@podman-desktop/ui-svelte Apache-2.0 9 versions

@podman-desktop/ui-svelte

npm Repository Homepage

9

Versions

Apache-2.0

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

florentbenoitpodman-desktop-bot

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
phantom-deps	phantom-dep:svelte-fa	AI (phantom-deps): Config-referenced peer dependency; stable pattern for this UI library.	ai	2026/05/10
dependencies	unvetted-dep:svelte-fa	AI (dependencies): svelte-fa is a well-known Svelte FontAwesome wrapper; stable legitimate dependency for this UI library.	ai	2026/05/04
dependencies	unvetted-peer-dep:svelte-fa	AI (dependencies): Same package as above; peer dep usage is expected for this Svelte UI component library.	ai	2026/05/04
npm-metadata	no-description	AI (npm-metadata): Established scoped package from podman-desktop org; missing description is cosmetic, not a risk signal.	ai	2026/05/04
phantom-deps	phantom-dep:moment	AI (phantom-deps): Svelte component library bundles deps at build time; phantom-dep heuristic is a stable FP here.	ai	2026/04/29
phantom-deps	phantom-dep:@fortawesome/free-brands-svg-icons	AI (phantom-deps): Same build-time bundling pattern; stable FP for this package.	ai	2026/04/29
phantom-deps	phantom-dep:@floating-ui/dom	AI (phantom-deps): Same build-time bundling pattern; stable FP for this package.	ai	2026/04/29
phantom-deps	phantom-dep:humanize-duration	AI (phantom-deps): Same build-time bundling pattern; stable FP for this package.	ai	2026/04/29
phantom-deps	phantom-dep:@fortawesome/fontawesome-free	AI (phantom-deps): Same build-time bundling pattern; stable FP for this package.	ai	2026/04/29

Versions (showing 9 of 9)

Version	Deps	Published
1.27.2	8 / 19	2026-05-26
1.27.1	8 / 19	2026-05-20
1.26.2	8 / 19	2026-04-17
1.26.1	8 / 19	2026-03-23
1.25.1	8 / 19	2026-01-26
1.24.2	8 / 19	2025-12-10
1.24.1	8 / 19	2025-12-09
1.23.1	8 / 19	2025-11-13
1.19.1	7 / 19	2025-05-21

v1.27.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.27.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.26.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.25.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.24.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.24.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.23.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.19.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.