@thesvg/vue
Typed Vue 3 SVG components for all 4000+ brand icons from thesvg.org
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:dist/denojs.cjs | AI (source-diff): Long lines are SVG path data in auto-generated icon components, not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/cplusplus-builder.cjs | AI (source-diff): Long lines are SVG path data in auto-generated icon components, not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/corejs.cjs | AI (source-diff): Long lines are SVG path data in auto-generated icon components, not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/anker.cjs | AI (source-diff): Auto-generated SVG component with long path data strings; not obfuscated code. | ai | |
| source-diff | obfuscated-file:dist/apl.cjs | AI (source-diff): Auto-generated SVG component with long path data strings; not obfuscated code. | ai | |
| source-diff | obfuscated-file:dist/asiana-airlines.cjs | AI (source-diff): Auto-generated SVG component with long path data strings; not obfuscated code. | ai | |
| source-diff | obfuscated-file:dist/awk.cjs | AI (source-diff): Auto-generated SVG component with long path data strings; not obfuscated code. | ai | |
| source-diff | obfuscated-file:dist/bajaj-auto.cjs | AI (source-diff): Auto-generated SVG component with long path data strings; not obfuscated code. | ai | |
| source-diff | obfuscated-file:dist/bethesda.cjs | AI (source-diff): Auto-generated SVG component with long path data strings; not obfuscated code. | ai | |
| source-diff | large-new-source-files | AI (source-diff): 4000+ icon library; large file count is expected and consistent with package description. | ai | |
| source-diff | obfuscated-file:dist/aviva.cjs | AI (source-diff): Auto-generated SVG component with long path data strings; not obfuscated code. | ai | |
| source-diff | obfuscated-file:dist/al-jazeera.cjs | AI (source-diff): Auto-generated SVG component with long path data strings; not obfuscated code. | ai | |
| source-diff | obfuscated-file:dist/amplitude.cjs | AI (source-diff): Auto-generated SVG component with long path data strings; not obfuscated code. | ai | |
| typosquat | typosquat.levenshtein:vite | AI (typosquat): Scoped SVG icon package; edit-distance match to 'vite' is a heuristic false positive. | ai | |
| typosquat | typosquat.levenshtein:yup | AI (typosquat): Scoped SVG icon package; edit-distance match to 'yup' is a heuristic false positive. | ai |
Versions (showing 16 of 16)
| Version | Deps | Published |
|---|---|---|
| 3.0.5 | 0 / 2 | |
| 3.0.4 | 0 / 2 | |
| 3.0.3 | 0 / 2 | |
| 3.0.2 | 0 / 2 | |
| 3.0.1 | 0 / 2 | |
| 3.0.0 | 0 / 2 | |
| 2.1.12 | 0 / 2 | |
| 2.1.11 | 0 / 2 | |
| 2.1.10 | 0 / 2 | |
| 2.1.9 | 0 / 2 | |
| 2.1.7 | 0 / 2 | |
| 2.1.6 | 0 / 2 | |
| 2.1.5 | 0 / 2 | |
| 2.1.4 | 0 / 2 | |
| 2.1.3 | 0 / 2 | |
| 2.1.2 | 0 / 2 |
v3.0.5
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.0
10 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.1.12
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.1.11
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.1.10
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.1.9
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.1.7
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.1.5
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.1.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.1.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.1.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.