@powerlines/plugin-style-dictionary
A Powerlines plugin to generate project code with Style Dictionary.
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| publish-pattern | new-deps-added | AI (publish-pattern): New deps are from the same Storm Software org; consistent with internal refactoring across this package family. | ai | |
| source-diff | large-new-source-files | AI (source-diff): Large file counts reflect rolldown bundling virtual modules into dist. Expected pattern for this Storm Software package family. | ai | |
| provenance | publisher-changed | AI (provenance): Storm Software migrated publishing to GitHub Actions CI/CD with SLSA provenance attestation. This is a legitimate automation transition, not a compromise. | ai | |
| source-diff | obfuscated-file:dist/index.mjs | AI (source-diff): dist/index.mjs is standard minified ESM bundle output from esbuild, not obfuscation. SLSA provenance confirms CI/CD build integrity. Stable false positive for this package. | ai | |
| source-diff | obfuscated-file:dist/index.cjs | AI (source-diff): dist/index.cjs is a standard minified CJS bundle output. Code is readable and benign. Long lines are from bundling, not obfuscation. Stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@stryke/types | AI (phantom-deps): Type utilities used indirectly; phantom dependency is expected in this plugin context. | ai | |
| phantom-deps | phantom-dep:@stryke/type-checks | AI (phantom-deps): Type checking utilities used indirectly; expected phantom dependency pattern. | ai | |
| phantom-deps | phantom-dep:powerlines | AI (phantom-deps): Core plugin dependency; used through plugin architecture rather than direct imports. | ai | |
| phantom-deps | phantom-dep:style-dictionary | AI (phantom-deps): Core dependency for this style-dictionary plugin; used through plugin interface. | ai | |
| phantom-deps | phantom-dep:defu | AI (phantom-deps): Phantom dependency is expected; defu is a legitimate utility used in config processing for this plugin. | ai | |
| phantom-deps | phantom-dep:@stryke/path | AI (phantom-deps): @stryke/path is a sibling ecosystem package declared as a dependency and referenced in config; phantom-dep flag is a false positive here. | ai | |
| phantom-deps | phantom-dep:jiti | AI (phantom-deps): jiti is declared as a runtime dependency and used in config files; phantom-dep flag is a false positive for this config-tooling pattern. | ai | |
| provenance | slsa-provenance | AI (provenance): Package is consistently published via CI/CD with Sigstore SLSA attestation; this is a stable positive signal for the entire package ecosystem. | ai |
Versions (showing 100 of 578)
| Version | Deps | Published |
|---|---|---|
| 0.3.496 | 8 / 2 | |
| 0.3.495 | 8 / 2 | |
| 0.3.494 | 8 / 2 | |
| 0.3.493 | 8 / 2 | |
| 0.3.492 | 8 / 2 | |
| 0.3.491 | 8 / 2 | |
| 0.3.490 | 8 / 2 | |
| 0.3.489 | 8 / 2 | |
| 0.3.488 | 8 / 2 | |
| 0.3.487 | 8 / 2 | |
| 0.3.486 | 8 / 2 | |
| 0.3.485 | 8 / 2 | |
| 0.3.484 | 8 / 2 | |
| 0.3.483 | 8 / 2 | |
| 0.3.482 | 8 / 2 | |
| 0.3.481 | 8 / 2 | |
| 0.3.480 | 8 / 2 | |
| 0.3.479 | 8 / 2 | |
| 0.3.478 | 8 / 2 | |
| 0.3.477 | 8 / 2 | |
| 0.3.476 | 8 / 2 | |
| 0.3.475 | 8 / 2 | |
| 0.3.474 | 8 / 2 | |
| 0.3.473 | 8 / 2 | |
| 0.3.472 | 8 / 2 | |
| 0.3.471 | 8 / 2 | |
| 0.3.470 | 8 / 2 | |
| 0.3.469 | 8 / 2 | |
| 0.3.468 | 8 / 2 | |
| 0.3.467 | 8 / 2 | |
| 0.3.466 | 8 / 2 | |
| 0.3.465 | 8 / 2 | |
| 0.3.464 | 8 / 2 | |
| 0.3.463 | 8 / 2 | |
| 0.3.462 | 8 / 2 | |
| 0.3.461 | 8 / 2 | |
| 0.3.460 | 8 / 2 | |
| 0.3.459 | 8 / 2 | |
| 0.3.458 | 8 / 2 | |
| 0.3.457 | 8 / 2 | |
| 0.3.456 | 8 / 2 | |
| 0.3.455 | 8 / 2 | |
| 0.3.454 | 8 / 2 | |
| 0.3.453 | 8 / 2 | |
| 0.3.452 | 8 / 2 | |
| 0.3.450 | 8 / 2 | |
| 0.3.449 | 8 / 2 | |
| 0.3.448 | 8 / 2 | |
| 0.3.447 | 8 / 2 | |
| 0.3.446 | 8 / 2 | |
| 0.3.445 | 8 / 2 | |
| 0.3.444 | 8 / 2 | |
| 0.3.443 | 8 / 2 | |
| 0.3.442 | 8 / 2 | |
| 0.3.441 | 8 / 2 | |
| 0.3.440 | 8 / 2 | |
| 0.3.439 | 8 / 2 | |
| 0.3.438 | 8 / 2 | |
| 0.3.437 | 8 / 2 | |
| 0.3.436 | 8 / 2 | |
| 0.3.435 | 8 / 2 | |
| 0.3.434 | 8 / 2 | |
| 0.3.433 | 8 / 2 | |
| 0.3.432 | 8 / 2 | |
| 0.3.431 | 8 / 2 | |
| 0.3.430 | 8 / 2 | |
| 0.3.429 | 8 / 2 | |
| 0.3.428 | 8 / 2 | |
| 0.3.427 | 8 / 2 | |
| 0.3.426 | 8 / 2 | |
| 0.3.425 | 8 / 2 | |
| 0.3.424 | 8 / 2 | |
| 0.3.423 | 8 / 2 | |
| 0.3.422 | 8 / 2 | |
| 0.3.421 | 8 / 2 | |
| 0.3.412 | 8 / 2 | |
| 0.3.411 | 8 / 2 | |
| 0.3.409 | 8 / 2 | |
| 0.3.408 | 8 / 2 | |
| 0.3.407 | 8 / 2 | |
| 0.3.406 | 8 / 2 | |
| 0.3.405 | 8 / 2 | |
| 0.3.404 | 8 / 2 | |
| 0.3.403 | 8 / 2 | |
| 0.3.402 | 8 / 2 | |
| 0.3.401 | 8 / 2 | |
| 0.3.400 | 8 / 2 | |
| 0.3.398 | 8 / 2 | |
| 0.3.397 | 8 / 2 | |
| 0.3.396 | 8 / 2 | |
| 0.3.395 | 8 / 2 | |
| 0.3.394 | 8 / 2 | |
| 0.3.393 | 8 / 2 | |
| 0.3.392 | 8 / 2 | |
| 0.3.391 | 8 / 2 | |
| 0.3.390 | 8 / 2 | |
| 0.3.389 | 8 / 2 | |
| 0.3.388 | 8 / 2 | |
| 0.3.387 | 8 / 2 | |
| 0.3.386 | 8 / 2 |
v0.3.496
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.495
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.494
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.493
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.492
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.491
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.490
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.489
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.488
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.487
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.486
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.485
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.484
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.483
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.482
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.481
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.480
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.479
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.478
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.477
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.476
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.475
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.474
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.473
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.472
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.471
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.470
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.469
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.468
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.467
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.466
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.465
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.464
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.463
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.462
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.461
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.460
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.459
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.458
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.457
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.456
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.455
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.454
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.453
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.452
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.450
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.449
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.448
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.447
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.446
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.445
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.444
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.443
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.442
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.441
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.440
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.439
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.438
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.437
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.436
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.435
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.434
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.433
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.432
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.431
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.430
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.429
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.428
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.427
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.426
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.425
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.424
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.423
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.422
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.421
2 findingsPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
[Accepted risk] This version was published by a different npm account than previous versions on 2026-05-21. This could indicate a legitimate maintainer transition or an account compromise.
v0.3.412
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.411
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.409
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.408
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.407
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.406
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.405
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.404
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.403
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.402
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.401
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.400
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.398
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.397
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.396
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.395
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.394
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.393
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.392
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.391
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.390
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.389
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.388
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.387
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.386
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.