@spectrum-web-components/slider Apache-2.0 7 versions

@spectrum-web-components/slider

npm Repository Homepage

`<sp-slider>` allows users to quickly select a value within a range. They should be used when the upper and lower bounds of the range are invariable.

7

Versions

Apache-2.0

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

caseyisonittaratadoberajrock38jnjoshnikkimkrubencjianliao79pvashishpatrickfulton

Keywords

design-systemspectrumadobeadobe-spectrumweb componentsweb-componentslit-elementlit-htmlcomponentcss

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
phantom-deps	phantom-dep:@spectrum-web-components/theme	AI (phantom-deps): Same-org monorepo sibling; declared as peer/dep for theming side-effects, not necessarily directly imported.	ai	2026/05/27

Versions (showing 7 of 7)

Version	Deps	Published
1.11.2	8 / 0	2026-02-03
1.11.1	8 / 0	2026-02-02
1.11.0	8 / 0	2026-01-27
1.9.0	8 / 0	2025-10-13
1.8.0	8 / 0	2025-09-23
1.7.0	8 / 0	2025-06-11
1.6.0	8 / 1	2025-05-01

v1.11.2

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.11.1

2 findings

HIGH Publisher changed: taratadobe → rubenc (on 2026-02-02) provenance

This version was published by a different npm account than previous versions on 2026-02-02. This could indicate a legitimate maintainer transition or an account compromise.

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.11.0

2 findings

HIGH Publisher changed: taratadobe → rubenc (on 2026-01-27) provenance

This version was published by a different npm account than previous versions on 2026-01-27. This could indicate a legitimate maintainer transition or an account compromise.

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.9.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.8.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.7.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.6.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.