@ninetailed/experience.js-plugin-ssr No license 43 versions

@ninetailed/experience.js-plugin-ssr

npm Repository Homepage

43

Versions

—

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

braunreusebastian_ninetailedfrancoiscontentful

Keywords

ssrninetailedpersonalizationa/b testing

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
provenance	publisher-changed	AI (provenance): Transition from personal account to GitHub Actions CI/CD is a documented org migration; SLSA attestation confirms integrity.	ai	2026/05/08
publish-pattern	dormant-publish	AI (publish-pattern): Dormancy followed by CI/CD migration with SLSA provenance; no malicious indicators in diff or content.	ai	2026/05/08
phantom-deps	phantom-dep:uuid	AI (phantom-deps): uuid is a declared runtime dependency in package.json; phantom-dep heuristic misfires here.	ai	2026/05/04

Versions (showing 43 of 43)

Version	Deps	Published
7.23.2	5 / 0	2026-05-19
7.23.1	5 / 0	2026-05-19
7.23.0	5 / 0	2026-04-30
7.22.0	5 / 0	2026-04-16
7.21.3	5 / 0	2026-03-25
7.21.2	5 / 0	2026-03-23
7.21.1	5 / 0	2026-03-06
7.21.0	5 / 0	2026-02-27
7.20.6	5 / 0	2026-02-19
7.20.5	5 / 0	2026-02-19
7.20.4	5 / 0	2026-02-18
7.20.3	5 / 0	2026-02-18
7.20.2	5 / 0	2026-02-16
7.20.1	5 / 0	2026-02-13
7.20.0	5 / 0	2026-02-13
7.19.0	5 / 0	2026-02-13
7.18.13	5 / 0	2026-02-10
7.18.11	5 / 0	2026-01-28
7.18.10	5 / 0	2026-01-07
7.18.9	5 / 0	2025-12-09
7.18.8	5 / 0	2025-12-09
7.18.7	5 / 0	2025-12-03
7.18.6	5 / 0	2025-12-02
7.18.5	5 / 0	2025-12-02
7.18.4	5 / 0	2025-11-24
7.18.3	5 / 0	2025-11-06
7.18.2	5 / 0	2025-10-30
7.18.1	5 / 0	2025-10-17
7.18.0	5 / 0	2025-10-10
7.17.6	5 / 0	2025-09-25
7.17.5	5 / 0	2025-09-24
7.17.4	5 / 0	2025-09-17
7.17.2	5 / 0	2025-09-17
7.17.1	5 / 0	2025-09-01
7.17.0	5 / 0	2025-07-28
7.16.0	5 / 0	2025-07-07
7.15.1	5 / 0	2025-07-03
7.15.0	5 / 0	2025-06-30
7.14.2	5 / 0	2025-06-19
7.14.1	5 / 0	2025-06-19
7.14.0	5 / 0	2025-06-13
7.13.0	5 / 0	2025-05-22
7.12.1	5 / 0	2025-05-05

v7.23.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.23.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.23.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.22.0

2 findings

HIGH Publisher changed: francoiscontentful → GitHub Actions (on 2026-04-16) provenance

This version was published by a different npm account than previous versions on 2026-04-16. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.21.3

2 findings

HIGH Publisher changed: francoiscontentful → GitHub Actions (on 2026-03-25) provenance

This version was published by a different npm account than previous versions on 2026-03-25. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.21.2

2 findings

HIGH Publisher changed: francoiscontentful → GitHub Actions (on 2026-03-23) provenance

This version was published by a different npm account than previous versions on 2026-03-23. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.21.1

2 findings

HIGH Publisher changed: francoiscontentful → GitHub Actions (on 2026-03-06) provenance

This version was published by a different npm account than previous versions on 2026-03-06. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.21.0

2 findings

HIGH Publisher changed: francoiscontentful → GitHub Actions (on 2026-02-27) provenance

This version was published by a different npm account than previous versions on 2026-02-27. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.20.6

2 findings

HIGH Publisher changed: francoiscontentful → GitHub Actions (on 2026-02-19) provenance

This version was published by a different npm account than previous versions on 2026-02-19. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.20.5

2 findings

HIGH Publisher changed: francoiscontentful → GitHub Actions (on 2026-02-19) provenance

This version was published by a different npm account than previous versions on 2026-02-19. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.20.4

2 findings

HIGH Publisher changed: francoiscontentful → GitHub Actions (on 2026-02-18) provenance

This version was published by a different npm account than previous versions on 2026-02-18. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.20.3

2 findings

HIGH Publisher changed: francoiscontentful → GitHub Actions (on 2026-02-18) provenance

This version was published by a different npm account than previous versions on 2026-02-18. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.20.2

2 findings

HIGH Publisher changed: francoiscontentful → GitHub Actions (on 2026-02-16) provenance

This version was published by a different npm account than previous versions on 2026-02-16. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.20.1

2 findings

HIGH Publisher changed: francoiscontentful → GitHub Actions (on 2026-02-13) provenance

This version was published by a different npm account than previous versions on 2026-02-13. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.20.0

2 findings

HIGH Publisher changed: francoiscontentful → GitHub Actions (on 2026-02-13) provenance

This version was published by a different npm account than previous versions on 2026-02-13. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.19.0

2 findings

HIGH Publisher changed: francoiscontentful → GitHub Actions (on 2026-02-13) provenance

This version was published by a different npm account than previous versions on 2026-02-13. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.18.13

2 findings

HIGH Publisher changed: francoiscontentful → GitHub Actions (on 2026-02-10) provenance

This version was published by a different npm account than previous versions on 2026-02-10. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.18.11

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.18.10

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.18.9

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.18.8

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.18.7

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.18.6

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.18.5

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.18.4

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.18.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.18.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.18.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.18.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.17.6

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.17.5

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.17.4

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.17.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.17.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.17.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.16.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.15.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.15.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.14.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.14.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.14.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.13.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.12.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.