@rxdi/schematics
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| semgrep | semgrep:dynamic-require | AI (semgrep): Template utility pattern for optional dependency loading; stable across versions of this schematics package. | ai | |
| bogus-package | bogus-package | AI (bogus-package): Long-lived package (2589 days, 383 versions); sparse metadata reflects internal tooling style, not spam. | ai | |
| npm-metadata | no-description | AI (npm-metadata): Consistent across all versions of this established package; not a malicious indicator. | ai | |
| phantom-deps | phantom-dep:chalk | AI (phantom-deps): Chalk is a runtime dep used in schematics output; phantom-dep heuristic false positive for this package. | ai | |
| phantom-deps | phantom-dep:@angular-devkit/schematics-cli | AI (phantom-deps): schematics-cli is a legitimate runtime dep for Angular schematics tooling; phantom-dep heuristic false positive. | ai | |
| phantom-deps | phantom-dep:ts-morph | AI (phantom-deps): ts-morph is a runtime dep for code generation; phantom-dep heuristic false positive for this package. | ai | |
| phantom-deps | phantom-dep:node-emoji | AI (phantom-deps): node-emoji is a runtime dep for schematics output; phantom-dep heuristic false positive for this package. | ai |
Versions (showing 68 of 68)
| Version | Deps | Published |
|---|---|---|
| 0.7.248 | 6 / 2 | |
| 0.7.247 | 6 / 2 | |
| 0.7.246 | 6 / 2 | |
| 0.7.245 | 6 / 2 | |
| 0.7.244 | 6 / 2 | |
| 0.7.243 | 6 / 2 | |
| 0.7.242 | 6 / 2 | |
| 0.7.241 | 6 / 2 | |
| 0.7.240 | 6 / 2 | |
| 0.7.239 | 6 / 2 | |
| 0.7.238 | 6 / 2 | |
| 0.7.237 | 6 / 2 | |
| 0.7.236 | 6 / 2 | |
| 0.7.235 | 6 / 2 | |
| 0.7.234 | 6 / 2 | |
| 0.7.233 | 6 / 2 | |
| 0.7.232 | 6 / 2 | |
| 0.7.231 | 6 / 2 | |
| 0.7.230 | 6 / 2 | |
| 0.7.229 | 6 / 2 | |
| 0.7.228 | 6 / 2 | |
| 0.7.227 | 6 / 2 | |
| 0.7.226 | 6 / 2 | |
| 0.7.225 | 6 / 2 | |
| 0.7.224 | 6 / 2 | |
| 0.7.223 | 6 / 2 | |
| 0.7.222 | 6 / 2 | |
| 0.7.221 | 6 / 2 | |
| 0.7.220 | 6 / 2 | |
| 0.7.219 | 6 / 2 | |
| 0.7.218 | 6 / 2 | |
| 0.7.217 | 6 / 2 | |
| 0.7.216 | 6 / 2 | |
| 0.7.215 | 6 / 2 | |
| 0.7.214 | 6 / 2 | |
| 0.7.213 | 6 / 2 | |
| 0.7.212 | 6 / 2 | |
| 0.7.211 | 6 / 2 | |
| 0.7.210 | 6 / 2 | |
| 0.7.209 | 6 / 2 | |
| 0.7.208 | 6 / 2 | |
| 0.7.207 | 6 / 2 | |
| 0.7.206 | 6 / 2 | |
| 0.7.205 | 6 / 2 | |
| 0.7.204 | 6 / 2 | |
| 0.7.203 | 6 / 2 | |
| 0.7.202 | 6 / 2 | |
| 0.7.201 | 6 / 2 | |
| 0.7.200 | 6 / 2 | |
| 0.7.199 | 6 / 2 | |
| 0.7.198 | 6 / 2 | |
| 0.7.197 | 6 / 2 | |
| 0.7.196 | 6 / 2 | |
| 0.7.195 | 6 / 2 | |
| 0.7.194 | 6 / 2 | |
| 0.7.193 | 6 / 2 | |
| 0.7.192 | 6 / 2 | |
| 0.7.191 | 6 / 2 | |
| 0.7.190 | 6 / 2 | |
| 0.7.189 | 6 / 2 | |
| 0.7.188 | 6 / 2 | |
| 0.7.187 | 6 / 2 | |
| 0.7.186 | 6 / 2 | |
| 0.7.185 | 6 / 2 | |
| 0.7.184 | 6 / 2 | |
| 0.7.183 | 6 / 2 | |
| 0.7.182 | 6 / 2 | |
| 0.7.181 | 6 / 2 |
v0.7.248
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.247
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.246
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.245
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.244
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.243
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.242
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.241
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.240
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.238
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.7.237
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.236
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.235
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.234
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.233
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.232
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.231
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.230
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.229
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.228
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.227
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.226
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.225
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.224
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.223
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.222
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.221
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.220
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.219
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.218
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.217
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.216
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.215
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.214
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.213
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.212
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.211
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.210
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.209
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.208
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.207
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.206
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.205
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.204
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.203
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.202
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.201
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.200
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.199
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.198
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.197
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.196
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.195
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.7.194
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.7.193
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.7.192
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.7.191
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.7.190
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.7.189
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.7.188
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.7.187
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.7.186
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.7.185
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.7.184
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.7.183
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.7.182
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.7.181
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.