@terreno/ui — Greenflagged

[![Netlify Status](https://api.netlify.com/api/v1/badges/ffd05ee5-fbcf-417e-8455-45ea15447361/deploy-status)](https://app.netlify.com/sites/terreno-ui/deploys)

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures gitHead linked

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

ashflourishingservercobra

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
phantom-deps	phantom-dep:react-datetime-picker	AI (phantom-deps): UI library pattern; stable false positive for this package.	ai	2026/06/02
phantom-deps	phantom-dep:react-app-polyfill	AI (phantom-deps): Referenced in babel/browserslist config, not direct import; stable false positive.	ai	2026/06/02
phantom-deps	phantom-dep:react-time-picker	AI (phantom-deps): Same as above; platform-specific UI dep pattern.	ai	2026/06/02
phantom-deps	phantom-dep:react-date-picker	AI (phantom-deps): UI library with platform-specific deps; phantom-dep heuristic unreliable for this package.	ai	2026/06/02
phantom-deps	phantom-dep:@react-native-community/blur	AI (phantom-deps): Platform-specific native binary dep; phantom-dep heuristic not applicable.	ai	2026/06/02
phantom-deps	phantom-dep:react-native-webview	AI (phantom-deps): Platform-specific native dep; expected for RN UI library.	ai	2026/05/05
phantom-deps	phantom-dep:react-dev-utils	AI (phantom-deps): Config-referenced dev dep; expected pattern.	ai	2026/05/05
phantom-deps	phantom-dep:expo-font	AI (phantom-deps): Platform/config-referenced dep; expected pattern for Expo UI library.	ai	2026/05/05
phantom-deps	phantom-dep:react-dom	AI (phantom-deps): Web platform dep; expected for cross-platform RN library.	ai	2026/05/05
phantom-deps	phantom-dep:expo-linking	AI (phantom-deps): Config-referenced Expo dep; expected pattern.	ai	2026/05/05
phantom-deps	phantom-dep:expo-updates	AI (phantom-deps): Config-referenced Expo dep; expected pattern.	ai	2026/05/05
phantom-deps	phantom-dep:expo-web-browser	AI (phantom-deps): Config-referenced Expo dep; expected pattern.	ai	2026/05/05
phantom-deps	phantom-dep:react-native-web	AI (phantom-deps): Platform-specific binary dep; expected for RN web support.	ai	2026/05/05
phantom-deps	phantom-dep:react-native-screens	AI (phantom-deps): Platform-specific native dep; expected for RN navigation.	ai	2026/05/05
phantom-deps	phantom-dep:react-native-safe-area-context	AI (phantom-deps): Platform-specific native dep; expected for RN UI library.	ai	2026/05/05
phantom-deps	phantom-dep:expo-router	AI (phantom-deps): Config-referenced Expo dep; expected pattern.	ai	2026/05/05
phantom-deps	phantom-dep:expo-notifications	AI (phantom-deps): Config-referenced Expo dep; expected pattern.	ai	2026/05/05
phantom-deps	phantom-dep:expo-splash-screen	AI (phantom-deps): Config-referenced Expo dep; expected pattern.	ai	2026/05/05
phantom-deps	phantom-dep:react-native-picker-select	AI (phantom-deps): Platform-specific native dep; expected for RN UI library.	ai	2026/05/05
phantom-deps	phantom-dep:react-native-worklets	AI (phantom-deps): Platform-specific native dep; expected for RN reanimated.	ai	2026/05/05
provenance	no-provenance	AI (provenance): No provenance is common; no other risk signals present.	ai	2026/05/05
typosquat	typosquat.levenshtein:uuid	AI (typosquat): Scoped UI library; no resemblance to uuid in purpose or namespace.	ai	2026/05/05
typosquat	typosquat.levenshtein:yup	AI (typosquat): Scoped UI library; no resemblance to yup in purpose or namespace.	ai	2026/05/05
typosquat	typosquat.levenshtein:joi	AI (typosquat): Scoped UI library; no resemblance to joi in purpose or namespace.	ai	2026/05/05
typosquat	typosquat.levenshtein:qs	AI (typosquat): Scoped UI library; no resemblance to qs in purpose or namespace.	ai	2026/05/05
typosquat	typosquat.levenshtein:pg	AI (typosquat): Scoped UI library; no resemblance to pg in purpose or namespace.	ai	2026/05/05