← Home

@tanstack/router-devtools-core

npm Repository Homepage
71
Versions
License
No
Install Scripts
Verified
Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

tannerlinsleytkdodoalemtuzlakkevinvandyschiller-manuel

Keywords

reactlocationrouterroutingasyncasync routertypescript

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
source-diff obfuscated-file:dist/FloatingTanStackRouterDevtools-TVrd9NKL.cjs AI (source-diff): Standard minified build output for TanStack devtools UI; samples show normal SolidJS/SVG component code. ai
source-diff obfuscated-file:dist/FloatingTanStackRouterDevtools-B12ktJLj.js AI (source-diff): Standard minified build output for TanStack devtools UI; samples show normal SolidJS/SVG component code. ai
source-diff obfuscated-file:dist/FloatingTanStackRouterDevtools-M-UhaKLc.cjs AI (source-diff): Long lines are inlined SVG markup in minified build output, not obfuscation; stable pattern for this package. ai
source-diff obfuscated-file:dist/FloatingTanStackRouterDevtools-U4pxMObm.js AI (source-diff): Same minified SVG/SolidJS build artifact pattern; no malicious content. ai
source-diff obfuscated-file:dist/FloatingTanStackRouterDevtools-Dz-7tBRe.js AI (source-diff): Standard minified build output from vite build; samples show legitimate SolidJS/SVG devtools code, no malicious patterns. ai
source-diff obfuscated-file:dist/FloatingTanStackRouterDevtools-BGIBDKFY.cjs AI (source-diff): Standard minified build output from vite build; samples show legitimate SolidJS/SVG devtools code, no malicious patterns. ai
source-diff obfuscated-file:dist/FloatingTanStackRouterDevtools-CnpwH7La.js AI (source-diff): Standard minified build output from official TanStack Router monorepo; SLSA provenance confirms CI/CD origin. ai
source-diff obfuscated-file:dist/FloatingTanStackRouterDevtools-CQ2gLjaA.cjs AI (source-diff): Standard minified build output from official TanStack Router monorepo; SLSA provenance confirms CI/CD origin. ai
source-diff obfuscated-file:dist/FloatingTanStackRouterDevtools-Oh23ljuQ.cjs AI (source-diff): Vite-minified bundle with readable imports and SVG content; not obfuscated malware. ai
source-diff obfuscated-file:dist/FloatingTanStackRouterDevtools-CXkXeTp3.js AI (source-diff): Vite-minified bundle with readable imports and SVG content; not obfuscated malware. ai
source-diff obfuscated-file:dist/FloatingTanStackRouterDevtools-T0qLsnH5.js AI (source-diff): Standard Vite build output with minified SVG/JS; not obfuscated malware. Stable pattern for this package. ai
source-diff obfuscated-file:dist/FloatingTanStackRouterDevtools-Cf2-YTwN.cjs AI (source-diff): Standard Vite build output with minified SVG/JS; not obfuscated malware. Stable pattern for this package. ai
source-diff obfuscated-file:dist/FloatingTanStackRouterDevtools-B7vy70jP.js AI (source-diff): Standard minified ESM build output; samples show normal devtools component imports, no malicious patterns. ai
source-diff obfuscated-file:dist/FloatingTanStackRouterDevtools-C-LyXpEh.cjs AI (source-diff): Standard minified build output for devtools UI; samples show SolidJS/SVG component code, no malicious patterns. ai
maintainer-change maintainer-added AI (maintainer-change): Added maintainers are known TanStack ecosystem contributors; consistent with project growth. ai
source-diff obfuscated-file:dist/FloatingTanStackRouterDevtools-DVpgfFhb.cjs AI (source-diff): Standard minified build output from vite build; content is SVG/component code, not malicious. ai
source-diff obfuscated-file:dist/FloatingTanStackRouterDevtools-g7TnL6yo.js AI (source-diff): Standard minified build output from vite build; content is SVG/component code, not malicious. ai
publish-pattern dormant-publish AI (publish-pattern): Dormancy explained by CI pipeline migration; SLSA provenance confirms legitimate publish from official repo. ai
source-diff obfuscated-file:dist/FloatingTanStackRouterDevtools-Ct_Co0zZ.cjs AI (source-diff): Minified build artifact containing SVG template strings for devtools UI; not obfuscated malicious code. ai
source-diff obfuscated-file:dist/FloatingTanStackRouterDevtools-DymJEvfG.js AI (source-diff): Minified build artifact containing SVG template strings for devtools UI; not obfuscated malicious code. ai
source-diff obfuscated-file:dist/FloatingTanStackRouterDevtools-ibA2ahop.cjs AI (source-diff): Minified build artifact containing inline SVG/CSS; no malicious code patterns in sample. ai
provenance publisher-changed AI (provenance): TanStack/router publishes via GitHub Actions CI with SLSA provenance; this is the expected publisher for this org. ai
source-diff obfuscated-file:dist/FloatingTanStackRouterDevtools-CaypUmOS.js AI (source-diff): Minified build artifact containing inline SVG/CSS; no malicious code patterns in sample. ai
source-diff obfuscated-file:dist/FloatingTanStackRouterDevtools-BuIlKO5O.cjs AI (source-diff): Minified build output with readable SVG/SolidJS content; standard bundler output for this devtools package. ai
source-diff obfuscated-file:dist/FloatingTanStackRouterDevtools-eWh8pOeT.js AI (source-diff): Minified build output with readable SVG/SolidJS content; standard bundler output for this devtools package. ai
phantom-deps phantom-dep:vite AI (phantom-deps): vite is a build tool listed as a runtime dep but used only for building; stable false positive for this package. ai

