@tryghost/kg-lexical-html-renderer MIT 23 versions

@tryghost/kg-lexical-html-renderer

npm Repository Homepage

Renders a lexical editor state string to a HTML string.

23

Versions

MIT

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

zimoatghostallouiskernalghostchrisraibleerisdsjohnonolankevinansfieldcobbspuraileencgnjlohminimaluminiumsam-lordpauladamdavisbobvaneckjoeegrigghadretjonhickmanerik-ghostsagzyvershwalmike182ukluissazevedolsingernickmoretonrenatoworksrblstr-ghostevanhahn-ghostweylandswartghost-slimertmciescojonatan-ghost9larsons

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
phantom-deps	phantom-dep:@lexical/code	AI (phantom-deps): Declared runtime dep used transitively via lexical ecosystem; phantom-dep heuristic false positive for this package.	ai	2026/04/29
phantom-deps	phantom-dep:@lexical/clipboard	AI (phantom-deps): Declared runtime dep used transitively via lexical ecosystem; phantom-dep heuristic false positive for this package.	ai	2026/04/29

Versions (showing 23 of 23)

Version	Deps	Published
1.4.2	10 / 14	2026-06-02
1.4.1	10 / 14	2026-04-27
1.4.0	10 / 14	2026-04-20
1.3.44	10 / 6	2026-04-02
1.3.43	10 / 6	2026-04-02
1.3.25	10 / 5	2025-11-19
1.3.24	10 / 6	2025-06-24
1.3.23	10 / 6	2025-06-20
1.3.22	10 / 6	2025-06-19
1.3.21	10 / 6	2025-05-29
1.3.20	10 / 6	2025-05-27
1.3.19	10 / 6	2025-05-27
1.3.18	10 / 6	2025-05-22
1.3.17	10 / 6	2025-05-22
1.3.16	10 / 6	2025-05-21
1.3.15	10 / 6	2025-05-20
1.3.14	10 / 6	2025-05-20
1.3.13	10 / 6	2025-05-19
1.3.12	10 / 6	2025-05-15
1.3.11	10 / 6	2025-05-15
1.3.10	10 / 6	2025-05-14
1.3.8	10 / 6	2025-05-12
1.3.7	10 / 6	2025-05-07

v1.4.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.4.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.3.44

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.3.43

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.3.25

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.3.24

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.3.23

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.3.22

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.3.21

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.3.20

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.3.19

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.3.18

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.3.17

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.3.16

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.3.15

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.3.14

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.3.13

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.3.12

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.3.11

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.3.10

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.3.8

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.3.7

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.