@vendure/admin-ui-plugin
`npm install @vendure/admin-ui-plugin`
Supply chain provenance
Status for the latest visible version.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | net-exec-file:lib/admin-ui/browser/chunk-PK653RQF.js | AI (source-diff): Standard Angular browser bundle; net+exec pattern is false positive for minified UI code in this package. | ai | |
| source-diff | obfuscated-file:lib/admin-ui/276.f698b9306b722e64.js | AI (source-diff): Angular webpack bundle — minified UI code is expected for this package. | ai | |
| source-diff | obfuscated-file:lib/admin-ui/288.d0c64e3658459997.js | AI (source-diff): Angular webpack bundle — minified UI code is expected for this package. | ai | |
| source-diff | obfuscated-file:lib/admin-ui/412.9d952c33f41343ce.js | AI (source-diff): Angular webpack bundle — minified UI code is expected for this package. | ai | |
| source-diff | obfuscated-file:lib/admin-ui/478.83df340e9f28d883.js | AI (source-diff): Angular webpack bundle — minified UI code is expected for this package. | ai | |
| source-diff | obfuscated-file:lib/admin-ui/520.921bbe936cee9efa.js | AI (source-diff): Angular webpack bundle — minified UI code is expected for this package. | ai | |
| source-diff | obfuscated-file:lib/admin-ui/984.a63000774469c13a.js | AI (source-diff): Angular webpack bundle — minified UI code is expected for this package. | ai | |
| source-diff | obfuscated-file:lib/admin-ui/main.c17881361f930f55.js | AI (source-diff): Angular webpack main bundle — minified UI code is expected for this package. | ai | |
| source-diff | obfuscated-file:lib/admin-ui/72.964f57cc3fd4bbf8.js | AI (source-diff): Angular webpack bundle — minified UI code is expected for this package. | ai | |
| source-diff | obfuscated-file:lib/admin-ui/872.f3eb7710dda1cda6.js | AI (source-diff): Angular webpack bundle — minified UI code is expected for this package. | ai | |
| source-diff | net-exec-file:lib/admin-ui/browser/chunk-JEYDKCYR.js | AI (source-diff): Angular browser bundle; network calls and dynamic patterns are normal in compiled admin UI chunks for this package. | ai | |
| source-diff | net-exec-file:lib/admin-ui/browser/chunk-WGODER4Y.js | AI (source-diff): Compiled Angular browser bundle; net+exec pattern is standard SPA code, not malware. Stable for this package. | ai |
Versions (showing 6 of 6)
| Version | Deps | Published |
|---|---|---|
| 3.6.4 | 3 / 8 | |
| 3.6.3 | 3 / 8 | |
| 3.6.2 | 3 / 8 | |
| 3.6.1 | 3 / 8 | |
| 3.6.0 | 3 / 8 | |
| 3.5.6 | 3 / 8 |
v3.6.4
2 findingsNewly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.6.3
2 findingsNewly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.6.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.6.1
2 findingsNewly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.6.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.5.6
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.