@tiptap/static-renderer No license 51 versions

@tiptap/static-renderer

npm Repository Homepage

51

Versions

—

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

arnaugomeztiptappatrickbabertimoisik_bdbchsvenadlungtiptap-bot

Keywords

tiptaptiptap react renderertiptap static renderer

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
provenance	publisher-changed	AI (provenance): Transition from tiptap-bot to GitHub Actions CI is a legitimate infra change, confirmed by SLSA provenance attestation.	ai	2026/05/06

Versions (showing 51 of 85)

View all versions

Version	Deps	Published
3.25.0	0 / 6	2026-06-03
3.24.0	0 / 6	2026-05-29
3.23.6	0 / 6	2026-05-21
3.23.5	0 / 6	2026-05-19
3.23.4	0 / 6	2026-05-13
3.23.2	0 / 6	2026-05-12
3.23.1	0 / 6	2026-05-08
3.22.5	0 / 6	2026-04-28
3.22.4	0 / 6	2026-04-18
3.22.3	0 / 6	2026-04-08
3.22.2	0 / 6	2026-04-04
3.22.1	0 / 6	2026-04-02
3.22.0	0 / 6	2026-03-31
3.21.0	0 / 6	2026-03-27
3.20.6	0 / 6	2026-03-27
3.20.5	0 / 6	2026-03-24
3.20.4	0 / 6	2026-03-17
3.20.3	0 / 6	2026-03-16
3.20.2	0 / 6	2026-03-15
3.20.1	0 / 6	2026-03-06
3.20.0	0 / 6	2026-02-18
3.19.0	0 / 6	2026-02-03
3.18.0	0 / 6	2026-01-28
3.17.1	0 / 6	2026-01-24
3.17.0	0 / 6	2026-01-23
3.16.0	0 / 6	2026-01-20
3.15.3	0 / 6	2026-01-07
3.15.2	0 / 6	2026-01-07
3.15.1	0 / 6	2026-01-06
3.15.0	0 / 6	2026-01-05
3.14.0	0 / 6	2025-12-19
3.13.0	0 / 6	2025-12-05
3.12.1	0 / 6	2025-12-03
3.12.0	0 / 6	2025-12-02
3.11.1	0 / 6	2025-11-27
3.11.0	0 / 6	2025-11-19
3.10.8	0 / 6	2025-11-18
3.10.7	0 / 6	2025-11-12
3.10.6	0 / 6	2025-11-12
3.10.5	0 / 6	2025-11-10
3.10.4	0 / 6	2025-11-08
3.10.3	0 / 6	2025-11-07
3.10.2	0 / 6	2025-11-05
3.10.1	0 / 6	2025-10-30
3.10.0	0 / 6	2025-10-30
3.9.1	0 / 6	2025-10-29
3.9.0	0 / 6	2025-10-28
3.8.0	0 / 6	2025-10-24
3.7.2	0 / 6	2025-10-16
3.7.1	0 / 6	2025-10-15
3.7.0	0 / 6	2025-10-14

v3.25.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.24.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.23.6

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.23.5

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.23.4

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.23.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.23.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.22.4

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.22.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.22.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.22.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.22.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.21.0

2 findings

HIGH Publisher changed: tiptap-bot → GitHub Actions (on 2026-03-27) provenance

This version was published by a different npm account than previous versions on 2026-03-27. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.20.6

2 findings

HIGH Publisher changed: tiptap-bot → GitHub Actions (on 2026-03-27) provenance

This version was published by a different npm account than previous versions on 2026-03-27. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.20.5

2 findings

HIGH Publisher changed: tiptap-bot → GitHub Actions (on 2026-03-24) provenance

This version was published by a different npm account than previous versions on 2026-03-24. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.20.4

2 findings

HIGH Publisher changed: tiptap-bot → GitHub Actions (on 2026-03-17) provenance

This version was published by a different npm account than previous versions on 2026-03-17. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.20.3

2 findings

HIGH Publisher changed: tiptap-bot → GitHub Actions (on 2026-03-16) provenance

This version was published by a different npm account than previous versions on 2026-03-16. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.20.2

2 findings

HIGH Publisher changed: tiptap-bot → GitHub Actions (on 2026-03-15) provenance

This version was published by a different npm account than previous versions on 2026-03-15. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.20.1

2 findings

HIGH Publisher changed: tiptap-bot → GitHub Actions (on 2026-03-06) provenance

This version was published by a different npm account than previous versions on 2026-03-06. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.20.0

2 findings

HIGH Publisher changed: tiptap-bot → GitHub Actions (on 2026-02-18) provenance

This version was published by a different npm account than previous versions on 2026-02-18. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.19.0

2 findings

HIGH Publisher changed: tiptap-bot → GitHub Actions (on 2026-02-03) provenance

This version was published by a different npm account than previous versions on 2026-02-03. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.18.0

2 findings

HIGH Publisher changed: tiptap-bot → GitHub Actions (on 2026-01-28) provenance

This version was published by a different npm account than previous versions on 2026-01-28. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.17.1

2 findings

HIGH Publisher changed: tiptap-bot → GitHub Actions (on 2026-01-24) provenance

This version was published by a different npm account than previous versions on 2026-01-24. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.17.0

2 findings

HIGH Publisher changed: tiptap-bot → GitHub Actions (on 2026-01-23) provenance

This version was published by a different npm account than previous versions on 2026-01-23. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.16.0

2 findings

HIGH Publisher changed: tiptap-bot → GitHub Actions (on 2026-01-20) provenance

This version was published by a different npm account than previous versions on 2026-01-20. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.15.3

2 findings

HIGH Publisher changed: tiptap-bot → GitHub Actions (on 2026-01-07) provenance

This version was published by a different npm account than previous versions on 2026-01-07. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.15.2

2 findings

HIGH Publisher changed: tiptap-bot → GitHub Actions (on 2026-01-07) provenance

This version was published by a different npm account than previous versions on 2026-01-07. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.15.1

2 findings

HIGH Publisher changed: tiptap-bot → GitHub Actions (on 2026-01-06) provenance

This version was published by a different npm account than previous versions on 2026-01-06. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.15.0

2 findings

HIGH Publisher changed: tiptap-bot → GitHub Actions (on 2026-01-05) provenance

This version was published by a different npm account than previous versions on 2026-01-05. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.14.0

2 findings

HIGH Publisher changed: tiptap-bot → GitHub Actions (on 2025-12-19) provenance

This version was published by a different npm account than previous versions on 2025-12-19. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.13.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.12.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.12.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.11.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.11.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.10.8

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.10.7

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.10.6

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.10.5

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.10.4

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.10.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.10.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.10.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.10.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.9.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.9.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.8.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.7.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.7.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.7.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.