@nice-move/stylelint-config

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

airkro

Keywords

configcsslessnice-moveprettierscssstandardstylestylelint

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
dependencies	unvetted-dep:settingz	AI (dependencies): Long-standing dep in this package; stable across many approved versions.	ai	2026/05/21
dependencies	unvetted-dep:stylelint-suitcss	AI (dependencies): Long-standing dep in this package; stable across many approved versions.	ai	2026/05/21
phantom-deps	phantom-dep:stylelint-require-units	AI (phantom-deps): Config package references deps via config strings, not direct imports; stable pattern for this package.	ai	2026/05/15
phantom-deps	phantom-dep:stylelint-suitcss	AI (phantom-deps): Config package references plugins by name in config objects, not via import; stable false positive.	ai	2026/05/15
phantom-deps	phantom-dep:stylelint-no-unresolved-module	AI (phantom-deps): Config package; deps declared for peer resolution, not direct import. Stable pattern.	ai	2026/05/15
phantom-deps	phantom-dep:postcss	AI (phantom-deps): Stylelint config package; deps are referenced as config values, not direct imports. Stable FP for this package.	ai	2026/05/15
phantom-deps	phantom-dep:stylelint-declaration-block-no-ignored-properties	AI (phantom-deps): Stylelint config package; deps are referenced as config values, not direct imports. Stable FP for this package.	ai	2026/05/15
phantom-deps	phantom-dep:postcss-html	AI (phantom-deps): Stylelint config package; deps are referenced as config values, not direct imports. Stable FP for this package.	ai	2026/05/15
phantom-deps	phantom-dep:postcss-less	AI (phantom-deps): Stylelint config package; deps are referenced as config values, not direct imports. Stable FP for this package.	ai	2026/05/15
phantom-deps	phantom-dep:stylelint-scss	AI (phantom-deps): Stylelint config package; deps are referenced as config values, not direct imports. Stable FP for this package.	ai	2026/05/15
phantom-deps	phantom-dep:postcss-markdown	AI (phantom-deps): Stylelint config package; deps are referenced as config values, not direct imports. Stable FP for this package.	ai	2026/05/15

Versions (showing 13 of 13)

Version	Deps	Published
0.10.28	9 / 0	2026-04-29
0.10.27	9 / 0	2026-04-08
0.10.26	9 / 0	2026-03-29
0.10.25	10 / 0	2026-01-06
0.10.24	10 / 0	2025-12-11
0.10.23	10 / 0	2025-11-24
0.10.22	11 / 0	2025-08-04
0.10.20	11 / 0	2025-06-27
0.10.19	11 / 0	2025-06-19
0.10.18	11 / 0	2025-06-19
0.10.17	11 / 0	2025-05-26
0.10.16	11 / 0	2025-05-20
0.10.15	12 / 0	2025-05-20

v0.10.28

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.27

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.26

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.25

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.24

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.