@sap-ux/ui5-library-sub-generator
Generator for creating UI5 libraries
Supply chain provenance
Status for the latest visible version.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| dependencies | unvetted-dep:@sap-ux/ui5-info | AI (dependencies): First-party SAP UX tooling dep from the same open-ux-tools monorepo. | ai | |
| dependencies | unvetted-dep:yeoman-generator | AI (dependencies): Well-known Yeoman core package; expected for a Yeoman-based generator. | ai | |
| dependencies | unvetted-dep:@sap-ux/nodejs-utils | AI (dependencies): First-party SAP UX tooling dep from the same open-ux-tools monorepo. | ai | |
| dependencies | unvetted-dep:@sap-devx/yeoman-ui-types | AI (dependencies): SAP DevX type definitions for Yeoman UI; expected for this generator. | ai | |
| dependencies | unvetted-dep:@sap-ux/ui5-library-writer | AI (dependencies): First-party SAP UX tooling dep from the same open-ux-tools monorepo. | ai | |
| dependencies | unvetted-dep:@sap-ux/fiori-tools-settings | AI (dependencies): First-party SAP UX tooling dep from the same open-ux-tools monorepo. | ai | |
| dependencies | unvetted-dep:@sap-ux/ui5-library-inquirer | AI (dependencies): First-party SAP UX tooling dep from the same open-ux-tools monorepo. | ai | |
| dependencies | unvetted-dep:@sap-ux/fiori-generator-shared | AI (dependencies): First-party SAP UX tooling dep from the same open-ux-tools monorepo. | ai | |
| provenance | no-provenance | AI (provenance): Large SAP monorepo; lack of Sigstore provenance is common for enterprise npm packages. | ai |
Versions (showing 100 of 151)
| Version | Deps | Published |
|---|---|---|
| 0.1.168 | 9 / 11 | |
| 0.1.167 | 9 / 11 | |
| 0.1.166 | 9 / 11 | |
| 0.1.165 | 9 / 11 | |
| 0.1.164 | 9 / 11 | |
| 0.1.163 | 9 / 11 | |
| 0.1.162 | 9 / 11 | |
| 0.1.152 | 9 / 11 | |
| 0.1.143 | 9 / 11 | |
| 0.1.142 | 9 / 11 | |
| 0.1.141 | 9 / 11 | |
| 0.1.140 | 9 / 11 | |
| 0.1.139 | 9 / 11 | |
| 0.1.138 | 9 / 11 | |
| 0.1.137 | 9 / 11 | |
| 0.1.136 | 9 / 11 | |
| 0.1.135 | 9 / 11 | |
| 0.1.134 | 9 / 11 | |
| 0.1.132 | 9 / 11 | |
| 0.1.130 | 9 / 11 | |
| 0.1.129 | 9 / 11 | |
| 0.1.128 | 9 / 11 | |
| 0.1.127 | 9 / 11 | |
| 0.1.125 | 9 / 11 | |
| 0.1.124 | 9 / 11 | |
| 0.1.123 | 9 / 11 | |
| 0.1.122 | 9 / 11 | |
| 0.1.121 | 9 / 11 | |
| 0.1.120 | 9 / 11 | |
| 0.1.119 | 9 / 11 | |
| 0.1.118 | 9 / 11 | |
| 0.1.117 | 9 / 11 | |
| 0.1.116 | 9 / 11 | |
| 0.1.115 | 9 / 11 | |
| 0.1.114 | 9 / 11 | |
| 0.1.113 | 9 / 11 | |
| 0.1.112 | 9 / 11 | |
| 0.1.111 | 9 / 11 | |
| 0.1.110 | 9 / 11 | |
| 0.1.109 | 9 / 11 | |
| 0.1.107 | 9 / 11 | |
| 0.1.106 | 9 / 11 | |
| 0.1.105 | 9 / 11 | |
| 0.1.104 | 9 / 11 | |
| 0.1.103 | 9 / 11 | |
| 0.1.102 | 9 / 11 | |
| 0.1.101 | 9 / 11 | |
| 0.1.100 | 9 / 11 | |
| 0.1.99 | 9 / 11 | |
| 0.1.98 | 9 / 11 | |
| 0.1.97 | 9 / 11 | |
| 0.1.96 | 9 / 11 | |
| 0.1.95 | 9 / 11 | |
| 0.1.94 | 9 / 11 | |
| 0.1.93 | 9 / 11 | |
| 0.1.92 | 9 / 11 | |
| 0.1.91 | 9 / 11 | |
| 0.1.90 | 9 / 11 | |
| 0.1.89 | 9 / 11 | |
| 0.1.88 | 9 / 11 | |
| 0.1.87 | 9 / 11 | |
| 0.1.86 | 9 / 11 | |
| 0.1.85 | 9 / 11 | |
| 0.1.83 | 9 / 11 | |
| 0.1.82 | 9 / 11 | |
| 0.1.81 | 9 / 11 | |
| 0.1.80 | 9 / 11 | |
| 0.1.79 | 9 / 11 | |
| 0.1.78 | 9 / 11 | |
| 0.1.77 | 9 / 11 | |
| 0.1.76 | 9 / 11 | |
| 0.1.75 | 9 / 11 | |
| 0.1.74 | 9 / 11 | |
| 0.1.73 | 9 / 11 | |
| 0.1.72 | 9 / 11 | |
| 0.1.71 | 9 / 11 | |
| 0.1.70 | 9 / 11 | |
| 0.1.69 | 9 / 11 | |
| 0.1.68 | 9 / 11 | |
| 0.1.67 | 9 / 11 | |
| 0.1.66 | 9 / 11 | |
| 0.1.65 | 9 / 11 | |
| 0.1.64 | 9 / 11 | |
| 0.1.63 | 9 / 11 | |
| 0.1.62 | 9 / 11 | |
| 0.1.61 | 9 / 11 | |
| 0.1.60 | 9 / 11 | |
| 0.1.59 | 9 / 11 | |
| 0.1.58 | 9 / 11 | |
| 0.1.57 | 9 / 11 | |
| 0.1.56 | 9 / 11 | |
| 0.1.55 | 9 / 11 | |
| 0.1.54 | 9 / 11 | |
| 0.1.53 | 9 / 11 | |
| 0.1.51 | 9 / 11 | |
| 0.1.50 | 9 / 11 | |
| 0.1.49 | 9 / 11 | |
| 0.1.48 | 9 / 11 | |
| 0.1.47 | 9 / 11 | |
| 0.1.46 | 9 / 11 |
v0.1.168
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.167
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.166
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.165
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.164
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.163
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.152
2 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
This version was published by a different npm account (devinea) than the most recent previously approved version (kranthie.sap) on 2026-03-30, but devinea is listed as a maintainer on prior approved versions (matched on name). This looks like a manual publish by a known maintainer rather than a publisher change. Recorded as INFO for audit trail.
v0.1.143
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.142
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.141
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.140
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.139
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.138
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.137
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.136
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.135
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.134
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.132
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.130
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.129
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.128
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.127
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.125
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.124
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.123
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.122
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.121
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.120
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.119
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.118
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.117
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.116
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.115
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.114
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.113
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.112
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.111
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.110
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.109
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.107
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.106
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.105
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.104
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.103
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.102
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.101
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.100
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.99
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.98
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.97
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.96
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.95
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.94
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.93
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.92
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.91
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.90
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.89
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.88
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.87
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.86
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.85
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.83
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.82
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.81
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.80
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.79
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.78
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.77
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.76
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.75
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.74
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.73
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.72
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.71
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.70
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.69
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.68
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.67
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.66
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.65
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.64
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.63
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.62
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.61
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.60
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.59
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.58
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.57
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.56
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.55
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.54
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.53
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.51
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.50
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.49
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.48
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.47
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.46
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.