@open-keystone/app-admin-ui
KeystoneJS Admin UI App.
4
Versions
MIT
License
No
Install Scripts
Verified
Provenance
Supply chain provenance
Status for the latest visible version.
SLSA provenance attestation
npm registry signatures
gitHead linked
Maintainers
open-condo-software
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| phantom-deps | phantom-dep:@babel/core | AI (phantom-deps): Framework-scoped build tool; declared for consumer use, not directly imported. | ai | |
| phantom-deps | phantom-dep:@babel/runtime | AI (phantom-deps): Framework-scoped; declared for consumer use. | ai | |
| phantom-deps | phantom-dep:@types/react | AI (phantom-deps): Type-only package; declared for consumer use. | ai | |
| phantom-deps | phantom-dep:babel-loader | AI (phantom-deps): Webpack loader referenced in config; not directly imported in source. | ai | |
| phantom-deps | phantom-dep:css-loader | AI (phantom-deps): Webpack loader referenced in config; not directly imported in source. | ai | |
| phantom-deps | phantom-dep:file-loader | AI (phantom-deps): Webpack loader referenced in config; not directly imported in source. | ai | |
| phantom-deps | phantom-dep:style-loader | AI (phantom-deps): Webpack loader referenced in config; not directly imported in source. | ai | |
| phantom-deps | phantom-dep:graphql | AI (phantom-deps): Peer/config dep for Apollo; standard pattern for this package type. | ai | |
| phantom-deps | phantom-dep:prop-types | AI (phantom-deps): React prop validation; commonly declared but used indirectly. | ai | |
| phantom-deps | phantom-dep:falsey | AI (phantom-deps): Utility used in config/conditional logic; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:react-select | AI (phantom-deps): UI dependency used via @open-arch-ui wrappers; stable false positive. | ai | |
| phantom-deps | phantom-dep:@open-arch-ui/badge | AI (phantom-deps): Same-org package; phantom detection is a false positive for this monorepo structure. | ai | |
| phantom-deps | phantom-dep:@open-arch-ui/dialog | AI (phantom-deps): Same-org package; phantom detection is a false positive for this monorepo structure. | ai | |
| phantom-deps | phantom-dep:@open-arch-ui/lozenge | AI (phantom-deps): Same-org package; phantom detection is a false positive for this monorepo structure. | ai | |
| phantom-deps | phantom-dep:@open-keystone/session | AI (phantom-deps): Same-org package; phantom detection is a false positive for this monorepo structure. | ai | |
| phantom-deps | phantom-dep:@open-keystone/field-views-loader | AI (phantom-deps): Same-org package; phantom detection is a false positive for this monorepo structure. | ai |
Versions (showing 4 of 4)
| Version | Deps | Published |
|---|---|---|
| 9.0.8 | 68 / 0 | |
| 9.0.7 | 68 / 0 | |
| 9.0.6 | 69 / 0 | |
| 9.0.5 | 69 / 0 |
v9.0.8
1 finding
INFO
Has SLSA provenance attestation
provenance
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v9.0.7
1 finding
INFO
Has SLSA provenance attestation
provenance
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v9.0.6
1 finding
INFO
Has SLSA provenance attestation
provenance
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v9.0.5
1 finding
INFO
Has SLSA provenance attestation
provenance
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.