@geee-be/react-twui
A comprehensive React UI component library built with Tailwind CSS v4 and Radix UI primitives. Features an intuitive compound component API, full TypeScript support, and accessibility-first design.
7
Versions
MIT
License
No
Install Scripts
Verified
Provenance
Supply chain provenance
Status for the latest visible version.
SLSA provenance attestation
npm registry signatures
No source commit
Maintainers
gregbacchus
Keywords
reactuicomponentstailwindcsstailwindradix-uitypescriptcompound-componentsaccessibilitydesign-systemui-libraryfrontend
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| phantom-deps | phantom-dep:lodash.omit | AI (phantom-deps): Config-file reference; stable pattern for this design-system package. | ai | |
| phantom-deps | phantom-dep:tailwindcss-animate | AI (phantom-deps): Config-file reference; stable pattern for this design-system package. | ai | |
| provenance | slsa-provenance | AI (provenance): Published via CI/CD with Sigstore attestation; stable supply chain integrity signal. | ai | |
| dependencies | unvetted-dep:@iconicicons/react | AI (dependencies): Known icon library; expected dep for a UI component library. | ai | |
| dependencies | unvetted-dep:react-dropzone-esm | AI (dependencies): ESM fork of react-dropzone; expected dep for a UI component library. | ai | |
| dependencies | unvetted-dep:@geee-be/core | AI (dependencies): Same org scope as this package; internal dependency. | ai | |
| dependencies | unvetted-dep:@radix-ui/react-avatar | AI (dependencies): Official Radix UI primitive; stable false positive for this UI library. | ai | |
| dependencies | unvetted-dep:react-advanced-cropper | AI (dependencies): Legitimate image cropper React wrapper; expected dep for a UI component library. | ai | |
| dependencies | unvetted-dep:@geee-be/react-utils | AI (dependencies): Same org scope as this package; internal dependency. | ai | |
| dependencies | unvetted-dep:cva | AI (dependencies): cva is a well-known class-variance-authority package; stable false positive for this UI library. | ai | |
| dependencies | unvetted-dep:advanced-cropper | AI (dependencies): Legitimate image cropper library; expected dep for a UI component library. | ai | |
| phantom-deps | phantom-dep:@radix-ui/react-tabs | AI (phantom-deps): Config/re-export pattern; stable false positive for this Radix UI library. | ai | |
| phantom-deps | phantom-dep:@radix-ui/react-switch | AI (phantom-deps): Config/re-export pattern; stable false positive for this Radix UI library. | ai | |
| phantom-deps | phantom-dep:tailwindcss | AI (phantom-deps): Tailwind is a peer dep and config-only reference in a Tailwind UI library; stable false positive. | ai | |
| phantom-deps | phantom-dep:@radix-ui/react-radio-group | AI (phantom-deps): Config/re-export pattern; stable false positive for this Radix UI library. | ai | |
| phantom-deps | phantom-dep:@radix-ui/react-toggle-group | AI (phantom-deps): Config/re-export pattern; stable false positive for this Radix UI library. | ai | |
| phantom-deps | phantom-dep:@radix-ui/react-toggle | AI (phantom-deps): Config/re-export pattern; stable false positive for this Radix UI library. | ai | |
| phantom-deps | phantom-dep:@tailwindcss/container-queries | AI (phantom-deps): Config-only Tailwind plugin reference; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@geee-be/core | AI (phantom-deps): Same-org dependency; phantom detection is a stable false positive here. | ai | |
| phantom-deps | phantom-dep:jotai | AI (phantom-deps): Config/re-export pattern in UI library; stable false positive. | ai | |
| phantom-deps | phantom-dep:downshift | AI (phantom-deps): Config/re-export pattern in UI library; stable false positive. | ai | |
| phantom-deps | phantom-dep:embla-carousel | AI (phantom-deps): Config/re-export pattern in UI library; stable false positive. | ai | |
| phantom-deps | phantom-dep:flat | AI (phantom-deps): Config-only reference; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:color | AI (phantom-deps): Config-only reference; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:color2k | AI (phantom-deps): Config-only reference; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:deepmerge | AI (phantom-deps): Config-only reference; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@iconicicons/react | AI (phantom-deps): Config/re-export pattern; stable false positive for this UI library. | ai |
Versions (showing 7 of 7)
| Version | Deps | Published |
|---|---|---|
| 2.3.3 | 48 / 22 | |
| 2.3.2 | 48 / 22 | |
| 2.2.13 | 47 / 22 | |
| 2.2.12 | 47 / 22 | |
| 2.2.11 | 47 / 22 | |
| 2.2.9 | 47 / 22 | |
| 2.0.6 | 49 / 22 |
v2.2.13
1 finding
INFO
Has SLSA provenance attestation
provenance
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.2.12
1 finding
INFO
Has SLSA provenance attestation
provenance
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.2.11
1 finding
INFO
Has SLSA provenance attestation
provenance
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.2.9
1 finding
LOW
No provenance attestation
provenance
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.0.6
1 finding
LOW
No provenance attestation
provenance
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.