@teambit/vue-aspect — Greenflagged

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures No source commit

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

teambit-ownershohamgiladdavidfirstranm8guysaaritaymendelerezbitjoshk2redigmayona007

Keywords

bitbit-aspectbit-core-aspectcomponentscollaborationweb

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
npm-metadata	no-description	AI (npm-metadata): Bit ecosystem package; missing description is common in monorepo-published components.	ai	2026/04/30
provenance	no-provenance	AI (provenance): Teambit publisher; provenance not yet enabled but not a blocker for established ecosystem.	ai	2026/04/30
dependencies	unvetted-dep:@teambit/schema	AI (dependencies): Internal @teambit ecosystem dep; consistent with Bit platform package family.	ai	2026/04/29
dependencies	unvetted-dep:@teambit/harmony	AI (dependencies): Internal @teambit ecosystem dep; consistent with Bit platform package family.	ai	2026/04/29
dependencies	unvetted-dep:@teambit/api-reference	AI (dependencies): Internal @teambit ecosystem dep; consistent with Bit platform package family.	ai	2026/04/29
dependencies	unvetted-dep:@teambit/documenter.ui.table	AI (dependencies): Internal @teambit ecosystem dep; consistent with Bit platform package family.	ai	2026/04/29
dependencies	unvetted-dep:@teambit/ui	AI (dependencies): Internal @teambit ecosystem dep; consistent with Bit platform package family.	ai	2026/04/29
dependencies	unvetted-dep:@teambit/semantics.entities.semantic-schema	AI (dependencies): Internal @teambit ecosystem dep; consistent with Bit platform package family.	ai	2026/04/29
dependencies	unvetted-dep:@teambit/api-reference.models.api-node-renderer	AI (dependencies): Internal @teambit ecosystem dep; consistent with Bit platform package family.	ai	2026/04/29
dependencies	unvetted-dep:@teambit/api-reference.models.api-reference-model	AI (dependencies): Internal @teambit ecosystem dep; consistent with Bit platform package family.	ai	2026/04/29
dependencies	unvetted-dep:@teambit/documenter.ui.table-row	AI (dependencies): Internal @teambit ecosystem dep; consistent with Bit platform package family.	ai	2026/04/29
dependencies	unvetted-dep:@teambit/cli	AI (dependencies): Internal @teambit ecosystem dep; consistent with Bit platform package family.	ai	2026/04/29

Versions (showing 51 of 339)

View all versions

Version	Deps	Published
0.0.385	12 / 1	2026-06-15
0.0.384	12 / 1	2026-06-15
0.0.383	12 / 1	2026-06-11
0.0.382	12 / 1	2026-06-11
0.0.381	12 / 1	2026-06-11
0.0.380	12 / 1	2026-06-10
0.0.379	12 / 1	2026-06-10
0.0.378	12 / 1	2026-06-09
0.0.377	12 / 1	2026-06-09
0.0.376	12 / 1	2026-06-08
0.0.375	12 / 1	2026-06-08
0.0.374	12 / 1	2026-06-08
0.0.373	12 / 1	2026-06-05
0.0.372	12 / 1	2026-06-04
0.0.371	12 / 1	2026-06-04
0.0.370	12 / 1	2026-06-03
0.0.369	12 / 1	2026-06-03
0.0.368	12 / 1	2026-05-29
0.0.367	12 / 1	2026-05-28
0.0.366	12 / 1	2026-05-28
0.0.365	12 / 1	2026-05-28
0.0.364	12 / 1	2026-05-27
0.0.363	12 / 1	2026-05-26
0.0.362	12 / 1	2026-05-25
0.0.361	12 / 1	2026-05-20
0.0.360	12 / 1	2026-05-20
0.0.359	12 / 1	2026-05-19
0.0.358	12 / 1	2026-05-19
0.0.357	12 / 1	2026-05-18
0.0.356	12 / 1	2026-05-18
0.0.355	12 / 1	2026-05-15
0.0.354	12 / 1	2026-05-15
0.0.353	12 / 1	2026-05-14
0.0.352	12 / 1	2026-05-13
0.0.351	12 / 1	2026-05-13
0.0.350	12 / 1	2026-05-13
0.0.349	12 / 1	2026-05-12
0.0.348	12 / 1	2026-05-12
0.0.347	12 / 1	2026-05-12
0.0.346	12 / 1	2026-05-12
0.0.345	12 / 1	2026-05-11
0.0.344	12 / 1	2026-05-11
0.0.343	12 / 1	2026-05-11
0.0.342	12 / 1	2026-05-08
0.0.341	12 / 1	2026-05-07
0.0.340	12 / 1	2026-05-07
0.0.339	12 / 1	2026-05-05
0.0.338	12 / 1	2026-04-30
0.0.337	12 / 1	2026-04-30
0.0.336	12 / 1	2026-04-29
0.0.335	12 / 1	2026-04-29

v0.0.385

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.384

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.383

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.382

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.381

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.380

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.379

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.378

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.377

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.376

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.375

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.374

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.373

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.372

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.371

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.370

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.369

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.368

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.367

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.366

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.365

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.364

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.363

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.362

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.361

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.360

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.359

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.358

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.357

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.356

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.355

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.354

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.353

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.352

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.351

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.350

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.349

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.348

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.347

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.346

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.345

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.344

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.343

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.342

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.341

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.340

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.339

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.338

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.337

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.336

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.335

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.