@omnia/tooling-vue — Greenflagged

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures No source commit

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

diego-souza-omniamickejohannessonandtii

Keywords

omniaomniafxextensionoffice365sharepoint

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
phantom-deps	phantom-dep:@babel/helper-module-imports	AI (phantom-deps): Framework-scoped Babel helper; loaded by convention, not a direct import concern.	ai	2026/05/06
dependencies	unvetted-dep:@types/zepto	AI (dependencies): TypeScript type definitions only; no runtime risk.	ai	2026/05/06
dependencies	unvetted-dep:console-timestamp	AI (dependencies): Logging utility; low risk for a build tooling package.	ai	2026/05/06
dependencies	unvetted-dep:csx	AI (dependencies): CSS utility library; consistent with Vue tooling package purpose.	ai	2026/05/06
dependencies	unvetted-dep:zepto-webpack	AI (dependencies): Webpack-compatible Zepto build; consistent with bundling tooling.	ai	2026/05/06
phantom-deps	phantom-dep:css-loader	AI (phantom-deps): Webpack loader dep; stable false positive for this tooling package.	ai	2026/05/01
phantom-deps	phantom-dep:url-loader	AI (phantom-deps): Webpack loader dep; stable false positive.	ai	2026/05/01
phantom-deps	phantom-dep:es6-promise	AI (phantom-deps): Polyfill dep referenced in config; stable false positive.	ai	2026/05/01
phantom-deps	phantom-dep:file-loader	AI (phantom-deps): Webpack loader dep; stable false positive.	ai	2026/05/01
phantom-deps	phantom-dep:less-loader	AI (phantom-deps): Webpack loader dep; stable false positive.	ai	2026/05/01
phantom-deps	phantom-dep:null-loader	AI (phantom-deps): Webpack loader dep; stable false positive.	ai	2026/05/01
phantom-deps	phantom-dep:sass-loader	AI (phantom-deps): Webpack loader dep; stable false positive.	ai	2026/05/01
phantom-deps	phantom-dep:style-loader	AI (phantom-deps): Webpack loader dep; stable false positive.	ai	2026/05/01
phantom-deps	phantom-dep:zepto-webpack	AI (phantom-deps): Webpack dep referenced in config; stable false positive.	ai	2026/05/01
phantom-deps	phantom-dep:postcss-loader	AI (phantom-deps): Webpack loader dep; stable false positive.	ai	2026/05/01
phantom-deps	phantom-dep:@types/node	AI (phantom-deps): Framework-scoped type package; stable false positive.	ai	2026/05/01
phantom-deps	phantom-dep:@types/quill	AI (phantom-deps): Framework-scoped type package; stable false positive.	ai	2026/05/01
phantom-deps	phantom-dep:@types/zepto	AI (phantom-deps): Framework-scoped type package; stable false positive.	ai	2026/05/01
phantom-deps	phantom-dep:@types/mousetrap	AI (phantom-deps): Framework-scoped type package; stable false positive.	ai	2026/05/01
phantom-deps	phantom-dep:@vue/babel-preset-jsx	AI (phantom-deps): Framework-scoped babel preset; stable false positive.	ai	2026/05/01
phantom-deps	phantom-dep:babel-loader	AI (phantom-deps): Webpack loader dep; stable false positive.	ai	2026/05/01
phantom-deps	phantom-dep:csx	AI (phantom-deps): Build-tool dep referenced in config files; stable false positive for this tooling package.	ai	2026/05/01
phantom-deps	phantom-dep:connect	AI (phantom-deps): Dev-server dep referenced in config files; stable false positive.	ai	2026/05/01
phantom-deps	phantom-dep:prettier	AI (phantom-deps): Build-tool dep referenced in config files; stable false positive.	ai	2026/05/01
phantom-deps	phantom-dep:typestyle	AI (phantom-deps): Build-tool dep referenced in config files; stable false positive.	ai	2026/05/01
semgrep	semgrep:child-process-import	AI (semgrep): Spawns 'dotnet dev-certs' for local HTTPS cert generation; standard dev-tooling pattern, not malicious.	ai	2026/04/30
semgrep	semgrep:dynamic-require	AI (semgrep): Loads cached build metadata file by path; benign build-tool pattern stable across versions.	ai	2026/04/30

Versions (showing 51 of 57)

View all versions

Version	Deps	Published
7.11.10	41 / 0	2026-06-02
7.11.9	41 / 0	2026-06-02
7.11.8	41 / 0	2026-05-21
7.11.7	41 / 0	2026-05-19
7.11.6	41 / 0	2026-05-12
7.11.5	41 / 0	2026-05-05
7.11.4	41 / 0	2026-04-28
7.11.3	41 / 0	2026-04-28
7.11.2	41 / 0	2026-04-21
7.11.1	41 / 0	2026-04-13
7.9.43	41 / 0	2026-04-13
7.9.42	41 / 0	2026-04-07
7.9.41	41 / 0	2026-03-31
7.9.40	41 / 0	2026-03-24
7.9.39	41 / 0	2026-03-17
7.9.38	41 / 0	2026-03-13
7.9.37	41 / 0	2026-03-09
7.9.36	41 / 0	2026-03-05
7.9.35	41 / 0	2026-03-03
7.9.34	41 / 0	2026-02-27
7.9.30	41 / 0	2026-02-24
7.9.29	41 / 0	2026-02-09
7.9.28	41 / 0	2026-02-04
7.9.27	41 / 0	2026-02-03
7.9.26	41 / 0	2026-01-27
7.9.25	41 / 0	2026-01-20
7.9.24	41 / 0	2026-01-13
7.9.23	41 / 0	2026-01-07
7.9.15	41 / 0	2025-11-20
7.9.13	41 / 0	2025-11-05
7.9.12	41 / 0	2025-11-05
7.9.11	41 / 0	2025-11-04
7.9.10	41 / 0	2025-10-28
7.9.7	41 / 0	2025-10-09
7.9.6	41 / 0	2025-10-07
7.9.5	41 / 0	2025-09-30
7.9.4	41 / 0	2025-09-23
7.9.3	41 / 0	2025-09-16
7.9.2	41 / 0	2025-09-03
7.9.1	41 / 0	2025-08-26
7.9.0	41 / 0	2025-08-12
7.8.16	41 / 0	2025-08-12
7.8.15	41 / 0	2025-08-05
7.8.14	41 / 0	2025-07-29
7.8.13	41 / 0	2025-07-15
7.8.12	41 / 0	2025-07-15
7.8.11	41 / 0	2025-07-08
7.8.10	41 / 0	2025-07-08
7.8.9	41 / 0	2025-06-24
7.8.8	41 / 0	2025-06-17
7.8.7	41 / 0	2025-06-10