@jupyterlab/toc — Greenflagged

JupyterLab - Table of Contents widget

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

darianblink1073jasongroutfcollonvaljtpiombektaskrassowskijupyterlab-release-bot

Keywords

jupyterlab

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
publish-pattern	new-deps-added	AI (publish-pattern): All new deps are canonical JupyterLab/Lumino ecosystem packages. The diff is cross-major-version (5.x vs 6.x), making dependency differences expected and benign for this package.	ai	2026/04/23
source-diff	large-new-source-files	AI (source-diff): Cross-major-version diff (5.x vs 6.x) naturally produces large file count differences. Package has SLSA provenance and is published by the official JupyterLab release bot.	ai	2026/04/23
dependencies	unvetted-dep:@jupyter/react-components	AI (dependencies): @jupyter/react-components is an official Jupyter project package under the @jupyter scope, consistent with JupyterLab's ecosystem. Not a suspicious dependency.	ai	2026/04/23
dependencies	unvetted-dep:@jupyterlab/markdownviewer	AI (dependencies): @jupyterlab/markdownviewer is a first-party JupyterLab package from the same monorepo, published by the same trusted jupyterlab-release-bot. Stable accept for this package.	ai	2026/04/23
typosquat	typosquat.levenshtein:zod	AI (typosquat): Clearly not a typosquat; @jupyterlab/toc is a scoped official JupyterLab package with nearly 3000 days of history.	ai	2026/04/21
typosquat	typosquat.levenshtein:got	AI (typosquat): Clearly not a typosquat; @jupyterlab/toc is a scoped official JupyterLab package with nearly 3000 days of history.	ai	2026/04/21
typosquat	typosquat.levenshtein:koa	AI (typosquat): Clearly not a typosquat; @jupyterlab/toc is a scoped official JupyterLab package with nearly 3000 days of history.	ai	2026/04/21
bogus-package	bogus-package	AI (bogus-package): False positive: @jupyterlab/toc has 2828 days of history and 318 versions. Inflated semver and short README signals do not apply to this long-established package.	ai	2026/04/21
typosquat	typosquat.levenshtein:joi	AI (typosquat): Clearly not a typosquat; @jupyterlab/toc is a scoped official JupyterLab package with nearly 3000 days of history.	ai	2026/04/21

Versions (showing 51 of 137)

View all versions

Version	Deps	Published
6.5.7	15 / 6	2026-04-29
6.5.6	15 / 6	2026-03-11
6.5.5	15 / 6	2026-02-23
6.5.4	15 / 6	2026-02-11
6.5.3	15 / 6	2026-01-23
6.5.2	15 / 6	2026-01-12
6.5.1	15 / 6	2025-12-15
6.5.0	15 / 6	2025-11-18
6.4.10	15 / 6	2025-10-22
6.4.9	15 / 6	2025-09-26
6.4.8	15 / 6	2025-09-25
6.4.7	15 / 6	2025-09-03
6.4.6	15 / 6	2025-08-15
6.4.5	15 / 6	2025-07-20
6.4.4	15 / 6	2025-06-28
6.4.3	15 / 6	2025-05-26
6.4.2	15 / 6	2025-05-06
6.4.1	15 / 6	2025-04-22
6.4.0	15 / 6	2025-04-03
6.3.8	15 / 6	2025-06-24
6.3.7	15 / 6	2025-04-30
6.3.6	15 / 6	2025-03-14
6.3.5	15 / 6	2025-01-29
6.3.4	15 / 6	2024-12-18
6.3.3	15 / 6	2024-12-10
6.3.2	15 / 6	2024-12-03
6.3.1	15 / 6	2024-11-16
6.3.0	15 / 6	2024-10-30
6.2.7	14 / 6	2025-01-08
6.2.6	14 / 6	2024-11-15
6.2.5	14 / 6	2024-08-26
6.2.4	14 / 6	2024-07-18
6.2.3	14 / 6	2024-06-26
6.2.2	14 / 6	2024-06-10
6.2.1	14 / 6	2024-05-23
6.2.0	14 / 6	2024-05-06
6.1.8	14 / 7	2024-04-26
6.1.7	14 / 7	2024-04-26
6.1.6	14 / 7	2024-04-08
6.1.5	14 / 7	2024-03-14
6.1.4	14 / 7	2024-03-07
6.1.3	14 / 7	2024-03-04
6.1.2	14 / 7	2024-02-19
6.1.1	14 / 7	2024-02-13
6.1.0	14 / 7	2024-02-05
6.0.13	14 / 7	2024-02-26
6.0.12	14 / 7	2024-01-30
6.0.11	14 / 7	2024-01-19
6.0.10	13 / 7	2023-12-29
6.0.9	13 / 7	2023-11-18
6.0.8	13 / 7	2023-11-02