@skaldapp/configs
A comprehensive collection of shared configuration files for Vue.js projects with TypeScript, ESLint, Prettier, UnoCSS, and Vite, featuring Pug support
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| dependencies | unvetted-dep:vue-eslint-parser-template-tokenizer-pug | AI (dependencies): Pug tokenizer for Vue ESLint parser; consistent with package purpose. | ai | |
| dependencies | unvetted-dep:@unocss/extractor-pug | AI (dependencies): Official UnoCSS Pug extractor; consistent with package purpose. | ai | |
| dependencies | unvetted-dep:eslint-plugin-vue-pug | AI (dependencies): ESLint plugin for Vue+Pug; consistent with package purpose. | ai | |
| dependencies | unvetted-dep:@tsconfig/strictest | AI (dependencies): Standard tsconfig strictness preset; consistent with this config package's purpose. | ai | |
| dependencies | unvetted-dep:@prettier/plugin-pug | AI (dependencies): Well-known prettier plugin for Pug; matches package's documented Pug support. | ai | |
| dependencies | unvetted-dep:@unocss/eslint-config | AI (dependencies): Official UnoCSS ESLint config; consistent with package purpose. | ai | |
| phantom-deps | phantom-dep:eslint-plugin-vue-pug | AI (phantom-deps): Config package; eslint plugin referenced in config exports. | ai | |
| phantom-deps | phantom-dep:@types/node | AI (phantom-deps): Framework-scoped type package; loaded by convention in TS projects. | ai | |
| phantom-deps | phantom-dep:@tsconfig/strictest | AI (phantom-deps): Config package; tsconfig extension referenced in tsconfig.json, not imported. | ai | |
| phantom-deps | phantom-dep:@prettier/plugin-pug | AI (phantom-deps): Config package; prettier plugin referenced in config, not imported. | ai | |
| phantom-deps | phantom-dep:prettier-plugin-jsdoc | AI (phantom-deps): Config package; prettier plugin referenced in config, not imported. | ai | |
| phantom-deps | phantom-dep:eslint-config-prettier | AI (phantom-deps): Config package; eslint config referenced in config, not imported. | ai | |
| phantom-deps | phantom-dep:pug | AI (phantom-deps): Config package; pug is referenced in config files, not imported directly. Stable pattern. | ai | |
| phantom-deps | phantom-dep:prettier-plugin-packagejson | AI (phantom-deps): Config package; prettier plugin referenced in config, not imported. | ai | |
| phantom-deps | phantom-dep:prettier-plugin-tailwindcss | AI (phantom-deps): Config package; prettier plugin referenced in config, not imported. | ai | |
| phantom-deps | phantom-dep:eslint-import-resolver-typescript | AI (phantom-deps): Config package; eslint resolver referenced in config, not imported. | ai | |
| phantom-deps | phantom-dep:vue-eslint-parser-template-tokenizer-pug | AI (phantom-deps): Config package; eslint parser plugin referenced in config, not imported. | ai | |
| phantom-deps | phantom-dep:@vue/language-plugin-pug | AI (phantom-deps): Framework-scoped config package; loaded by convention, not imported. | ai | |
| phantom-deps | phantom-dep:jiti | AI (phantom-deps): Config package; jiti is a config loader referenced by convention, not imported. | ai | |
| phantom-deps | phantom-dep:eslint | AI (phantom-deps): Config package; eslint is a peer tool declared as dep, not directly imported. | ai | |
| phantom-deps | phantom-dep:vue-tsc | AI (phantom-deps): Config package; vue-tsc is a build tool referenced in config, not imported. | ai | |
| phantom-deps | phantom-dep:prettier | AI (phantom-deps): Config package; prettier is a peer tool declared as dep, not directly imported. | ai | |
| phantom-deps | phantom-dep:tsc-alias | AI (phantom-deps): Config package; tsc-alias is a build tool referenced in config, not imported. | ai | |
| phantom-deps | phantom-dep:typescript | AI (phantom-deps): Config package; typescript is a peer tool declared as dep, not directly imported. | ai | |
| phantom-deps | phantom-dep:@vue/tsconfig | AI (phantom-deps): Framework-scoped config package; loaded by convention, not imported. | ai |
Versions (showing 23 of 23)
| Version | Deps | Published |
|---|---|---|
| 1.4.2 | 47 / 2 | |
| 1.4.1 | 47 / 2 | |
| 1.4.0 | 47 / 2 | |
| 1.2.112 | 47 / 2 | |
| 1.2.111 | 47 / 2 | |
| 1.2.110 | 47 / 2 | |
| 1.2.109 | 47 / 2 | |
| 1.2.108 | 47 / 2 | |
| 1.2.107 | 47 / 2 | |
| 1.2.106 | 47 / 2 | |
| 1.2.105 | 47 / 2 | |
| 1.2.104 | 47 / 2 | |
| 1.2.101 | 47 / 2 | |
| 1.2.95 | 47 / 2 | |
| 1.2.93 | 47 / 2 | |
| 1.2.91 | 47 / 2 | |
| 1.2.89 | 47 / 2 | |
| 1.2.86 | 48 / 1 | |
| 1.2.85 | 47 / 2 | |
| 1.2.57 | 48 / 2 | |
| 1.2.55 | 48 / 2 | |
| 1.2.54 | 47 / 2 | |
| 1.2.53 | 47 / 2 |
v1.4.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.4.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.4.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.2.112
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.2.111
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.2.110
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.2.109
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.2.108
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.2.107
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.2.106
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.2.105
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.2.104
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.2.101
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.2.95
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.2.93
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.2.91
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.2.89
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.2.86
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.2.85
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.2.57
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.2.55
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.2.54
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.2.53
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.