@verii/components-organizations-registrar

This package contains the main components for creating a registry of organizations. The project is written in pure JS.

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

lfdt-npmhyperledger-ghci

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
npm-metadata	no-description	AI (npm-metadata): Component library with clear exports and purpose; missing description is metadata gap, not security concern.	ai	2026/04/27
phantom-deps	phantom-dep:@auth0/auth0-react	AI (phantom-deps): Dependency is properly declared and used in configuration; phantom-dep pattern is normal for component libraries with indirect dependency usage.	ai	2026/04/26
phantom-deps	phantom-dep:ra-data-local-storage	AI (phantom-deps): Dependency is properly declared and used in configuration; phantom-dep pattern is normal for component libraries with indirect dependency usage.	ai	2026/04/26
bogus-package	bogus-package	AI (bogus-package): Scoped package with well-structured exports and proper metadata; minimal README is acceptable for monorepo component libraries.	ai	2026/04/26
dependencies	unvetted-dep:autosuggest-highlight	AI (dependencies): Small, stable utility library for text highlighting; no security concerns.	ai	2026/04/25
dependencies	unvetted-dep:ra-core	AI (dependencies): ra-core is a well-known React Admin framework core package; unvetted status reflects review queue lag, not actual risk.	ai	2026/04/25
dependencies	unvetted-dep:ra-data-local-storage	AI (dependencies): Part of the react-admin ecosystem; legitimate data provider for local storage; no security concerns.	ai	2026/04/25
dependencies	unvetted-dep:react-admin	AI (dependencies): react-admin is a widely-used, legitimate open-source admin framework; no security concerns.	ai	2026/04/25
dependencies	unvetted-dep:@auth0/auth0-react	AI (dependencies): Official Auth0 React SDK from a major identity provider; well-maintained and widely trusted.	ai	2026/04/25
dependencies	unvetted-dep:@react-pdf/renderer	AI (dependencies): Established React PDF rendering library with broad ecosystem adoption; no security concerns.	ai	2026/04/25

Versions (showing 14 of 14)

Version	Deps	Published
1.1.3	14 / 28	2026-04-26
1.1.2	14 / 28	2026-04-23
1.1.1	14 / 28	2026-04-21
1.1.0	14 / 28	2026-04-17
1.0.9	12 / 28	2025-12-15
1.0.8	12 / 28	2025-12-10
1.0.7	12 / 28	2025-11-04
1.0.6	12 / 28	2025-10-28
1.0.5	12 / 28	2025-10-23
1.0.4	12 / 28	2025-10-09
1.0.3	12 / 28	2025-10-01
1.0.2	12 / 28	2025-10-01
1.0.1	12 / 28	2025-09-28
1.0.0	12 / 28	2025-09-10

v1.1.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.1.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.1.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.