@shapediver/viewer.shared.node-tree
This package is part of the [`@shapediver/viewer`](https://www.npmjs.com/package/@shapediver/viewer), you can find all information [here](https://viewer.shapediver.com/v3/latest/api/index.html).
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| bogus-package | bogus-package | AI (bogus-package): Monorepo component package; sparse README and no keywords are expected for internal library modules. | ai | |
| provenance | no-provenance | AI (provenance): ShapeDiver packages consistently lack provenance attestation; stable false positive for this publisher. | ai |
Versions (showing 97 of 97)
| Version | Deps | Published |
|---|---|---|
| 3.17.0 | 4 / 0 | |
| 3.16.10 | 4 / 0 | |
| 3.16.9 | 4 / 0 | |
| 3.16.8 | 4 / 0 | |
| 3.16.7 | 4 / 0 | |
| 3.16.6 | 4 / 0 | |
| 3.16.5 | 4 / 0 | |
| 3.16.4 | 4 / 0 | |
| 3.16.3 | 4 / 0 | |
| 3.16.2 | 4 / 0 | |
| 3.16.1 | 4 / 0 | |
| 3.16.0 | 4 / 0 | |
| 3.15.12 | 3 / 0 | |
| 3.15.11 | 3 / 0 | |
| 3.15.10 | 3 / 0 | |
| 3.15.9 | 3 / 0 | |
| 3.15.8 | 3 / 0 | |
| 3.15.7 | 3 / 0 | |
| 3.15.6 | 3 / 0 | |
| 3.15.5 | 3 / 0 | |
| 3.15.4 | 3 / 0 | |
| 3.15.3 | 3 / 0 | |
| 3.15.2 | 3 / 0 | |
| 3.15.1 | 3 / 0 | |
| 3.15.0 | 3 / 0 | |
| 3.14.10 | 3 / 0 | |
| 3.14.9 | 3 / 0 | |
| 3.14.8 | 3 / 0 | |
| 3.14.7 | 3 / 0 | |
| 3.14.6 | 3 / 0 | |
| 3.14.5 | 3 / 0 | |
| 3.14.4 | 3 / 0 | |
| 3.14.3 | 3 / 0 | |
| 3.14.2 | 3 / 0 | |
| 3.14.1 | 3 / 0 | |
| 3.14.0 | 3 / 0 | |
| 3.13.20 | 3 / 0 | |
| 3.13.19 | 3 / 0 | |
| 3.13.18 | 3 / 0 | |
| 3.13.17 | 3 / 0 | |
| 3.13.16 | 3 / 0 | |
| 3.13.15 | 3 / 0 | |
| 3.13.14 | 3 / 0 | |
| 3.13.13 | 3 / 0 | |
| 3.13.12 | 3 / 0 | |
| 3.13.11 | 3 / 0 | |
| 3.13.10 | 3 / 0 | |
| 3.13.9 | 3 / 0 | |
| 3.13.8 | 3 / 0 | |
| 3.13.7 | 3 / 0 | |
| 3.13.6 | 3 / 0 | |
| 3.13.5 | 3 / 0 | |
| 3.13.4 | 3 / 0 | |
| 3.13.3 | 3 / 0 | |
| 3.13.2 | 3 / 0 | |
| 3.13.1 | 3 / 0 | |
| 3.13.0 | 3 / 0 | |
| 3.12.21 | 3 / 0 | |
| 3.12.20 | 3 / 0 | |
| 3.12.19 | 3 / 0 | |
| 3.12.18 | 3 / 0 | |
| 3.12.17 | 3 / 0 | |
| 3.12.16 | 3 / 0 | |
| 3.12.15 | 3 / 0 | |
| 3.12.14 | 3 / 0 | |
| 3.12.13 | 3 / 0 | |
| 3.12.12 | 3 / 0 | |
| 3.12.11 | 3 / 0 | |
| 3.12.10 | 3 / 0 | |
| 3.12.9 | 3 / 0 | |
| 3.12.8 | 3 / 0 | |
| 3.12.7 | 3 / 0 | |
| 3.12.6 | 3 / 0 | |
| 3.12.5 | 3 / 0 | |
| 3.12.4 | 3 / 0 | |
| 3.12.3 | 3 / 0 | |
| 3.12.2 | 3 / 0 | |
| 3.12.1 | 3 / 0 | |
| 3.12.0 | 3 / 0 | |
| 3.11.14 | 3 / 0 | |
| 3.11.13 | 3 / 0 | |
| 3.11.12 | 3 / 0 | |
| 3.11.11 | 3 / 0 | |
| 3.11.10 | 3 / 0 | |
| 3.11.9 | 3 / 0 | |
| 3.11.8 | 3 / 0 | |
| 3.11.7 | 3 / 0 | |
| 3.11.6 | 3 / 0 | |
| 3.11.5 | 3 / 0 | |
| 3.11.4 | 3 / 0 | |
| 3.11.3 | 3 / 0 | |
| 3.11.2 | 3 / 0 | |
| 3.11.1 | 3 / 0 | |
| 3.11.0 | 3 / 0 | |
| 3.10.0 | 3 / 0 | |
| 3.9.10 | 3 / 0 | |
| 3.9.9 | 3 / 0 |
v3.17.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.16.10
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.16.9
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.16.8
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.16.7
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.16.5
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.16.4
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.16.3
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.16.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.16.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.16.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v3.15.12
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.15.11
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.15.10
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.15.9
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.15.8
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.15.7
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.15.6
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.15.5
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.15.4
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.15.3
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.15.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.15.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.15.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.14.10
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.14.9
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.14.8
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.14.7
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.14.6
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.14.5
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.14.4
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.14.3
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.14.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v3.14.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v3.14.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v3.13.20
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.13.19
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.13.18
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.13.17
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.13.16
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.13.15
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.13.14
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.13.13
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.13.12
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.13.11
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.13.10
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.13.9
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.13.8
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.13.7
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.13.6
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.13.5
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.13.4
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.13.3
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.13.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.13.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.13.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.12.21
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.12.20
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.12.19
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.12.18
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.12.17
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.12.16
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.12.15
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.12.14
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.12.13
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.12.12
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.12.11
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.12.10
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.12.9
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.12.8
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.12.7
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.12.6
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.12.5
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.12.4
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.12.3
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.12.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.12.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.12.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.11.14
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.11.13
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.11.12
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.11.11
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.11.10
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.11.9
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.11.8
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.11.7
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.11.6
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.11.5
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.11.4
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.11.3
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.11.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.11.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.11.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.10.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.9.10
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.9.9
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.