← Home

@teambit/component

npm Repository Homepage
45
Versions
Apache-2.0
License
No
Install Scripts
Missing
Provenance

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures No source commit

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

teambit-ownershohamgiladdavidfirstranm8guysaaritaymendelerezbitjoshk2redigmayona007

Keywords

bitbit-aspectbit-core-aspectcomponentscollaborationweb

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
dependencies unvetted-dep:@teambit/pkg.modules.component-package-name AI (dependencies): Same-org @teambit/* dependency; stable pattern across all versions of this package. ai
dependencies unvetted-dep:@teambit/legacy.scope AI (dependencies): Same-org @teambit/* dependency; stable pattern across all versions of this package. ai
dependencies unvetted-dep:@teambit/legacy.utils AI (dependencies): Same-org @teambit/* dependency; stable pattern across all versions of this package. ai
dependencies unvetted-dep:@teambit/legacy.loader AI (dependencies): Same-org @teambit/* dependency; stable pattern across all versions of this package. ai
dependencies unvetted-dep:@teambit/scope.remotes AI (dependencies): Same-org @teambit/* dependency; stable pattern across all versions of this package. ai
dependencies unvetted-dep:@teambit/legacy.bit-map AI (dependencies): Same-org @teambit/* dependency; stable pattern across all versions of this package. ai
dependencies unvetted-dep:@teambit/legacy.consumer AI (dependencies): Same-org @teambit/* dependency; stable pattern across all versions of this package. ai
dependencies unvetted-dep:@teambit/graph.cleargraph AI (dependencies): Same-org @teambit/* dependency; stable pattern across all versions of this package. ai
dependencies unvetted-dep:@teambit/legacy.constants AI (dependencies): Same-org @teambit/* dependency; stable pattern across all versions of this package. ai
dependencies unvetted-dep:@teambit/component.sources AI (dependencies): Same-org @teambit/* dependency; stable pattern across all versions of this package. ai
dependencies unvetted-dep:@teambit/toolbox.path.path AI (dependencies): Same-org @teambit/* dependency; stable pattern across all versions of this package. ai
dependencies unvetted-dep:@teambit/toolbox.string.eol AI (dependencies): Same-org @teambit/* dependency; stable pattern across all versions of this package. ai
dependencies unvetted-dep:@teambit/semantics.doc-parser AI (dependencies): Same-org @teambit/* dependency; stable pattern across all versions of this package. ai
dependencies unvetted-dep:@teambit/legacy.component-diff AI (dependencies): Same-org @teambit/* dependency; stable pattern across all versions of this package. ai
dependencies unvetted-dep:@teambit/legacy.extension-data AI (dependencies): Same-org @teambit/* dependency; stable pattern across all versions of this package. ai
dependencies unvetted-dep:@teambit/legacy.dependency-graph AI (dependencies): Same-org @teambit/* dependency; stable pattern across all versions of this package. ai
dependencies unvetted-dep:@teambit/legacy.consumer-component AI (dependencies): Same-org @teambit/* dependency; stable pattern across all versions of this package. ai
dependencies unvetted-dep:@teambit/pkg.modules.semver-helper AI (dependencies): Same-org @teambit/* dependency; stable pattern across all versions of this package. ai
dependencies unvetted-dep:@teambit/workspace.ui.use-workspace-mode AI (dependencies): Same-org @teambit/* dependency; stable pattern across all versions of this package. ai
phantom-deps phantom-dep:@teambit/base-ui.layout.breakpoints AI (phantom-deps): Same-org @teambit/* phantom dep; stable false positive for this monorepo package. ai

Versions (showing 45 of 45)

Version Deps Published
1.0.983 83 / 9
1.0.982 83 / 9
1.0.981 83 / 9
1.0.980 83 / 9
1.0.979 83 / 9
1.0.978 83 / 9
1.0.977 83 / 9
1.0.976 83 / 9
1.0.972 83 / 9
1.0.971 83 / 9
1.0.970 83 / 9
1.0.969 83 / 9
1.0.968 83 / 9
1.0.967 83 / 9
1.0.966 83 / 9
1.0.965 83 / 9
1.0.964 83 / 9
1.0.963 83 / 9
1.0.962 83 / 9
1.0.960 83 / 9
1.0.959 83 / 9
1.0.958 83 / 9
1.0.957 83 / 9
1.0.955 83 / 9
1.0.954 83 / 9
1.0.953 83 / 9
1.0.952 83 / 9
1.0.949 83 / 9
1.0.948 83 / 9
1.0.947 83 / 9
1.0.946 83 / 9
1.0.945 83 / 9
1.0.943 83 / 9
1.0.941 83 / 9
1.0.940 83 / 9
1.0.939 83 / 9
1.0.937 83 / 9
1.0.935 83 / 9
1.0.933 83 / 9
1.0.931 83 / 9
1.0.930 83 / 9
1.0.929 83 / 9
1.0.926 83 / 9
1.0.925 83 / 9
1.0.615 83 / 9

v1.0.983

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.982

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.981

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.980

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.979

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.978

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.977

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.976

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.972

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.971

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.970

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.969

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.615

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.