@tanstack/directive-functions-plugin No license 29 versions

@tanstack/directive-functions-plugin

npm Repository Homepage

29

Versions

—

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

tannerlinsleyschiller-manuellachlancollinskylemathews

Keywords

reactlocationrouterroutingasyncasync routertypescript

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
phantom-deps	phantom-dep:@babel/plugin-syntax-typescript	AI (phantom-deps): Babel plugin loaded by convention; stable for Babel-based build tools.	ai	2026/05/09
phantom-deps	phantom-dep:dedent	AI (phantom-deps): Build-time utility referenced in config; stable pattern for this package.	ai	2026/05/09
phantom-deps	phantom-dep:@babel/template	AI (phantom-deps): Babel plugin loaded by convention; stable for Babel-based build tools.	ai	2026/05/09
phantom-deps	phantom-dep:@babel/plugin-syntax-jsx	AI (phantom-deps): Babel plugin loaded by convention; stable for Babel-based build tools.	ai	2026/05/09
provenance	publisher-changed	AI (provenance): TanStack migrated to GitHub Actions CI/CD publishing with SLSA provenance attestation. This is a legitimate automation transition for the TanStack/router monorepo, not a compromise.	ai	2026/04/26
maintainer-change	maintainer-added	AI (maintainer-change): schiller-manuel and lachlancollins are known TanStack contributors. Addition is consistent with legitimate project governance expansion alongside CI/CD migration.	ai	2026/04/26
phantom-deps	phantom-dep:tiny-invariant	AI (phantom-deps): tiny-invariant is a legitimate declared dependency; phantom detection likely reflects indirect usage in this build plugin package.	ai	2026/04/26
phantom-deps	phantom-dep:@babel/traverse	AI (phantom-deps): @babel/traverse is a legitimate declared dependency used by babel-based transform plugins; indirect usage is expected in this context.	ai	2026/04/26

Versions (showing 29 of 29)

Version	Deps	Published
1.142.1	8 / 5	2025-12-20
1.141.0	8 / 5	2025-12-11
1.140.0	8 / 5	2025-12-07
1.139.0	8 / 5	2025-11-20
1.134.5	8 / 5	2025-10-31
1.133.19	8 / 5	2025-10-20
1.133.9	8 / 5	2025-10-17
1.133.3	8 / 5	2025-10-15
1.132.53	8 / 5	2025-10-12
1.132.51	8 / 5	2025-10-08
1.132.42	8 / 5	2025-10-05
1.132.31	7 / 5	2025-10-01
1.132.21	7 / 5	2025-09-28
1.132.11	7 / 5	2025-09-26
1.132.0	7 / 5	2025-09-23
1.131.2	7 / 4	2025-08-08
1.130.12	7 / 4	2025-08-01
1.129.7	7 / 4	2025-07-23
1.124.1	7 / 4	2025-07-02
1.122.1	7 / 4	2025-06-28
1.122.0	7 / 4	2025-06-27
1.121.31	7 / 4	2025-06-20
1.121.21	7 / 4	2025-06-16
1.121.20	7 / 4	2025-06-16
1.121.19	7 / 4	2025-06-16
1.121.18	7 / 4	2025-06-16
1.121.0	7 / 4	2025-06-10
1.120.17	12 / 4	2025-06-06
1.119.2	12 / 4	2025-05-04

v1.142.1

2 findings

HIGH Publisher changed: tannerlinsley → GitHub Actions (on 2025-12-20) provenance

This version was published by a different npm account than previous versions on 2025-12-20. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.134.5

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.133.19

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.133.9

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.133.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.132.53

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.132.51

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.132.42

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.132.31

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.132.21

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.132.11

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.132.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.131.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.130.12

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.129.7

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.124.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.122.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.122.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.121.31

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.121.21

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.121.20

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.121.19

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.121.18

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.121.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.120.17

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.119.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.