← Home

@fundamental-ngx/platform

npm Repository Homepage

Fundamental Library for Angular - platform

9
Versions
Apache-2.0
License
No
Install Scripts
Verified
Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

fundamental-ui

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
source-diff obfuscated-file:form/index.d.ts AI (source-diff): Angular-generated .d.ts declaration file with long import lines; not obfuscated code. ai
source-diff obfuscated-file:table/index.d.ts AI (source-diff): Angular-generated .d.ts declaration file with long import lines; not obfuscated code. ai
phantom-deps phantom-dep:tslib AI (phantom-deps): tslib is a standard Angular/TypeScript runtime implicit dependency. ai
phantom-deps phantom-dep:lodash-es AI (phantom-deps): lodash-es referenced in config files; stable false positive for this package. ai
phantom-deps phantom-dep:focus-trap AI (phantom-deps): focus-trap referenced in config files; stable false positive for this package. ai

Versions (showing 9 of 9)

Version Deps Published
0.62.3 4 / 0
0.62.2 4 / 0
0.62.1 4 / 0
0.62.0 4 / 0
0.61.5 4 / 0
0.61.4 4 / 0
0.61.3 4 / 0
0.61.1 4 / 0
0.58.6 4 / 0

v0.62.3

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.62.2

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.62.1

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.62.0

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.61.5

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.61.4

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.61.3

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.58.6

3 findings
HIGH New obfuscated file: form/index.d.ts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: table/index.d.ts source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.