@nomos-ui/form — Greenflagged

The Shadcn library for building robust React forms

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures gitHead linked

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

uanela

Keywords

reactreact-hook-formformformsvalidationcomponentsuiinputselectcheckboxaccessiblea11ytailwindtypescriptnomos

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
phantom-deps	phantom-dep:class-variance-authority	AI (phantom-deps): Standard shadcn/ui pattern dep; likely used in compiled output.	ai	2026/05/31
phantom-deps	phantom-dep:@nomos-ui/layout	AI (phantom-deps): Same-org monorepo sibling; phantom-dep heuristic unreliable.	ai	2026/05/31
phantom-deps	phantom-dep:@nomos-ui/uanela-redux-next	AI (phantom-deps): Same-org monorepo sibling; phantom-dep heuristic unreliable.	ai	2026/05/31
phantom-deps	phantom-dep:@radix-ui/react-slot	AI (phantom-deps): UI primitive dep; may be re-exported or used indirectly in component library.	ai	2026/05/31
phantom-deps	phantom-dep:@nomos-ui/core	AI (phantom-deps): Same-org monorepo sibling; phantom-dep heuristic unreliable for peer/re-exported deps.	ai	2026/05/31
phantom-deps	phantom-dep:@nomos-ui/form	AI (phantom-deps): Self-referential dep in monorepo; phantom-dep heuristic not applicable.	ai	2026/05/31
phantom-deps	phantom-dep:@nomos-ui/common	AI (phantom-deps): Same-org monorepo sibling; phantom-dep heuristic unreliable.	ai	2026/05/31
phantom-deps	phantom-dep:@tailwindcss/vite	AI (phantom-deps): Build-tool dep used in config files, not imported in source; stable false positive for this package.	ai	2026/05/29
phantom-deps	phantom-dep:@tailwindcss/postcss	AI (phantom-deps): Build-tool dep used in config files, not imported in source; stable false positive for this package.	ai	2026/05/29
typosquat	typosquat.levenshtein:cors	AI (typosquat): Scoped UI library; name similarity to 'cors' is coincidental edit-distance artifact, not impersonation.	ai	2026/05/29

Versions (showing 41 of 41)

Version	Deps	Published
0.4.6	14 / 22	2026-05-25
0.4.5	14 / 22	2026-05-17
0.4.4	14 / 22	2026-05-17
0.4.3	14 / 22	2026-05-16
0.4.2	14 / 22	2026-05-09
0.4.1	14 / 22	2026-05-09
0.4.0	14 / 22	2026-05-09
0.3.1	13 / 22	2026-05-05
0.3.0	13 / 22	2026-05-05
0.2.1	13 / 22	2026-05-05
0.2.0	12 / 22	2026-04-26
0.1.2	13 / 22	2026-04-19
0.1.1	8 / 22	2026-04-19
0.1.0	8 / 22	2026-04-19
0.0.27	8 / 22	2026-03-08
0.0.26	8 / 22	2026-03-07
0.0.25	8 / 22	2026-02-22
0.0.24	8 / 22	2026-02-22
0.0.23	8 / 22	2026-02-22
0.0.22	8 / 22	2026-02-22
0.0.21	8 / 22	2026-02-22
0.0.20	8 / 22	2026-02-22
0.0.19	8 / 22	2026-02-22
0.0.18	8 / 22	2026-02-22
0.0.17	8 / 22	2026-02-11
0.0.16	8 / 22	2026-02-09
0.0.15	8 / 22	2026-02-09
0.0.14	8 / 22	2026-01-30
0.0.13	8 / 22	2026-01-15
0.0.12	8 / 22	2026-01-15
0.0.11	8 / 22	2026-01-13
0.0.10	8 / 22	2025-12-23
0.0.9	8 / 22	2025-12-06
0.0.8	8 / 13	2025-11-29
0.0.7	8 / 13	2025-11-29
0.0.6	7 / 13	2025-11-21
0.0.5	7 / 13	2025-11-21
0.0.4	7 / 13	2025-11-11
0.0.3	7 / 13	2025-11-11
0.0.2	7 / 13	2025-10-31
0.0.1	7 / 13	2025-10-25