@pega/cosmos-react-test-utils

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures gitHead linked

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

baipcandrewlewis2duddrcricmarsssowersbybob-difronzofeenr-pegacpmotionpega-cosmosghosa4sharv12tumms2021389vrspegapatilvishalnikhilparmar

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
source-diff	large-new-source-files	AI (source-diff): Major version bump (v7→v8) with expanded test utilities; new source files are expected.	ai	2026/05/27
publish-pattern	new-deps-added	AI (publish-pattern): All new deps are well-known testing/utility libraries appropriate for a test-utils package.	ai	2026/05/27
maintainer-change	maintainer-removed	AI (maintainer-change): Pega org package with long history; maintainer rotation is normal for large org packages.	ai	2026/05/27
publish-pattern	rapid-publish	AI (publish-pattern): High-velocity monorepo; rapid successive publishes are normal for this publisher's release cadence.	ai	2026/05/27
bogus-package	bogus-package	AI (bogus-package): Established Pega scoped package; missing metadata is a consistent pattern across the family, not a spam indicator.	ai	2026/05/26
npm-metadata	no-description	AI (npm-metadata): Consistent across @pega/cosmos-react-* packages; not indicative of malicious intent.	ai	2026/05/26
phantom-deps	phantom-dep:@types/jest	AI (phantom-deps): Framework-scoped type package; loaded by convention in Jest projects.	ai	2026/05/01
phantom-deps	phantom-dep:@types/react	AI (phantom-deps): Framework-scoped type package; loaded by convention in React projects.	ai	2026/05/01
phantom-deps	phantom-dep:polished	AI (phantom-deps): CSS utility used in config/setup files; stable false positive for this test-utils package.	ai	2026/05/01
phantom-deps	phantom-dep:react-dom	AI (phantom-deps): Peer/test dependency for React test utilities; referenced in config, not directly imported.	ai	2026/05/01
phantom-deps	phantom-dep:@types/react-dom	AI (phantom-deps): Framework-scoped type package; loaded by convention in React projects.	ai	2026/05/01
phantom-deps	phantom-dep:jest-styled-components	AI (phantom-deps): Test framework integration loaded by convention; stable false positive for this package.	ai	2026/05/01

Versions (showing 51 of 67)

View all versions

Version	Deps	Published
8.21.7	12 / 1	2026-05-26
8.21.6	12 / 1	2026-05-22
8.21.5	12 / 1	2026-05-19
8.21.4	12 / 1	2026-05-15
8.21.3	12 / 1	2026-05-14
8.21.2	12 / 1	2026-05-13
8.21.1	12 / 1	2026-05-05
8.21.0	12 / 1	2026-04-30
8.20.0	12 / 1	2026-04-30
8.19.0	12 / 1	2026-04-28
8.18.3	12 / 1	2026-04-27
8.18.2	12 / 1	2026-04-27
8.18.1	12 / 1	2026-04-23
8.18.0	12 / 1	2026-04-22
8.17.2	12 / 1	2026-04-20
8.17.1	12 / 1	2026-04-16
8.17.0	12 / 1	2026-04-10
8.16.1	12 / 1	2026-04-08
8.16.0	12 / 1	2026-04-02
8.15.5	12 / 1	2026-03-26
8.15.4	12 / 1	2026-03-25
8.15.3	12 / 1	2026-03-18
8.15.2	12 / 1	2026-03-11
8.15.1	12 / 1	2026-02-18
8.15.0	12 / 1	2026-02-06
8.14.0	12 / 1	2026-02-05
8.13.1	12 / 1	2026-01-28
8.13.0	12 / 1	2026-01-23
8.12.1	12 / 1	2026-01-21
8.12.0	12 / 1	2026-01-12
8.11.0	12 / 1	2025-12-23
8.10.0	12 / 1	2025-12-12
8.9.5	12 / 1	2025-12-04
8.9.4	12 / 1	2025-11-28
8.9.3	12 / 1	2025-11-21
8.9.2	12 / 1	2025-11-21
8.9.1	12 / 1	2025-11-20
8.9.0	12 / 1	2025-11-19
8.8.1	12 / 1	2025-11-17
8.8.0	12 / 1	2025-10-30
7.17.0	8 / 1	2026-06-04
7.16.5	8 / 1	2026-05-29
7.16.4	8 / 1	2026-05-27
7.16.3	8 / 1	2026-05-22
7.16.2	8 / 1	2026-05-22
7.16.1	8 / 1	2026-05-14
7.16.0	8 / 1	2026-05-08
7.15.0	8 / 1	2026-03-23
7.14.1	8 / 1	2026-03-09
7.14.0	8 / 1	2026-02-27
7.13.0	8 / 1	2026-02-21