@vue/shared
internal utils shared across @vue packages
100
Versions
MIT
License
No
Install Scripts
Verified
Provenance
Supply chain provenance
Status for the latest visible version.
SLSA provenance attestation
npm registry signatures
No source commit
Maintainers
yyx990803
Keywords
vue
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| provenance | publisher-changed | AI (provenance): Vue.js core migrated to GitHub Actions for automated CI/CD publishing. SLSA provenance attestation confirms legitimate CI/CD origin. This transition is stable for all future versions. | ai | |
| bogus-package | bogus-package | AI (bogus-package): yyx990803 (Evan You) is the creator of Vue.js — spam flag is a false positive. @vue/shared is intentionally a zero-dep internal utility with a minimal README. All signals are false positives for this package. | ai |
Versions (showing 100 of 158)
| Version | Deps | Published |
|---|---|---|
| 3.5.39 | 0 / 0 | |
| 3.5.38 | 0 / 0 | |
| 3.5.37 | 0 / 0 | |
| 3.5.35 | 0 / 0 | |
| 3.5.34 | 0 / 0 | |
| 3.5.33 | 0 / 0 | |
| 3.5.32 | 0 / 0 | |
| 3.5.31 | 0 / 0 | |
| 3.5.30 | 0 / 0 | |
| 3.5.29 | 0 / 0 | |
| 3.5.28 | 0 / 0 | |
| 3.5.27 | 0 / 0 | |
| 3.5.26 | 0 / 0 | |
| 3.5.25 | 0 / 0 | |
| 3.5.24 | 0 / 0 | |
| 3.5.23 | 0 / 0 | |
| 3.5.22 | 0 / 0 | |
| 3.5.21 | 0 / 0 | |
| 3.5.20 | 0 / 0 | |
| 3.5.19 | 0 / 0 | |
| 3.5.18 | 0 / 0 | |
| 3.5.17 | 0 / 0 | |
| 3.5.16 | 0 / 0 | |
| 3.5.15 | 0 / 0 | |
| 3.5.14 | 0 / 0 | |
| 3.5.13 | 0 / 0 | |
| 3.5.12 | 0 / 0 | |
| 3.5.11 | 0 / 0 | |
| 3.5.10 | 0 / 0 | |
| 3.5.9 | 0 / 0 | |
| 3.5.8 | 0 / 0 | |
| 3.5.7 | 0 / 0 | |
| 3.5.6 | 0 / 0 | |
| 3.5.5 | 0 / 0 | |
| 3.5.4 | 0 / 0 | |
| 3.5.3 | 0 / 0 | |
| 3.5.2 | 0 / 0 | |
| 3.5.1 | 0 / 0 | |
| 3.5.0 | 0 / 0 | |
| 3.4.38 | 0 / 0 | |
| 3.4.37 | 0 / 0 | |
| 3.4.36 | 0 / 0 | |
| 3.4.35 | 0 / 0 | |
| 3.4.34 | 0 / 0 | |
| 3.4.33 | 0 / 0 | |
| 3.4.32 | 0 / 0 | |
| 3.4.31 | 0 / 0 | |
| 3.4.30 | 0 / 0 | |
| 3.4.29 | 0 / 0 | |
| 3.4.28 | 0 / 0 | |
| 3.4.27 | 0 / 0 | |
| 3.4.26 | 0 / 0 | |
| 3.4.25 | 0 / 0 | |
| 3.4.24 | 0 / 0 | |
| 3.4.23 | 0 / 0 | |
| 3.4.22 | 0 / 0 | |
| 3.4.21 | 0 / 0 | |
| 3.4.20 | 0 / 0 | |
| 3.4.19 | 0 / 0 | |
| 3.4.18 | 0 / 0 | |
| 3.4.17 | 0 / 0 | |
| 3.4.16 | 0 / 0 | |
| 3.4.15 | 0 / 0 | |
| 3.4.14 | 0 / 0 | |
| 3.4.13 | 0 / 0 | |
| 3.4.12 | 0 / 0 | |
| 3.4.11 | 0 / 0 | |
| 3.4.10 | 0 / 0 | |
| 3.4.9 | 0 / 0 | |
| 3.4.8 | 0 / 0 | |
| 3.4.7 | 0 / 0 | |
| 3.4.6 | 0 / 0 | |
| 3.4.5 | 0 / 0 | |
| 3.4.4 | 0 / 0 | |
| 3.4.3 | 0 / 0 | |
| 3.4.2 | 0 / 0 | |
| 3.4.1 | 0 / 0 | |
| 3.4.0 | 0 / 0 | |
| 3.3.13 | 0 / 0 | |
| 3.3.12 | 0 / 0 | |
| 3.3.11 | 0 / 0 | |
| 3.3.10 | 0 / 0 | |
| 3.3.9 | 0 / 0 | |
| 3.3.8 | 0 / 0 | |
| 3.3.7 | 0 / 0 | |
| 3.3.6 | 0 / 0 | |
| 3.3.5 | 0 / 0 | |
| 3.3.4 | 0 / 0 | |
| 3.3.3 | 0 / 0 | |
| 3.3.2 | 0 / 0 | |
| 3.3.1 | 0 / 0 | |
| 3.3.0 | 0 / 0 | |
| 3.2.47 | 0 / 0 | |
| 3.2.46 | 0 / 0 | |
| 3.2.45 | 0 / 0 | |
| 3.2.44 | 0 / 0 | |
| 3.2.43 | 0 / 0 | |
| 3.2.42 | 0 / 0 | |
| 3.2.41 | 0 / 0 | |
| 3.2.40 | 0 / 0 |
Showing 100 of 158
Next page →
v3.5.39
1 finding
INFO
Has SLSA provenance attestation
provenance
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.5.38
1 finding
INFO
Has SLSA provenance attestation
provenance
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.5.37
1 finding
INFO
Has SLSA provenance attestation
provenance
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.5.35
1 finding
INFO
Has SLSA provenance attestation
provenance
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.