@remix-run/dev No license 30 versions

@remix-run/dev

npm Repository Homepage

30

Versions

—

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

mjacksonryanflorence

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
dependencies	unvetted-dep:@types/mdx	AI (dependencies): @types/mdx is a TypeScript type-only package with no runtime risk; stable false positive for this package.	ai	2026/06/04
phantom-deps	phantom-dep:ora	AI (phantom-deps): Build tool referencing deps via config conventions; stable false positive for this package.	ai	2026/06/02
phantom-deps	phantom-dep:json5	AI (phantom-deps): Build tool referencing deps via config conventions; stable false positive for this package.	ai	2026/06/02
phantom-deps	phantom-dep:tar-fs	AI (phantom-deps): Build tool referencing deps via config conventions; stable false positive for this package.	ai	2026/06/02
typosquat	typosquat.levenshtein:ajv	AI (typosquat): Scoped package @remix-run/dev bears no resemblance to ajv; Levenshtein match is a false positive.	ai	2026/06/02
phantom-deps	phantom-dep:gunzip-maybe	AI (phantom-deps): Build tool referencing deps via config conventions; stable false positive for this package.	ai	2026/06/02
phantom-deps	phantom-dep:@types/mdx	AI (phantom-deps): Framework-scoped type package loaded by convention; stable false positive.	ai	2026/06/02
phantom-deps	phantom-dep:cross-spawn	AI (phantom-deps): Build tool referencing deps via config conventions; stable false positive for this package.	ai	2026/06/02

Versions (showing 30 of 30)

Version	Deps	Published
2.17.4	56 / 28	2026-01-12
2.17.3	56 / 28	2026-01-07
2.17.2	56 / 28	2025-10-29
2.17.1	56 / 28	2025-09-17
2.17.0	56 / 28	2025-07-25
2.16.8	56 / 28	2025-05-29
2.16.7	56 / 28	2025-05-19
2.16.6	56 / 28	2025-05-08
2.16.5	56 / 28	2025-04-09
2.16.4	56 / 28	2025-03-31
2.16.3	56 / 28	2025-03-28
2.16.2	56 / 28	2025-03-19
2.16.1	56 / 28	2025-03-17
2.16.0	56 / 28	2025-02-27
2.15.3	55 / 28	2025-01-30
2.15.2	55 / 28	2024-12-20
2.15.1	55 / 28	2024-12-09
2.15.0	55 / 28	2024-11-22
2.14.0	55 / 28	2024-11-08
2.13.1	53 / 28	2024-10-11
2.13.0	53 / 28	2024-10-11
2.12.1	53 / 28	2024-09-19
2.12.0	53 / 28	2024-09-09
2.11.2	53 / 28	2024-08-15
2.11.1	53 / 28	2024-08-05
2.11.0	53 / 28	2024-08-01
2.10.3	53 / 28	2024-07-16
2.10.2	53 / 28	2024-07-04
2.10.1	53 / 28	2024-07-03
2.10.0	53 / 28	2024-06-25

v2.17.4

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.17.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.17.2

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.17.1

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.17.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.16.8

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.16.7

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.16.6

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.16.5

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.16.4

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.16.3

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.16.2

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.16.1

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.16.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.15.3

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.15.2

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.15.1

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.15.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.14.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.13.1

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.13.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.12.1

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.12.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.11.2

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.11.1

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.11.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v2.10.3

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.10.2

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.10.1

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.10.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.