@finos/legend-extension-dsl-data-product	AI (dependencies): Sibling FINOS legend-studio monorepo package; stable across versions.	ai	2026/04/29
phantom-deps	phantom-dep:yaml	AI (phantom-deps): Config-file reference pattern; false positive for monorepo build tooling.	ai	2026/04/29
phantom-deps	phantom-dep:dompurify	AI (phantom-deps): Config-file reference pattern; false positive for monorepo build tooling.	ai	2026/04/29
phantom-deps	phantom-dep:react-dnd	AI (phantom-deps): Config-file reference pattern; false positive for monorepo build tooling.	ai	2026/04/29
phantom-deps	phantom-dep:mobx-utils	AI (phantom-deps): Config-file reference pattern; false positive for monorepo build tooling.	ai	2026/04/29
phantom-deps	phantom-dep:node-diff3	AI (phantom-deps): Config-file reference pattern; false positive for monorepo build tooling.	ai	2026/04/29
dependencies	unvetted-dep:@finos/legend-server-lakehouse	AI (dependencies): Sibling FINOS legend-studio monorepo package; stable across versions.	ai	2026/04/29
dependencies	unvetted-dep:node-diff3	AI (dependencies): Standard diff library; legitimate dependency for this FINOS package.	ai	2026/04/29

Versions (showing 51 of 111)

View all versions

Version	Deps	Published
0.2.20	30 / 10	2026-06-05
0.2.19	30 / 10	2026-06-04
0.2.17	30 / 10	2026-06-03
0.2.16	30 / 10	2026-06-03
0.2.15	30 / 10	2026-06-03
0.2.14	30 / 10	2026-06-01
0.2.13	30 / 10	2026-05-26
0.2.12	30 / 10	2026-05-20
0.2.11	30 / 10	2026-05-18
0.2.10	30 / 10	2026-05-11
0.2.9	30 / 10	2026-05-11
0.2.8	30 / 10	2026-05-07
0.2.7	30 / 10	2026-05-06
0.2.6	30 / 10	2026-05-05
0.2.5	30 / 10	2026-05-01
0.2.4	30 / 10	2026-04-29
0.2.3	30 / 10	2026-04-27
0.2.2	30 / 10	2026-04-20
0.2.1	30 / 10	2026-04-13
0.2.0	30 / 10	2026-04-06
0.1.85	30 / 10	2026-03-31
0.1.84	30 / 10	2026-03-31
0.1.30	31 / 9	2025-10-28
0.1.29	31 / 9	2025-10-27
0.1.28	31 / 9	2025-10-24
0.1.27	31 / 9	2025-10-22
0.1.26	31 / 9	2025-10-20
0.1.25	31 / 9	2025-10-17
0.1.24	31 / 9	2025-10-15
0.1.23	31 / 9	2025-10-10
0.1.22	31 / 9	2025-10-10
0.1.21	31 / 9	2025-10-09
0.1.20	31 / 9	2025-10-06
0.1.19	31 / 9	2025-10-02
0.1.18	31 / 9	2025-09-30
0.1.17	31 / 9	2025-09-29
0.1.16	31 / 9	2025-09-29
0.1.15	31 / 9	2025-09-27
0.1.14	31 / 9	2025-09-25
0.1.13	30 / 9	2025-09-24
0.1.12	29 / 9	2025-09-19
0.1.11	29 / 9	2025-09-18
0.1.10	29 / 9	2025-09-18
0.1.9	28 / 9	2025-09-17
0.1.8	28 / 9	2025-09-16
0.1.7	28 / 9	2025-09-15
0.1.6	28 / 9	2025-09-11
0.1.5	28 / 9	2025-09-11
0.1.4	28 / 9	2025-09-08
0.1.3	28 / 9	2025-09-04
0.1.2	28 / 9	2025-09-04