@myst-theme/jupyter
[](https://www.npmjs.com/package/@myst-theme/jupyter) [](https://github.com/jupyter-book/myst-theme/blob/ma
Supply chain provenance
Status for the latest visible version.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| bogus-package | bogus-package | AI (bogus-package): Scoped monorepo package; thin README and no keywords are normal for this org's packages. | ai | |
| phantom-deps | phantom-dep:myst-spec | AI (phantom-deps): Type-only / config reference in monorepo; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:myst-config | AI (phantom-deps): Type-only / config reference in monorepo; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:thebe-lite | AI (phantom-deps): Bundler/config reference; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:buffer | AI (phantom-deps): Polyfill declared for bundler config; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:nanoid | AI (phantom-deps): Config-level reference; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@headlessui/react | AI (phantom-deps): Config-level reference; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:react-syntax-highlighter | AI (phantom-deps): Config-level reference; stable false positive for this package. | ai |
v1.3.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.2.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.1.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.