@real-router/react
React integration for Real-Router
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:dist/cjs/RouterProvider-CPsCmrRw.js | AI (source-diff): Standard minified CJS bundle output; code content is benign router logic. | ai | |
| source-diff | obfuscated-file:dist/esm/RouterProvider-DgHypQTJ.mjs | AI (source-diff): Standard minified ESM bundle output; code content is benign router logic. | ai | |
| source-diff | obfuscated-file:dist/esm/RouterProvider-a9y9bqji.mjs | AI (source-diff): Standard minified ESM build output; same pattern as CJS bundle, no malicious indicators. | ai | |
| source-diff | obfuscated-file:dist/cjs/RouterProvider-fJvMO5Tc.js | AI (source-diff): Standard minified build output for a React router; code is readable router logic, not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/cjs/RouterProvider-DGrUfyLj.js | AI (source-diff): Standard bundler minification output (tsdown); code is readable router logic, not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/esm/RouterProvider-D4B0f6wZ.mjs | AI (source-diff): Standard bundler minification output (tsdown); code is readable router logic, not obfuscated malware. | ai | |
| phantom-deps | phantom-dep:@real-router/core | AI (phantom-deps): Same-org workspace dependency; phantom-dep false positive for monorepo packages. | ai | |
| source-diff | obfuscated-file:dist/esm/RouterProvider-B6vpi85i.mjs | AI (source-diff): Standard bundler output (minified ESM chunk); content is readable React router logic, not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/cjs/RouterProvider-Qu-8nMIX.js | AI (source-diff): Standard bundler output (minified CJS chunk); content is readable React router logic, not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/esm/RouterProvider-Cx0t2IIF.mjs | AI (source-diff): Standard minified ESM bundler output; same pattern as CJS counterpart, not obfuscated. | ai | |
| source-diff | obfuscated-file:dist/cjs/RouterProvider-BOWw6Z_i.js | AI (source-diff): Standard minified bundler output (tsdown); code is readable React router logic, not obfuscated. | ai | |
| source-diff | obfuscated-file:dist/esm/RouterProvider-CedKqey6.mjs | AI (source-diff): Standard minified ESM build output from tsdown bundler; content is readable React router logic. | ai | |
| source-diff | obfuscated-file:dist/cjs/RouterProvider-Caf5VTGt.js | AI (source-diff): Standard minified CJS build output from tsdown bundler; content is readable React router logic. | ai | |
| source-diff | obfuscated-file:dist/esm/RouterProvider-CiPZI0V5.mjs | AI (source-diff): Standard minified ESM bundler output; same pattern as CJS counterpart, no obfuscation. | ai | |
| source-diff | obfuscated-file:dist/cjs/RouterProvider-BOdfon42.js | AI (source-diff): Standard minified bundler output (tsdown); code is readable React router logic, not obfuscated. | ai | |
| source-diff | obfuscated-file:dist/cjs/RouterProvider-CvAgH3Xk.js | AI (source-diff): Standard minified bundler output (tsdown); content is readable React router logic, not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/esm/RouterProvider-CvNpfYUO.mjs | AI (source-diff): Standard minified ESM bundler output; same pattern as CJS chunk, no malicious content. | ai | |
| source-diff | obfuscated-file:dist/cjs/RouterProvider-ZVZMfscC.js | AI (source-diff): Standard minified bundler output (tsdown); content is readable React router logic, not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/esm/RouterProvider-CYGl-5vr.mjs | AI (source-diff): Standard minified bundler output (tsdown); content is readable React router logic, not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/esm/RouterProvider-DqCTMwvh.mjs | AI (source-diff): Standard minified ESM bundler output; same pattern as CJS bundle, clearly legitimate. | ai | |
| source-diff | obfuscated-file:dist/cjs/RouterProvider-DQ0bWmlq.js | AI (source-diff): Standard minified bundler output (tsdown); readable React router logic, not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/esm/RouterProvider-D84Tsw-s.mjs | AI (source-diff): Standard bundler-generated minified ESM chunk; content is readable React router logic, not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/cjs/RouterProvider-XuokeTtL.js | AI (source-diff): Standard bundler-generated minified chunk; content is readable React router logic, not obfuscated malware. | ai | |
| provenance | publisher-changed | AI (provenance): Transition to GitHub Actions CI publishing is confirmed by SLSA/Sigstore attestation; legitimate automation handoff. | ai | |
| provenance | missing-githead | AI (provenance): CI/CD publish via GitHub Actions commonly omits gitHead; SLSA attestation provides equivalent commit traceability. | ai | |
