@storm-software/eslint
A package containing the base ESLint configuration used by Storm Software across many projects.
4
Versions
Apache-2.0
License
No
Install Scripts
Verified
Provenance
Supply chain provenance
Status for the latest visible version.
SLSA provenance attestation
npm registry signatures
gitHead linked
Maintainers
stormie-botsullivanpj
Keywords
eslinteslint-configeslintconfigmonorepostormstorm-opssullivanpj
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| dependencies | unvetted-dep:eslint-flat-config-utils | AI (dependencies): Utility for ESLint flat config; no risk. | ai | |
| dependencies | unvetted-dep:@nx/eslint-plugin | AI (dependencies): Well-known Nx monorepo ESLint plugin; stable dependency for this ESLint config package. | ai | |
| dependencies | unvetted-dep:eslint-plugin-mdx | AI (dependencies): Standard ESLint plugin for MDX; no risk for an ESLint config package. | ai | |
| dependencies | unvetted-dep:eslint-plugin-pnpm | AI (dependencies): Known ESLint plugin for pnpm workspace rules; appropriate for this config package. | ai | |
| dependencies | unvetted-dep:eslint-plugin-toml | AI (dependencies): Standard TOML linting plugin; no risk. | ai | |
| dependencies | unvetted-dep:toml-eslint-parser | AI (dependencies): Parser companion to eslint-plugin-toml; no risk. | ai | |
| dependencies | unvetted-dep:eslint-plugin-paths | AI (dependencies): Known ESLint plugin for path aliasing rules; no risk. | ai | |
| dependencies | unvetted-dep:@cspell/eslint-plugin | AI (dependencies): Official CSpell ESLint plugin from the cspell org; no risk. | ai | |
| dependencies | unvetted-dep:@vitest/eslint-plugin | AI (dependencies): Official Vitest ESLint plugin; no risk. | ai | |
| dependencies | unvetted-dep:eslint-merge-processors | AI (dependencies): Utility for merging ESLint processors; no risk. | ai | |
| dependencies | unvetted-dep:eslint-plugin-no-secrets | AI (dependencies): ESLint plugin to detect secrets in code; no risk. | ai | |
| dependencies | unvetted-dep:eslint-plugin-markdownlint | AI (dependencies): Standard Markdown linting ESLint plugin; no risk. | ai | |
| phantom-deps | phantom-dep:zod | AI (phantom-deps): ESLint config package; plugins loaded by convention, not direct import. | ai | |
| phantom-deps | phantom-dep:parse-gitignore | AI (phantom-deps): ESLint config package; plugins loaded by convention, not direct import. | ai | |
| phantom-deps | phantom-dep:@eslint/eslintrc | AI (phantom-deps): Framework-scoped ESLint package loaded by convention. | ai | |
| phantom-deps | phantom-dep:eslint-plugin-json | AI (phantom-deps): ESLint plugin loaded by convention in config files. | ai | |
| phantom-deps | phantom-dep:eslint-plugin-pnpm | AI (phantom-deps): ESLint plugin loaded by convention in config files. | ai | |
| phantom-deps | phantom-dep:eslint-plugin-paths | AI (phantom-deps): ESLint plugin loaded by convention in config files. | ai | |
| phantom-deps | phantom-dep:eslint-plugin-tsdoc | AI (phantom-deps): ESLint plugin loaded by convention in config files. | ai | |
| phantom-deps | phantom-dep:eslint-config-prettier | AI (phantom-deps): ESLint config loaded by convention. | ai | |
| phantom-deps | phantom-dep:eslint-plugin-markdown | AI (phantom-deps): ESLint plugin loaded by convention in config files. | ai | |
| phantom-deps | phantom-dep:eslint-plugin-markdownlint | AI (phantom-deps): ESLint plugin loaded by convention in config files. | ai | |
| phantom-deps | phantom-dep:@storm-software/config-tools | AI (phantom-deps): Same org scope; internal dependency loaded by convention. | ai |
Versions (showing 4 of 182)
| Version | Deps | Published |
|---|---|---|
| 0.148.17 | 44 / 30 | |
| 0.148.16 | 44 / 30 | |
| 0.148.15 | 44 / 30 | |
| 0.148.14 | 44 / 30 |
v0.148.17
1 finding
INFO
Has SLSA provenance attestation
provenance
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.148.16
1 finding
INFO
Has SLSA provenance attestation
provenance
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.148.15
1 finding
INFO
Has SLSA provenance attestation
provenance
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.148.14
1 finding
INFO
Has SLSA provenance attestation
provenance
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.