← Home

@uiw/react-codemirror

33
Versions
License
No
Install Scripts
Verified
Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

wcjianguiwjs

Keywords

reactcodemirrorcodemirror6react-codemirroreditorsyntaxidecode

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
dependencies unvetted-dep:@codemirror/theme-one-dark AI (dependencies): @codemirror/theme-one-dark is a standard CodeMirror 6 theme package; its inclusion as a dependency is expected and stable for this package. ai
dependencies unvetted-dep:@uiw/codemirror-extensions-basic-setup AI (dependencies): Sibling monorepo package pinned to the same version; expected dependency for this package across all versions. ai
phantom-deps phantom-dep:codemirror AI (phantom-deps): codemirror is declared as both a dependency and peer dependency; not directly imported but used as a re-export/availability guarantee. Stable pattern for this package. ai

Versions (showing 33 of 33)

Version Deps Published
4.25.11 6 / 0
4.25.10 6 / 0
4.25.9 6 / 0
4.25.8 6 / 0
4.25.7 6 / 0
4.25.6 6 / 0
4.25.5 6 / 0
4.25.4 6 / 0
4.25.3 6 / 0
4.25.2 6 / 0
4.25.1 6 / 0
4.25.0 6 / 0
4.24.2 6 / 0
4.24.1 6 / 0
4.24.0 6 / 0
4.23.14 6 / 0
4.23.13 6 / 0
4.23.12 6 / 0
4.23.11 6 / 0
4.23.10 6 / 0
4.23.9 6 / 0
4.23.8 6 / 0
4.23.7 6 / 0
4.23.6 6 / 0
4.23.5 6 / 0
4.23.4 6 / 0
4.23.3 6 / 0
4.23.2 6 / 0
4.23.1 6 / 0
4.23.0 6 / 0
4.22.2 6 / 0
4.22.1 6 / 0
4.22.0 6 / 0

v4.25.11

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4.25.10

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4.23.10

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4.23.9

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4.23.8

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4.23.7

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4.23.6

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4.23.5

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4.23.4

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4.23.3

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4.23.2

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4.23.1

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4.23.0

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4.22.2

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4.22.1

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v4.22.0

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.