| source-diff | obfuscated-file:dist/cjs/RouterProvider-jqJCKUhp.js | AI (source-diff): Standard minified bundler output (tsdown); readable React router logic, no obfuscation or malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/esm/RouterProvider-DrAGH6K9.mjs | AI (source-diff): Standard minified ESM bundler output; same pattern as CJS counterpart, no malicious content. | ai | |
| source-diff | obfuscated-file:dist/cjs/legacy.js | AI (source-diff): Minified CJS build artifact from tsup; content is readable React router code, not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/esm/RouterProvider-CS2ZoONm.mjs | AI (source-diff): Standard bundler minification output; ESM equivalent of the CJS chunk, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/cjs/RouterProvider-CfBNR-k7.js | AI (source-diff): Standard bundler minification output; content is readable React router logic with no malicious patterns. | ai | |
| dependencies | unvetted-dep:@real-router/core | AI (dependencies): Sibling monorepo package from the same publisher; expected dependency. | ai | |
| dependencies | unvetted-dep:@real-router/route-utils | AI (dependencies): Sibling monorepo package from the same publisher; expected dependency. | ai | |
| dependencies | unvetted-dep:@real-router/sources | AI (dependencies): Sibling monorepo package from the same publisher; expected dependency. | ai |
Versions (showing 51 of 84)
| Version | Deps | Published |
|---|---|---|
| 0.27.1 | 3 / 8 | |
| 0.26.0 | 3 / 8 | |
| 0.25.0 | 3 / 8 | |
| 0.24.1 | 3 / 8 | |
| 0.24.0 | 3 / 8 | |
| 0.23.0 | 3 / 8 | |
| 0.22.1 | 3 / 8 | |
| 0.22.0 | 3 / 8 | |
| 0.21.0 | 3 / 8 | |
| 0.20.0 | 3 / 8 | |
| 0.19.0 | 3 / 8 | |
| 0.18.0 | 3 / 8 | |
| 0.17.2 | 3 / 6 | |
| 0.17.1 | 3 / 6 | |
| 0.17.0 | 3 / 6 | |
| 0.16.1 | 3 / 6 | |
| 0.16.0 | 3 / 6 | |
| 0.15.1 | 3 / 6 | |
| 0.15.0 | 3 / 6 | |
| 0.14.11 | 3 / 6 | |
| 0.14.10 | 3 / 7 | |
| 0.14.9 | 3 / 7 | |
| 0.14.8 | 3 / 7 | |
| 0.14.7 | 3 / 7 | |
| 0.14.6 | 4 / 6 | |
| 0.14.5 | 4 / 6 | |
| 0.14.4 | 4 / 6 | |
| 0.14.3 | 4 / 6 | |
| 0.14.2 | 4 / 6 | |
| 0.14.1 | 4 / 6 | |
| 0.14.0 | 4 / 6 | |
| 0.13.2 | 4 / 6 | |
| 0.13.1 | 4 / 6 | |
| 0.13.0 | 4 / 6 | |
| 0.12.4 | 3 / 6 | |
| 0.12.3 | 3 / 6 | |
| 0.12.2 | 3 / 6 | |
| 0.12.1 | 3 / 6 | |
| 0.12.0 | 3 / 6 | |
| 0.11.0 | 3 / 6 | |
| 0.10.0 | 3 / 6 | |
| 0.9.0 | 3 / 6 | |
| 0.8.0 | 3 / 6 | |
| 0.7.0 | 3 / 6 | |
| 0.6.0 | 3 / 6 | |
| 0.5.5 | 3 / 6 | |
| 0.5.4 | 3 / 6 | |
| 0.5.3 | 3 / 6 | |
| 0.5.2 | 3 / 6 | |
| 0.5.1 | 3 / 6 | |
| 0.5.0 | 2 / 6 |
v0.27.1
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.26.0
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.25.0
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.24.1
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.24.0
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.22.1
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.22.0
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.21.0
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.20.0
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.19.0
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.18.0
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.17.2
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.17.1
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.17.0
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.16.1
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.16.0
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.15.1
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.15.0
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.14.11
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.14.10
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.14.9
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.14.8
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.14.7
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.14.6
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.14.5
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.14.4
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.14.3
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.14.2
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.14.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.14.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.13.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.13.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.13.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.12.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.12.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.12.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.12.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.12.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.8.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.0
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.5
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.