← Home

@live-change/content-frontend

npm
51
Versions
ISC
License
No
Install Scripts
Missing
Provenance

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures gitHead linked

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

m8

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
phantom-deps phantom-dep:rollup-plugin-visualizer AI (phantom-deps): Config-referenced dep; stable false positive. ai
phantom-deps phantom-dep:cross-env AI (phantom-deps): Config-referenced dep in live-change monorepo frontend; stable false positive. ai
phantom-deps phantom-dep:primeicons AI (phantom-deps): Config-referenced dep in live-change monorepo frontend; stable false positive. ai
phantom-deps phantom-dep:compression AI (phantom-deps): Config-referenced dep in live-change monorepo frontend; stable false positive. ai
phantom-deps phantom-dep:@vueuse/core AI (phantom-deps): Config-referenced dep in live-change monorepo frontend; stable false positive. ai
phantom-deps phantom-dep:pretty-bytes AI (phantom-deps): Config-referenced dep in live-change monorepo frontend; stable false positive. ai
phantom-deps phantom-dep:serve-static AI (phantom-deps): Config-referenced dep in live-change monorepo frontend; stable false positive. ai
phantom-deps phantom-dep:get-port-sync AI (phantom-deps): Config-referenced dep in live-change monorepo frontend; stable false positive. ai
phantom-deps phantom-dep:v-shared-element AI (phantom-deps): Config-referenced dep; stable false positive. ai
phantom-deps phantom-dep:codeceptjs-assert AI (phantom-deps): Config-referenced dep; stable false positive. ai
phantom-deps phantom-dep:vue3-scroll-border AI (phantom-deps): Config-referenced dep; stable false positive. ai
phantom-deps phantom-dep:serialize-javascript AI (phantom-deps): Config-referenced dep; stable false positive. ai
phantom-deps phantom-dep:pica AI (phantom-deps): Config-referenced dep in live-change monorepo frontend; stable false positive. ai
phantom-deps phantom-dep:primeflex AI (phantom-deps): CSS utility dep referenced in config files; stable false positive. ai
phantom-deps phantom-dep:@live-change/cli AI (phantom-deps): Same-org CLI tool used in scripts; stable false positive. ai
phantom-deps phantom-dep:@live-change/vue3-ssr AI (phantom-deps): Same-org dep; stable false positive for this monorepo package. ai
phantom-deps phantom-dep:@live-change/dao-websocket AI (phantom-deps): Same-org dep; stable false positive. ai
phantom-deps phantom-dep:@live-change/image-service AI (phantom-deps): Same-org dep; stable false positive. ai
phantom-deps phantom-dep:@live-change/session-service AI (phantom-deps): Same-org dep; stable false positive. ai
phantom-deps phantom-dep:@live-change/vue3-components AI (phantom-deps): Same-org dep; stable false positive. ai
phantom-deps phantom-dep:@live-change/dao AI (phantom-deps): Same-org dep; stable false positive. ai
phantom-deps phantom-dep:@live-change/dao-vue3 AI (phantom-deps): Same-org dep; stable false positive. ai
bogus-package bogus-package AI (bogus-package): Internal monorepo component; no description/repo is expected for this package type. ai
phantom-deps phantom-dep:primevue AI (phantom-deps): UI framework dep referenced in config files; stable false positive for this frontend package. ai

Versions (showing 51 of 134)

View all versions
Version Deps Published
0.9.209 29 / 7
0.9.208 29 / 7
0.9.207 29 / 7
0.9.206 29 / 7
0.9.205 29 / 7
0.9.204 29 / 7
0.9.203 29 / 7
0.9.201 29 / 7
0.9.200 29 / 7
0.9.199 29 / 7
0.9.198 29 / 7
0.9.197 29 / 7
0.9.196 29 / 7
0.9.195 29 / 7
0.9.194 29 / 7
0.9.193 29 / 7
0.9.192 29 / 7
0.9.191 29 / 7
0.9.190 29 / 7
0.9.189 29 / 7
0.9.188 29 / 7
0.9.187 29 / 7
0.9.186 29 / 7
0.9.185 29 / 7
0.9.184 29 / 7
0.9.183 29 / 7
0.9.182 29 / 7
0.9.181 29 / 7
0.9.180 29 / 7
0.9.179 29 / 7
0.9.177 29 / 7
0.9.176 29 / 7
0.9.175 29 / 7
0.9.174 29 / 7
0.9.173 29 / 7
0.9.171 29 / 7
0.9.169 29 / 7
0.9.167 29 / 7
0.9.166 29 / 7
0.9.165 29 / 7
0.9.164 29 / 7
0.9.163 29 / 7
0.9.162 29 / 7
0.9.161 29 / 7
0.9.160 29 / 7
0.9.159 29 / 7
0.9.158 29 / 7
0.9.157 29 / 7
0.9.156 29 / 7
0.9.155 29 / 7
0.9.154 29 / 7

v0.9.209

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.208

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.207

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.206

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.205

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.203

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.201

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.200

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.199

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.198

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.197

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.196

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.195

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.9.194

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.193

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.192

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.191

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.9.190

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.189

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.188

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.187

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.9.186

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.185

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.9.184

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.183

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.182

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.181

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.9.180

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.179

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.177

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.176

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.175

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.174

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.9.173

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.171

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.9.169

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.167

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.166

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.165

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.9.164

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.163

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.162

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.161

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.160

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.159

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.158

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.9.157

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.156

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.9.155

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.9.154

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.