@frontegg/angular
<div align="center"> <img src="https://fronteggstuff.blob.core.windows.net/frongegg-logos/logo-transparent.png" alt="Frontegg Logo" width="400" height="90"> <h3 align="center">Frontegg Angular</h3> <p align="center"> Frontegg is a web platform where
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| provenance | no-provenance | AI (provenance): Established Frontegg package; no provenance is consistent across their entire published catalog. | ai | |
| phantom-deps | phantom-dep:stream | AI (phantom-deps): stream is a declared runtime dep used transitively; phantom-dep false positive for this Angular package. | ai | |
| phantom-deps | phantom-dep:csstype | AI (phantom-deps): csstype is a type-level dep used in config/type declarations, not directly imported; stable false positive. | ai |
Versions (showing 27 of 27)
| Version | Deps | Published |
|---|---|---|
| 7.18.2 | 5 / 0 | |
| 7.18.1 | 5 / 0 | |
| 7.18.0 | 5 / 0 | |
| 7.17.18 | 5 / 0 | |
| 7.17.17 | 5 / 0 | |
| 7.17.16 | 5 / 0 | |
| 7.17.15 | 5 / 0 | |
| 7.17.14 | 5 / 0 | |
| 7.17.13 | 5 / 0 | |
| 7.17.12 | 5 / 0 | |
| 7.17.11 | 5 / 0 | |
| 7.17.10 | 5 / 0 | |
| 7.17.9 | 5 / 0 | |
| 7.17.8 | 5 / 0 | |
| 7.17.7 | 5 / 0 | |
| 7.17.6 | 5 / 0 | |
| 7.17.5 | 5 / 0 | |
| 7.17.4 | 5 / 0 | |
| 7.17.3 | 5 / 0 | |
| 7.17.2 | 5 / 0 | |
| 7.17.1 | 5 / 0 | |
| 7.17.0 | 5 / 0 | |
| 7.16.1 | 5 / 0 | |
| 7.16.0 | 5 / 0 | |
| 7.15.0 | 5 / 0 | |
| 7.14.2 | 5 / 0 | |
| 7.14.1 | 5 / 0 |
v7.18.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.18.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.18.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.17.18
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.17.16
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.17.15
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v7.17.14
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.17.13
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.17.12
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.17.11
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.17.10
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v7.17.9
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v7.17.8
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v7.17.7
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.17.6
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.17.5
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.17.4
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.17.3
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.17.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.17.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.17.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.16.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.16.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v7.15.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v7.14.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v7.14.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.