@kong-ui-public/entities-shared

Shared components for Kong entities.

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

konginc

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
source-diff	obfuscated-file:dist/_plugin-vue_export-helper-CwM56vX0.cjs	AI (source-diff): Standard Vite/Vue minified build artifact; content is clearly Kong UI component logic, not malicious code.	ai	2026/06/01
source-diff	obfuscated-file:dist/_plugin-vue_export-helper-BxQ7nON4.cjs	AI (source-diff): Standard Vite/Vue minified CJS build output; content is readable Kong entity code, not malicious obfuscation.	ai	2026/05/31
source-diff	obfuscated-file:dist/_plugin-vue_export-helper-B5cQfgfE.cjs	AI (source-diff): Standard Vite/Vue minified CJS build artifact; content is clearly legitimate Kong UI component code.	ai	2026/05/31
source-diff	obfuscated-file:dist/_plugin-vue_export-helper-B2WhlBkH.cjs	AI (source-diff): Standard Vite/Rollup minified build artifact; not obfuscated malware.	ai	2026/05/30
source-diff	obfuscated-file:dist/_plugin-vue_export-helper-B3S5Tx0x.cjs	AI (source-diff): Standard Vite/Rollup minified build output for a Vue UI component library; not obfuscation.	ai	2026/05/30
source-diff	obfuscated-file:dist/_plugin-vue_export-helper-BVLVXTg1.cjs	AI (source-diff): Standard Vite/Rollup minified CJS bundle output; content is normal Vue component code, not obfuscation.	ai	2026/05/29
phantom-deps	phantom-dep:@kong-ui-public/core	AI (phantom-deps): Same-org monorepo package; bundled into dist rather than directly imported at source level.	ai	2026/05/29
phantom-deps	phantom-dep:compare-versions	AI (phantom-deps): Monorepo build artifact; dependency is used transitively in bundled output.	ai	2026/05/29

Versions (showing 51 of 134)

View all versions

Version	Deps	Published
3.47.6	2 / 14	2026-05-28
3.47.5	2 / 14	2026-05-28
3.47.4	2 / 14	2026-05-27
3.47.3	2 / 14	2026-05-25
3.47.2	2 / 14	2026-05-19
3.47.1	2 / 14	2026-05-15
3.47.0	2 / 14	2026-05-15
3.46.5	2 / 14	2026-05-13
3.46.4	2 / 14	2026-05-13
3.46.3	2 / 12	2026-05-13
3.46.2	2 / 12	2026-05-12
3.46.1	2 / 12	2026-05-11
3.46.0	2 / 12	2026-05-11
3.45.2	2 / 12	2026-05-08
3.45.1	2 / 12	2026-05-08
3.45.0	2 / 12	2026-05-08
3.44.4	2 / 12	2026-05-07
3.44.3	2 / 12	2026-05-05
3.44.2	2 / 12	2026-05-02
3.44.1	2 / 12	2026-05-01
3.44.0	2 / 12	2026-05-01
3.43.3	2 / 12	2026-05-01
3.43.2	2 / 12	2026-04-30
3.43.1	2 / 12	2026-04-29
3.43.0	2 / 12	2026-04-28
3.42.8	2 / 10	2026-04-26
3.42.7	2 / 10	2026-04-25
3.42.6	2 / 10	2026-04-25
3.42.5	2 / 10	2026-04-25
3.42.4	2 / 10	2026-04-23
3.42.3	2 / 10	2026-04-22
3.42.2	2 / 10	2026-04-22
3.42.1	2 / 10	2026-04-21
3.42.0	2 / 10	2026-04-20
3.41.9	2 / 10	2026-04-17
3.41.8	2 / 10	2026-04-17
3.41.7	2 / 10	2026-04-15
3.41.6	2 / 10	2026-04-10
3.41.5	2 / 10	2026-04-08
3.41.4	2 / 10	2026-04-08
3.41.3	2 / 10	2026-03-31
3.41.2	2 / 10	2026-03-25
3.41.1	2 / 10	2026-03-24
3.41.0	2 / 10	2026-03-23
3.40.3	2 / 10	2026-03-21
3.40.2	2 / 10	2026-03-19
3.40.1	2 / 10	2026-03-18
3.40.0	2 / 10	2026-03-18
3.39.12	2 / 10	2026-03-18
3.39.11	2 / 10	2026-02-12
3.39.10	2 / 10	2026-02-04

v3.47.6

2 findings

HIGH New obfuscated file: dist/_plugin-vue_export-helper-CwM56vX0.cjs source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance