@tanstack/solid-start-server
25
Versions
—
License
No
Install Scripts
Verified
Provenance
Supply chain provenance
Status for the latest visible version.
SLSA provenance attestation
npm registry signatures
No source commit
Maintainers
tannerlinsleytkdodoalemtuzlakkevinvandyschiller-manuel
Keywords
solidlocationrouterroutingasyncasync routertypescript
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| phantom-deps | phantom-dep:jsesc | AI (phantom-deps): Config-referenced dependency; stable for framework packages. | ai | |
| phantom-deps | phantom-dep:unctx | AI (phantom-deps): Config-referenced dependency; stable for framework packages. | ai | |
| phantom-deps | phantom-dep:h3 | AI (phantom-deps): Config-referenced dependency; stable for framework packages. | ai | |
| phantom-deps | phantom-dep:tiny-warning | AI (phantom-deps): Config-referenced dependency; stable for framework packages. | ai | |
| provenance | publisher-changed | AI (provenance): Publisher changed from tannerlinsley to GitHub Actions as part of a deliberate move to automated CI/CD publishing with SLSA provenance. This is a security improvement, not a compromise indicator. | ai | |
| maintainer-change | maintainer-added | AI (maintainer-change): lachlancollins is a known TanStack contributor; addition is consistent with legitimate team growth alongside the move to automated publishing. | ai | |
| dependencies | unvetted-dep:@solidjs/meta | AI (dependencies): Well-known SolidJS ecosystem package for head/meta management; expected dep for a SolidJS meta-framework. | ai | |
| phantom-deps | phantom-dep:@solidjs/meta | AI (phantom-deps): Referenced in config files for meta-framework head management; not a direct import but a legitimate declared dependency. | ai | |
| phantom-deps | phantom-dep:@tanstack/history | AI (phantom-deps): Same-org TanStack package used indirectly through router dependencies; stable pattern for this package. | ai | |
| phantom-deps | phantom-dep:@tanstack/start-client-core | AI (phantom-deps): Same-org TanStack package; indirect usage pattern is stable for this meta-framework package. | ai | |
| dependencies | unvetted-dep:@tanstack/router-core | AI (dependencies): Same-org TanStack dependency; expected transitive dep for TanStack Start packages across all versions. | ai | |
| dependencies | unvetted-dep:@tanstack/start-client-core | AI (dependencies): Same-org TanStack dependency; expected for TanStack Start server package across all versions. | ai | |
| dependencies | unvetted-dep:@tanstack/solid-router | AI (dependencies): Same-org TanStack dependency; core dependency for this SolidJS router package across all versions. | ai | |
| dependencies | unvetted-dep:@tanstack/start-server-core | AI (dependencies): Same-org TanStack dependency; expected core dep for this server package across all versions. | ai |
Versions (showing 25 of 427)
| Version | Deps | Published |
|---|---|---|
| 1.121.16 | 11 / 5 | |
| 1.121.15 | 11 / 5 | |
| 1.121.14 | 11 / 5 | |
| 1.121.12 | 11 / 5 | |
| 1.121.10 | 11 / 5 | |
| 1.121.3 | 11 / 5 | |
| 1.121.2 | 11 / 5 | |
| 1.121.0 | 11 / 5 | |
| 1.120.19 | 11 / 5 | |
| 1.120.17 | 11 / 5 | |
| 1.120.16 | 11 / 5 | |
| 1.120.15 | 11 / 5 | |
| 1.120.13 | 11 / 5 | |
| 1.120.10 | 11 / 5 | |
| 1.120.9 | 11 / 5 | |
| 1.120.8 | 11 / 5 | |
| 1.120.7 | 11 / 5 | |
| 1.120.5 | 11 / 5 | |
| 1.120.4 | 11 / 5 | |
| 1.120.3 | 11 / 5 | |
| 1.120.2 | 11 / 5 | |
| 1.120.1 | 11 / 5 | |
| 1.120.0 | 11 / 5 | |
| 1.119.0 | 11 / 5 | |
| 1.117.1 | 11 / 5 |
v1.121.10
1 finding
INFO
Has SLSA provenance attestation
provenance
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.120.0
1 finding
INFO
Has SLSA provenance attestation
provenance
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.