Versions (showing 71 of 271)

Version Deps Published
1.130.17 3 / 1
1.130.13 3 / 1
1.130.12 3 / 1
1.130.11 3 / 1
1.130.10 3 / 1
1.130.9 3 / 1
1.130.8 3 / 1
1.130.7 3 / 1
1.130.6 3 / 1
1.130.5 3 / 1
1.130.2 3 / 1
1.130.1 3 / 1
1.130.0 3 / 1
1.129.9 3 / 1
1.129.8 3 / 1
1.129.7 3 / 1
1.129.5 3 / 1
1.129.4 3 / 1
1.129.3 3 / 1
1.129.2 3 / 1
1.129.0 3 / 1
1.128.8 3 / 1
1.128.7 3 / 1
1.128.6 3 / 1
1.128.4 3 / 1
1.128.3 3 / 1
1.128.0 3 / 1
1.127.8 3 / 1
1.127.3 3 / 1
1.127.2 3 / 1
1.127.0 3 / 1
1.126.2 3 / 1
1.125.4 3 / 1
1.125.3 3 / 1
1.125.1 3 / 1
1.125.0 3 / 1
1.124.2 3 / 1
1.124.0 3 / 1
1.123.2 3 / 1
1.123.0 3 / 1
1.122.0 3 / 1
1.121.40 3 / 1
1.121.39 3 / 1
1.121.34 3 / 1
1.121.33 3 / 1
1.121.27 3 / 1
1.121.21 3 / 1
1.121.20 3 / 1
1.121.19 3 / 1
1.121.18 3 / 1
1.121.17 3 / 1
1.121.16 3 / 1
1.121.15 3 / 1
1.121.14 3 / 1
1.121.12 3 / 1
1.121.8 3 / 1
1.121.2 2 / 2
1.121.0 2 / 2
1.120.19 2 / 2
1.120.17 2 / 2
1.120.15 2 / 2
1.120.13 2 / 2
1.120.12 2 / 2
1.120.10 2 / 2
1.120.9 2 / 2
1.120.8 2 / 2
1.120.7 2 / 2
1.120.6 2 / 2
1.120.5 2 / 2
1.120.4 2 / 2
1.120.3 2 / 2

v1.130.17

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.130.13

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.130.12

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.130.11

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.130.10

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.130.9

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.130.8

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.130.7

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.130.6

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.130.5

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.130.2

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.130.1

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.130.0

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.129.9

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.129.8

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.129.7

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.129.5

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.129.4

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.129.3

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.129.2

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.129.0

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.128.8

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.128.7

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.128.6

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.128.4

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.128.3

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.128.0

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.127.8

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.127.3

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.127.2

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.127.0

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.126.2

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.125.4

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.125.3

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.125.1

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.125.0

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.124.2

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.124.0

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.123.2

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.123.0

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.122.0

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.121.40

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.121.39

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.121.34

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.121.33

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.121.27

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.121.21

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.121.20

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.121.19

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.121.18

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.121.17

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.121.16

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.121.15

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.121.14

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.121.12

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.121.8

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.121.2

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.121.0

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.120.19

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.120.17

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.120.15

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.120.13

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.120.12

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.120.10

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.120.9

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.120.8

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.120.7

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.120.6

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.120.5

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.120.4

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.120.3

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.