@plasmicpkgs/react-youtube
Plasmic registration call for react-youtube
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| bogus-package | bogus-package | AI (bogus-package): Monorepo sub-package; sparse metadata is expected for plasmicpkgs component wrappers. | ai |
Versions (showing 31 of 31)
| Version | Deps | Published |
|---|---|---|
| 7.13.251 | 1 / 6 | |
| 7.13.250 | 1 / 6 | |
| 7.13.249 | 1 / 6 | |
| 7.13.248 | 1 / 6 | |
| 7.13.247 | 1 / 6 | |
| 7.13.246 | 1 / 6 | |
| 7.13.245 | 1 / 6 | |
| 7.13.244 | 1 / 6 | |
| 7.13.243 | 1 / 6 | |
| 7.13.242 | 1 / 6 | |
| 7.13.241 | 1 / 6 | |
| 7.13.240 | 1 / 6 | |
| 7.13.239 | 1 / 6 | |
| 7.13.238 | 1 / 6 | |
| 7.13.237 | 1 / 6 | |
| 7.13.236 | 1 / 6 | |
| 7.13.235 | 1 / 6 | |
| 7.13.234 | 1 / 6 | |
| 7.13.233 | 1 / 6 | |
| 7.13.232 | 1 / 6 | |
| 7.13.231 | 1 / 6 | |
| 7.13.230 | 1 / 6 | |
| 7.13.229 | 1 / 8 | |
| 7.13.228 | 1 / 8 | |
| 7.13.227 | 1 / 8 | |
| 7.13.226 | 1 / 8 | |
| 7.13.225 | 1 / 8 | |
| 7.13.224 | 1 / 8 | |
| 7.13.223 | 1 / 8 | |
| 7.13.222 | 1 / 8 | |
| 7.13.221 | 1 / 8 |
v7.13.251
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.13.250
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.13.249
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v7.13.248
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.13.247
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.13.246
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.13.245
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.13.244
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.13.243
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.13.242
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.13.241
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.13.240
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.13.239
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.13.238
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.13.237
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.13.236
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.13.235
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.13.234
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.13.233
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.13.232
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.13.231
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.13.230
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.13.229
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.13.228
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.13.227
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.13.226
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.13.225
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.13.224
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v7.13.223
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v7.13.222
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v7.13.221
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.