@peerbit/react — Greenflagged

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures No source commit

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

marcus.pousette

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
phantom-deps	phantom-dep:@chainsafe/libp2p-yamux	AI (phantom-deps): Declared dependency; referenced in config, legitimate usage pattern.	ai	2026/06/01
phantom-deps	phantom-dep:react-dom	AI (phantom-deps): React library; react-dom is a standard peer/dependency for React packages.	ai	2026/06/01
phantom-deps	phantom-dep:react-use	AI (phantom-deps): Declared dependency; phantom-dep heuristic does not block usage patterns.	ai	2026/06/01
phantom-deps	phantom-dep:@types/react	AI (phantom-deps): Framework-scoped type package; loaded by convention in React projects.	ai	2026/06/01
phantom-deps	phantom-dep:react-router	AI (phantom-deps): Declared dependency; referenced in config, legitimate usage pattern.	ai	2026/06/01
phantom-deps	phantom-dep:@libp2p/webrtc	AI (phantom-deps): Declared dependency; referenced in config, legitimate usage pattern.	ai	2026/06/01
phantom-deps	phantom-dep:path-browserify	AI (phantom-deps): Declared dependency; referenced in config, legitimate usage pattern.	ai	2026/06/01
phantom-deps	phantom-dep:@types/react-dom	AI (phantom-deps): Framework-scoped type package; loaded by convention in React projects.	ai	2026/06/01
phantom-deps	phantom-dep:@libp2p/interface	AI (phantom-deps): @libp2p/interface is a declared peer/type dependency used in config; stable false positive for this package.	ai	2026/05/31
provenance	no-provenance	AI (provenance): Established monorepo package; lack of Sigstore provenance is consistent across all versions and not a security signal here.	ai	2026/05/14

Versions (showing 51 of 57)

View all versions

Version	Deps	Published
1.1.23	20 / 13	2026-05-28
1.1.22	20 / 13	2026-05-26
1.1.21	20 / 13	2026-05-05
1.1.20	20 / 13	2026-05-04
1.1.19	20 / 13	2026-05-03
1.1.18	20 / 13	2026-05-02
1.1.17	20 / 13	2026-05-01
1.1.16	20 / 13	2026-04-30
1.1.15	20 / 13	2026-04-30
1.1.14	20 / 13	2026-04-30
1.1.13	20 / 13	2026-04-30
1.1.12	20 / 13	2026-04-29
1.1.11	20 / 13	2026-04-28
1.1.10	20 / 13	2026-04-14
1.1.9	20 / 13	2026-04-03
1.1.8	20 / 13	2026-03-30
1.1.7	20 / 13	2026-03-29
1.1.6	20 / 13	2026-03-27
1.1.5	20 / 13	2026-03-27
1.1.4	18 / 13	2026-03-22
1.1.3	18 / 13	2026-03-18
1.1.2	18 / 13	2026-03-17
1.1.1	18 / 13	2026-03-17
1.1.0	18 / 13	2026-03-16
1.0.11	18 / 11	2026-03-15
1.0.10	18 / 11	2026-03-15
1.0.9	18 / 11	2026-03-15
1.0.8	18 / 11	2026-03-15
1.0.7	18 / 10	2026-03-09
1.0.6	18 / 10	2026-03-08
1.0.5	18 / 10	2026-03-08
1.0.4	18 / 10	2026-03-08
1.0.3	18 / 10	2026-03-07
1.0.2	18 / 10	2026-03-05
1.0.0	18 / 10	2026-03-04
0.2.3	18 / 10	2026-01-27
0.2.2	18 / 10	2026-01-24
0.2.1	18 / 10	2026-01-23
0.2.0	18 / 10	2026-01-22
0.1.0	18 / 10	2026-01-17
0.0.49	18 / 10	2026-01-16
0.0.48	18 / 10	2026-01-02
0.0.47	18 / 10	2025-12-30
0.0.46	18 / 10	2025-12-30
0.0.45	17 / 10	2025-12-26
0.0.44	17 / 10	2025-12-23
0.0.43	17 / 10	2025-12-19
0.0.42	17 / 10	2025-12-18
0.0.41	17 / 10	2025-12-17
0.0.40	17 / 10	2025-12-02
0.0.39	17 / 10	2025-12-01