@voyantjs/react
22
Versions
—
License
No
Install Scripts
Verified
Provenance
Supply chain provenance
Status for the latest visible version.
SLSA provenance attestation
npm registry signatures
No source commit
Maintainers
gabrielpxmmihaipxm
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| provenance | publisher-changed | AI (provenance): Transition to GitHub Actions CI/CD publishing is confirmed by SLSA provenance attestation; legitimate pipeline change. | ai | |
| provenance | missing-githead | AI (provenance): Missing gitHead is consistent with GitHub Actions CI/CD publish flow that uses SLSA attestation instead. | ai | |
| provenance | slsa-provenance | AI (provenance): Package consistently published via CI with SLSA attestation; stable supply-chain integrity signal. | ai | |
| bogus-package | bogus-package | AI (bogus-package): Sparse README/keywords are typical for scoped monorepo packages; 25 approved inbound edges confirm real usage. | ai |
Versions (showing 22 of 222)
| Version | Deps | Published |
|---|---|---|
| 0.11.0 | 0 / 7 | |
| 0.10.0 | 0 / 7 | |
| 0.9.0 | 0 / 7 | |
| 0.8.0 | 0 / 7 | |
| 0.7.0 | 0 / 7 | |
| 0.6.9 | 0 / 7 | |
| 0.6.8 | 0 / 7 | |
| 0.6.7 | 0 / 7 | |
| 0.6.5 | 0 / 7 | |
| 0.6.3 | 0 / 7 | |
| 0.6.2 | 0 / 7 | |
| 0.6.0 | 0 / 7 | |
| 0.5.0 | 0 / 7 | |
| 0.4.5 | 0 / 7 | |
| 0.4.4 | 0 / 7 | |
| 0.4.3 | 0 / 7 | |
| 0.4.2 | 0 / 7 | |
| 0.4.1 | 0 / 7 | |
| 0.4.0 | 0 / 7 | |
| 0.3.1 | 0 / 7 | |
| 0.3.0 | 0 / 7 | |
| 0.2.0 | 0 / 7 |