@visactor/vrender-components
components library for dp visualization
2
Versions
MIT
License
No
Install Scripts
Verified
Provenance
Supply chain provenance
Status for the latest visible version.
SLSA provenance attestation
npm registry signatures
gitHead linked
Maintainers
liufangfangvisactorownerxuanhunzamhownchensiji.0517youngwindspurpose233ssfxzlixuefei.1313ray_sunxiaoluohesimaqxile611da730zhouxinyu66888zexian_chen
Keywords
VisActorgraphicsrendererreactreact-vrendervrendercomponentsvrender-components
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| dependencies | unvetted-dep:@visactor/vscale | AI (dependencies): Same VisActor monorepo sibling; stable false positive for this package family. | ai | |
| dependencies | unvetted-dep:@visactor/vutils | AI (dependencies): Same VisActor monorepo sibling; stable false positive for this package family. | ai | |
| dependencies | unvetted-dep:@visactor/vrender-core | AI (dependencies): Same VisActor monorepo sibling; stable false positive for this package family. | ai | |
| dependencies | unvetted-dep:@visactor/vrender-kits | AI (dependencies): Same VisActor monorepo sibling; stable false positive for this package family. | ai | |
| dependencies | unvetted-dep:@visactor/vrender-animate | AI (dependencies): Same VisActor monorepo sibling; stable false positive for this package family. | ai |
v1.0.45
1 finding
INFO
Has SLSA provenance attestation
provenance
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.