@relayprotocol/relay-kit-ui No license 9 versions

@relayprotocol/relay-kit-ui

npm Repository Homepage

9

Versions

—

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

pedromcunha-unevenjulien51

Keywords

ethethereumdappswalletweb3bridgereservoir

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
phantom-deps	phantom-dep:@types/react	AI (phantom-deps): Type-only peer dep; not directly imported by convention — stable false positive for this package.	ai	2026/05/24
phantom-deps	phantom-dep:@types/react-dom	AI (phantom-deps): Type-only peer dep; not directly imported by convention — stable false positive for this package.	ai	2026/05/24
phantom-deps	phantom-dep:pandacss-preset-radix-colors	AI (phantom-deps): Referenced in panda config files, not direct imports — stable false positive for this package.	ai	2026/05/24
semgrep	semgrep:shady-links-tlds	AI (semgrep): eclipse.xyz is the legitimate Eclipse blockchain RPC endpoint; not a C2/exfiltration domain.	ai	2026/05/17
phantom-deps	phantom-dep:@fortawesome/fontawesome-svg-core	AI (phantom-deps): FontAwesome core is a transitive peer of react-fontawesome; phantom-dep heuristic fires but it's a stable false positive.	ai	2026/05/17

Versions (showing 9 of 9)

Version	Deps	Published
8.0.7	23 / 17	2026-04-28
8.0.6	23 / 17	2026-04-24
8.0.5	23 / 17	2026-04-21
8.0.4	23 / 17	2026-04-17
8.0.3	23 / 17	2026-03-09
8.0.2	23 / 17	2026-03-05
8.0.1	23 / 17	2026-03-05
8.0.0	23 / 17	2026-03-05
5.1.2	25 / 14	2025-11-06

v8.0.7

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v8.0.6

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v8.0.5

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v8.0.4

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v8.0.3

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v8.0.2

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v8.0.1

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v8.0.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v5.1.2

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.