All @tiptap/extension-horizontal-rule versions
@tiptap/extension-horizontal-rule @2.27.0
Maintainers
Keywords
Dev Dependencies (2)
| Package | Constraint | Registry Status |
|---|---|---|
| @tiptap/pm | ^2.27.0 | auto_approved |
| @tiptap/core | ^2.27.0 | auto_approved |
Changes from v3.9.0
Dependency Changes
Script Changes
+ clean - lintFile Changes
Risk Dispositions (2 applicable to this version, 0 other)
Accepted rules are downgraded to INFO on future analyses; rejected rules escalate to CRITICAL.
| Rule | Source | Disposition | Author | Reason | |
|---|---|---|---|---|---|
regressed-provenance |
provenance | reject | AI | AI (provenance): Tiptap packages are published via CI with attestations; any version lacking provenance is anomalous and should be rejected for this package. | |
publisher-changed |
provenance | reject | AI | AI (provenance): Tiptap uses tiptap-bot for automated publishing; a switch to a personal account bypassing CI is a strong account-compromise signal for this package. |
SAST Findings (2)
This version was published without provenance, but prior versions were published via CI/CD with attestations. This is a strong signal of a potential account compromise or unauthorized publish. The axios attack (March 2026) exhibited exactly this pattern.
This version was published by a different npm account than previous versions on 2025-10-29. This could indicate a legitimate maintainer transition or an account compromise.
Review Summary
Risk score: 60. Findings: 2 high (+50), 1 medium (+10).
Commit: 247d2778baf1 Browse source
Published to npm: