@tellescope/video-chat
Shared UI components designed with support for React and React Native in mind. To be used across Tellescope web apps and open-sourced modules.
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| bogus-package | bogus-package | AI (bogus-package): Monorepo component; sparse README and missing keywords are stable for this package. | ai | |
| provenance | no-provenance | AI (provenance): Consistent across 810 versions; not a new risk for this package. | ai | |
| dependencies | unvetted-dep:amazon-chime-sdk-js | AI (dependencies): Expected core dependency for a video-chat component library built on Amazon Chime SDK. | ai | |
| dependencies | unvetted-dep:amazon-chime-sdk-component-library-react | AI (dependencies): Expected UI dependency for a Chime-based video-chat component library. | ai | |
| dependencies | unvetted-dep:@tellescope/react-components | AI (dependencies): Same-org sibling package; consistent with the @tellescope monorepo pattern. | ai | |
| phantom-deps | phantom-dep:@tellescope/sdk | AI (phantom-deps): Same-org dep; phantom signal is a false positive for this monorepo structure. | ai | |
| phantom-deps | phantom-dep:@fontsource/roboto | AI (phantom-deps): Font dep declared in dependencies; org packaging pattern. | ai | |
| phantom-deps | phantom-dep:@mui/icons-material | AI (phantom-deps): UI dep declared in dependencies; org packaging pattern. | ai | |
| phantom-deps | phantom-dep:eslint-plugin-react | AI (phantom-deps): Dev tooling in dependencies; org packaging pattern. | ai | |
| phantom-deps | phantom-dep:eslint | AI (phantom-deps): Dev tooling listed in dependencies instead of devDependencies; stable packaging pattern for this org. | ai | |
| phantom-deps | phantom-dep:@tellescope/utilities | AI (phantom-deps): Same-org dep; false positive for monorepo structure. | ai | |
| phantom-deps | phantom-dep:@typescript-eslint/parser | AI (phantom-deps): Dev tooling in dependencies; org packaging pattern. | ai | |
| phantom-deps | phantom-dep:@typescript-eslint/eslint-plugin | AI (phantom-deps): Dev tooling in dependencies; org packaging pattern. | ai | |
| phantom-deps | phantom-dep:@tellescope/constants | AI (phantom-deps): Same-org dep; false positive for monorepo structure. | ai | |
| phantom-deps | phantom-dep:@mui/material | AI (phantom-deps): UI peer dep declared in dependencies; consistent across tellescope org packages. | ai | |
| phantom-deps | phantom-dep:styled-system | AI (phantom-deps): Styling dep declared in dependencies; org packaging pattern. | ai | |
| phantom-deps | phantom-dep:@emotion/react | AI (phantom-deps): MUI peer dep declared in dependencies; org packaging pattern. | ai | |
| phantom-deps | phantom-dep:@emotion/styled | AI (phantom-deps): MUI peer dep declared in dependencies; org packaging pattern. | ai |
Versions (showing 51 of 99)
| Version | Deps | Published |
|---|---|---|
| 1.252.1 | 20 / 3 | |
| 1.252.0 | 20 / 3 | |
| 1.251.0 | 20 / 3 | |
| 1.250.2 | 20 / 3 | |
| 1.250.1 | 20 / 3 | |
| 1.250.0 | 20 / 3 | |
| 1.249.2 | 20 / 3 | |
| 1.249.1 | 20 / 3 | |
| 1.248.0 | 20 / 3 | |
| 1.245.1 | 20 / 3 | |
| 1.245.0 | 20 / 3 | |
| 1.244.4 | 20 / 3 | |
| 1.244.3 | 20 / 3 | |
| 1.244.2 | 20 / 3 | |
| 1.244.1 | 20 / 3 | |
| 1.244.0 | 20 / 3 | |
| 1.243.1 | 20 / 3 | |
| 1.243.0 | 20 / 3 | |
| 1.242.10 | 20 / 3 | |
| 1.242.9 | 20 / 3 | |
| 1.242.8 | 20 / 3 | |
| 1.242.7 | 20 / 3 | |
| 1.242.6 | 20 / 3 | |
| 1.242.5 | 20 / 3 | |
| 1.242.4 | 20 / 3 | |
| 1.242.3 | 20 / 3 | |
| 1.242.2 | 20 / 3 | |
| 1.242.1 | 20 / 3 | |
| 1.242.0 | 20 / 3 | |
| 1.241.0 | 20 / 3 | |
| 1.240.0 | 20 / 3 | |
| 1.239.1 | 20 / 3 | |
| 1.239.0 | 20 / 3 | |
| 1.238.0 | 20 / 3 | |
| 1.237.6 | 20 / 3 | |
| 1.237.5 | 20 / 3 | |
| 1.237.4 | 20 / 3 | |
| 1.237.3 | 20 / 3 | |
| 1.237.2 | 20 / 3 | |
| 1.237.1 | 20 / 3 | |
| 1.237.0 | 20 / 3 | |
| 1.236.2 | 20 / 3 | |
| 1.236.1 | 20 / 3 | |
| 1.236.0 | 20 / 3 | |
| 1.235.2 | 20 / 3 | |
| 1.235.1 | 20 / 3 | |
| 1.235.0 | 20 / 3 | |
| 1.234.1 | 20 / 3 | |
| 1.234.0 | 20 / 3 | |
| 1.233.1 | 20 / 3 | |
| 1.233.0 | 20 / 3 |
v1.252.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.252.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.251.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.250.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.250.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.250.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.249.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.249.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.248.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.245.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.245.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.244.4
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.244.3
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.244.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.244.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.244.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.243.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.243.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.242.10
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.242.9
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.242.8
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.242.7
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.242.6
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.242.5
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.242.4
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.242.3
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.242.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.242.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.242.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.241.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.240.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.239.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.239.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.238.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.237.6
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.237.5
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.237.4
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.237.3
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.237.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.237.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.237.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.236.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.236.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.236.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.235.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.235.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.235.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.234.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.234.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.233.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.233.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.