@powerlines/plugin-react

A package containing a Powerlines plugin for building a React application.

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

stormie-botsullivanpj

Keywords

reactpowerlinesstorm-softwarepowerlines-plugin

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
phantom-deps	phantom-dep:@storm-software/config-tools	AI (phantom-deps): Config-only reference, consistent with the storm-software monorepo tooling pattern seen across this package family.	ai	2026/05/22
provenance	publisher-changed	AI (provenance): stormie-bot is the established bot publisher for storm-software org with 2775 approved packages; transition from GH Actions is expected CI automation change.	ai	2026/05/22
source-diff	obfuscated-file:dist/index.cjs	AI (source-diff): Standard rolldown/rollup minified bundle; readable logic, no malicious patterns. Stable for this package.	ai	2026/05/01
source-diff	obfuscated-file:dist/index.mjs	AI (source-diff): Standard rolldown/rollup minified ESM bundle; readable logic, no malicious patterns. Stable for this package.	ai	2026/05/01
phantom-deps	phantom-dep:@powerlines/alloy	AI (phantom-deps): Same-org dependency from Storm Software's @powerlines/* ecosystem; consistent pattern across all plugin packages in this monorepo.	ai	2026/04/27
phantom-deps	phantom-dep:@powerlines/plugin-env	AI (phantom-deps): Same-org dependency; plugin wrapper pattern where deps are configured but not directly imported in analyzed entry points.	ai	2026/04/27
phantom-deps	phantom-dep:@powerlines/plugin-babel	AI (phantom-deps): Same-org dependency; plugin wrapper pattern where deps are configured but not directly imported in analyzed entry points.	ai	2026/04/27
phantom-deps	phantom-dep:@vitejs/plugin-react	AI (phantom-deps): This package wraps @vitejs/plugin-react; it's expected to reference it in config files without direct imports in all entry points.	ai	2026/04/27
phantom-deps	phantom-dep:defu	AI (phantom-deps): Utility used in config composition; referenced in config files rather than direct imports — stable pattern for this build plugin package.	ai	2026/04/27
phantom-deps	phantom-dep:powerlines	AI (phantom-deps): Core powerlines package used in config context; same phantom-dep pattern consistent across this monorepo's plugin packages.	ai	2026/04/27
phantom-deps	phantom-dep:@powerlines/plugin-plugin	AI (phantom-deps): Same-org @powerlines dependency declared for runtime plugin loading by the powerlines framework, not direct import. Consistent with plugin architecture pattern across this package family.	ai	2026/04/27
dependencies	unvetted-dep:@powerlines/alloy	AI (dependencies): Same-org @powerlines dependency from publisher with 351 approved packages and SLSA provenance. Consistent with the broader @powerlines ecosystem used throughout this package.	ai	2026/04/27
phantom-deps	phantom-dep:@stryke/convert	AI (phantom-deps): Referenced in config files rather than direct imports; consistent with plugin/build-tool architecture across all versions.	ai	2026/04/26
phantom-deps	phantom-dep:@stryke/path	AI (phantom-deps): Referenced in config files rather than direct imports; consistent with plugin/build-tool architecture across all versions.	ai	2026/04/26
phantom-deps	phantom-dep:@stryke/cli	AI (phantom-deps): Referenced in config files rather than direct imports; consistent with plugin/build-tool architecture across all versions.	ai	2026/04/26
phantom-deps	phantom-dep:@babel/core	AI (phantom-deps): Build plugin package; @babel/core is a framework-scoped dep loaded by convention, not direct import. Stable pattern for this package type.	ai	2026/04/26
phantom-deps	phantom-dep:@alloy-js/markdown	AI (phantom-deps): Referenced in config files rather than direct imports; consistent with plugin/build-tool architecture across all versions.	ai	2026/04/26
phantom-deps	phantom-dep:@powerlines/plugin-vite	AI (phantom-deps): Same-org package from Powerlines ecosystem; loaded by convention in plugin architecture, not a security concern.	ai	2026/04/26
phantom-deps	phantom-dep:@alloy-js/json	AI (phantom-deps): Referenced in config files rather than direct imports; consistent with plugin/build-tool architecture across all versions.	ai	2026/04/26
phantom-deps	phantom-dep:@stryke/fs	AI (phantom-deps): Referenced in config files rather than direct imports; consistent with plugin/build-tool architecture across all versions.	ai	2026/04/26

Versions (showing 51 of 577)

View all versions

Version	Deps	Published
0.1.666	20 / 4	2026-06-06
0.1.665	20 / 4	2026-06-05
0.1.664	20 / 4	2026-06-05
0.1.663	20 / 4	2026-06-05
0.1.662	20 / 4	2026-06-03
0.1.661	20 / 4	2026-06-03
0.1.660	20 / 4	2026-06-03
0.1.659	20 / 4	2026-06-03
0.1.658	20 / 4	2026-06-03
0.1.657	20 / 4	2026-06-03
0.1.656	20 / 4	2026-06-03
0.1.655	20 / 4	2026-06-03
0.1.654	20 / 4	2026-06-03
0.1.653	20 / 4	2026-06-03
0.1.652	20 / 4	2026-06-03
0.1.651	20 / 4	2026-06-03
0.1.650	20 / 4	2026-06-03
0.1.649	20 / 4	2026-06-03
0.1.648	20 / 4	2026-06-02
0.1.647	20 / 4	2026-06-02
0.1.646	20 / 4	2026-06-02
0.1.645	20 / 4	2026-06-02
0.1.644	20 / 4	2026-06-02
0.1.643	20 / 4	2026-06-02
0.1.642	20 / 4	2026-06-01
0.1.641	20 / 4	2026-06-01
0.1.640	20 / 4	2026-06-01
0.1.639	20 / 4	2026-06-01
0.1.638	20 / 4	2026-06-01
0.1.626	20 / 4	2026-05-30
0.1.625	20 / 4	2026-05-30
0.1.624	20 / 4	2026-05-30
0.1.623	20 / 4	2026-05-30
0.1.622	20 / 4	2026-05-28
0.1.621	20 / 4	2026-05-28
0.1.620	20 / 4	2026-05-28
0.1.618	20 / 4	2026-05-28
0.1.617	20 / 4	2026-05-28
0.1.616	20 / 4	2026-05-27
0.1.615	20 / 4	2026-05-27
0.1.614	20 / 4	2026-05-27
0.1.613	20 / 4	2026-05-27
0.1.612	20 / 4	2026-05-27
0.1.611	19 / 4	2026-05-27
0.1.610	19 / 4	2026-05-27
0.1.609	19 / 4	2026-05-27
0.1.608	19 / 4	2026-05-27
0.1.607	19 / 4	2026-05-26
0.1.606	19 / 4	2026-05-26
0.1.605	19 / 4	2026-05-26
0.1.604	19 / 4	2026-05-26