@vueuse/router No license 4 versions

@vueuse/router

npm Repository Homepage

Versions

—

License

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

vueuse-bot

Keywords

vuevue-usevue-routerutils

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
email-domain	unclaimed-email:https://github.com/antfu	AI (email-domain): Author field contains a GitHub URL, not an email address; analyzer misparses it as a domain. Stable false positive for this package.	ai	2026/05/06

Versions (showing 4 of 4)

Version	Deps	Published
14.3.0	1 / 1	2026-05-01
14.2.1	1 / 1	2026-02-10
14.2.0	1 / 1	2026-01-31
14.1.0	1 / 1	2025-11-27

v14.3.0

2 findings

HIGH Unclaimed maintainer email domain: https://github.com/antfu email-domain

Maintainer email 'https://github.com/antfu' uses domain 'https://github.com/antfu' which has no DNS records. An attacker could register this domain to hijack the maintainer identity.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v14.2.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v14.2.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v14.1.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.