@spscommerce/ds-react-charts

SPS Design System React Chart components

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures No source commit

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

jimthedevpixelfish22rena0601spsc_cafmacybuan

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
phantom-deps	phantom-dep:nanoid	AI (phantom-deps): Bundled chart library; visx/nanoid deps consumed internally, phantom detection is a false positive for this package.	ai	2026/05/02
phantom-deps	phantom-dep:@visx/grid	AI (phantom-deps): visx packages are legitimate chart dependencies; phantom detection false positive for bundled output.	ai	2026/05/02
phantom-deps	phantom-dep:@visx/glyph	AI (phantom-deps): visx packages are legitimate chart dependencies; phantom detection false positive for bundled output.	ai	2026/05/02
phantom-deps	phantom-dep:@visx/group	AI (phantom-deps): visx packages are legitimate chart dependencies; phantom detection false positive for bundled output.	ai	2026/05/02
phantom-deps	phantom-dep:@visx/shape	AI (phantom-deps): visx packages are legitimate chart dependencies; phantom detection false positive for bundled output.	ai	2026/05/02
phantom-deps	phantom-dep:@visx/legend	AI (phantom-deps): visx packages are legitimate chart dependencies; phantom detection false positive for bundled output.	ai	2026/05/02
phantom-deps	phantom-dep:react-spring	AI (phantom-deps): react-spring is a declared dependency used by visx/xychart; phantom detection false positive.	ai	2026/05/02
phantom-deps	phantom-dep:@visx/gradient	AI (phantom-deps): visx packages are legitimate chart dependencies; phantom detection false positive for bundled output.	ai	2026/05/02
phantom-deps	phantom-dep:@juggle/resize-observer	AI (phantom-deps): Declared dependency for resize observation; phantom detection false positive for bundled output.	ai	2026/05/02

Versions (showing 51 of 97)

View all versions

Version	Deps	Published
8.47.0	12 / 12	2026-06-01
8.46.7	12 / 12	2026-05-28
8.46.6	12 / 12	2026-05-27
8.46.5	12 / 12	2026-05-26
8.46.4	12 / 12	2026-05-20
8.46.3	12 / 12	2026-05-20
8.46.2	12 / 12	2026-05-19
8.46.1	12 / 12	2026-05-19
8.46.0	12 / 12	2026-05-18
8.45.8	12 / 12	2026-05-13
8.45.7	12 / 12	2026-05-12
8.45.6	12 / 12	2026-05-11
8.45.5	12 / 12	2026-05-06
8.45.4	12 / 12	2026-04-30
8.45.3	12 / 12	2026-04-30
8.45.2	12 / 12	2026-04-30
8.45.1	12 / 12	2026-04-30
8.45.0	12 / 12	2026-04-29
8.44.1	12 / 12	2026-04-15
8.44.0	12 / 12	2026-04-14
8.43.1	12 / 12	2026-04-07
8.43.0	12 / 12	2026-03-31
8.42.7	12 / 12	2026-03-20
8.42.6	12 / 12	2026-03-20
8.42.5	12 / 12	2026-03-18
8.42.4	12 / 12	2026-03-18
8.42.3	12 / 12	2026-03-18
8.42.2	12 / 12	2026-03-17
8.42.1	12 / 12	2026-03-16
8.42.0	12 / 12	2026-03-16
8.41.4	12 / 12	2026-03-13
8.41.3	12 / 12	2026-03-09
8.41.2	12 / 12	2026-02-27
8.41.1	12 / 12	2026-02-27
8.41.0	12 / 12	2026-02-27
8.40.0	12 / 12	2026-02-26
8.39.0	12 / 12	2026-02-18
8.38.2	12 / 12	2026-02-17
8.38.1	12 / 12	2026-02-16
8.38.0	12 / 12	2026-02-13
8.37.8	12 / 12	2026-02-12
8.37.7	12 / 12	2026-02-02
8.37.6	12 / 12	2026-01-27
8.37.5	12 / 12	2026-01-27
8.37.4	12 / 12	2026-01-23
8.37.3	12 / 12	2026-01-22
8.37.2	12 / 12	2025-12-17
8.37.1	12 / 12	2025-12-04
8.37.0	12 / 12	2025-11-19
8.36.0	12 / 12	2025-11-07
8.35.6	12 / 12	2025-10-21