@jupyterlab/metapackage BSD-3-Clause 8 versions

@jupyterlab/metapackage

npm Repository Homepage

JupyterLab - Meta Package. All of the packages used by the core JupyterLab application

8

Versions

BSD-3-Clause

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

darianblink1073jasongroutfcollonvaljtpiombektaskrassowskijupyterlab-release-bot

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
phantom-deps	phantom-dep:@jupyterlab/console	AI (phantom-deps): Metapackage aggregates @jupyterlab/* deps for re-export; phantom-deps expected.	ai	2026/05/07
phantom-deps	phantom-dep:@jupyterlab/application	AI (phantom-deps): Metapackage aggregates @jupyterlab/* deps for re-export; phantom-deps expected.	ai	2026/05/07
phantom-deps	phantom-dep:@jupyterlab/cells	AI (phantom-deps): Metapackage pattern: same-org deps declared for transitive availability.	ai	2026/05/07
phantom-deps	phantom-dep:@jupyterlab/lsp	AI (phantom-deps): Metapackage pattern: all @jupyterlab/* deps are re-exported aggregates, not directly imported.	ai	2026/05/02
phantom-deps	phantom-dep:@jupyterlab/toc	AI (phantom-deps): Metapackage pattern: stable false positive for this aggregation package.	ai	2026/05/02
bogus-package	bogus-package	AI (bogus-package): Empty main and minimal README are expected for a metapackage that only aggregates dependencies.	ai	2026/05/02

Versions (showing 8 of 8)

Version	Deps	Published
4.5.7	100 / 7	2026-04-29
4.5.5	100 / 7	2026-02-23
4.5.4	100 / 7	2026-02-11
4.5.1	100 / 7	2025-12-15
4.4.4	98 / 7	2025-06-28
4.4.3	98 / 7	2025-05-26
4.4.2	98 / 7	2025-05-06
4.3.8	97 / 7	2025-06-24

v4.5.7

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4.5.5

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4.5.4

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4.5.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4.4.4

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4.4.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4.4.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4.3.8

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.