@stenajs-webui/panels
This package contains larger, more use‑case driven components built by composing primitives from other `@stenajs-webui/*` packages.
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| provenance | publisher-changed | AI (provenance): Transition from human publisher to GitHub Actions CI is documented by the StenaIT org; stable pattern for this monorepo. | ai | |
| phantom-deps | phantom-dep:date-fns | AI (phantom-deps): Declared runtime dep in monorepo package; phantom-dep heuristic fires on config references, stable false positive. | ai | |
| phantom-deps | phantom-dep:react-transition-group | AI (phantom-deps): Declared runtime dep in monorepo package; phantom-dep heuristic fires on config references, stable false positive. | ai |
Versions (showing 49 of 49)
| Version | Deps | Published |
|---|---|---|
| 23.18.0 | 10 / 9 | |
| 23.17.3 | 10 / 9 | |
| 23.17.2 | 10 / 9 | |
| 23.17.1 | 10 / 9 | |
| 23.17.0 | 10 / 9 | |
| 23.16.3 | 10 / 9 | |
| 23.16.2 | 10 / 9 | |
| 23.16.1 | 10 / 9 | |
| 23.16.0 | 10 / 9 | |
| 23.15.3 | 10 / 9 | |
| 23.15.2 | 10 / 9 | |
| 23.15.1 | 10 / 9 | |
| 23.15.0 | 10 / 9 | |
| 23.14.0 | 10 / 9 | |
| 23.13.3 | 10 / 9 | |
| 23.13.2 | 10 / 9 | |
| 23.13.1 | 10 / 9 | |
| 23.13.0 | 10 / 9 | |
| 23.12.11 | 10 / 9 | |
| 23.12.10 | 10 / 9 | |
| 23.12.9 | 10 / 9 | |
| 23.12.8 | 10 / 9 | |
| 23.12.7 | 10 / 9 | |
| 23.12.6 | 10 / 9 | |
| 23.12.5 | 10 / 9 | |
| 23.12.4 | 10 / 9 | |
| 23.12.3 | 10 / 9 | |
| 23.12.2 | 10 / 9 | |
| 23.12.1 | 10 / 9 | |
| 23.12.0 | 10 / 9 | |
| 23.11.3 | 10 / 9 | |
| 23.11.2 | 10 / 9 | |
| 23.11.1 | 10 / 9 | |
| 23.11.0 | 10 / 9 | |
| 23.10.0 | 10 / 9 | |
| 23.9.0 | 10 / 9 | |
| 23.8.1 | 10 / 9 | |
| 23.8.0 | 10 / 9 | |
| 23.7.1 | 10 / 9 | |
| 23.7.0 | 10 / 9 | |
| 23.6.0 | 10 / 9 | |
| 23.5.1 | 10 / 9 | |
| 23.5.0 | 10 / 9 | |
| 23.4.0 | 10 / 9 | |
| 23.3.1 | 10 / 9 | |
| 23.3.0 | 10 / 9 | |
| 23.2.0 | 10 / 9 | |
| 23.1.0 | 10 / 9 | |
| 23.0.0 | 10 / 9 |
v23.18.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.17.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.17.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.17.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.17.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.16.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.16.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.16.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.16.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.15.3
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v23.15.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.15.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.15.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.14.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.13.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.13.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.13.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.13.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.12.11
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.12.10
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.12.9
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.12.8
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.12.7
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.12.6
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.12.5
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.12.4
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.12.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.12.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.12.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.12.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.11.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.11.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.11.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.11.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.10.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.9.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.8.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.8.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.7.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.7.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.6.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.5.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.5.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.4.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v23.3.1
2 findingsThis version was published by a different npm account than previous versions on 2025-10-31. This could indicate a legitimate maintainer transition or an account compromise.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.3.0
2 findingsThis version was published by a different npm account than previous versions on 2025-10-31. This could indicate a legitimate maintainer transition or an account compromise.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.2.0
2 findingsThis version was published by a different npm account than previous versions on 2025-10-29. This could indicate a legitimate maintainer transition or an account compromise.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.1.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v23.0.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.