@walkeros/config
Shared development configuration for walkerOS packages (TypeScript, ESLint, Jest, tsup)
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| phantom-deps | phantom-dep:jest | AI (phantom-deps): Config package; jest declared as peer/dev dep loaded by convention, not directly imported. | ai | |
| phantom-deps | phantom-dep:eslint | AI (phantom-deps): Config package; eslint declared as peer dep loaded by convention. | ai | |
| phantom-deps | phantom-dep:terser | AI (phantom-deps): Config package; terser declared as peer/dev dep loaded by convention. | ai | |
| phantom-deps | phantom-dep:@swc/core | AI (phantom-deps): Config package; @swc/core declared as peer dep loaded by convention. | ai | |
| phantom-deps | phantom-dep:@swc/jest | AI (phantom-deps): Config package; @swc/jest declared as peer dep loaded by convention. | ai | |
| phantom-deps | phantom-dep:@eslint/js | AI (phantom-deps): Config package; framework-scoped, loaded by convention. | ai | |
| phantom-deps | phantom-dep:typescript | AI (phantom-deps): Config package; typescript declared as peer dep loaded by convention. | ai | |
| phantom-deps | phantom-dep:@types/jest | AI (phantom-deps): Config package; type definitions loaded by convention. | ai | |
| phantom-deps | phantom-dep:eslint-plugin-react | AI (phantom-deps): Config package; eslint plugin declared as peer dep loaded by convention. | ai | |
| phantom-deps | phantom-dep:eslint-plugin-turbo | AI (phantom-deps): Config package; eslint plugin declared as peer dep loaded by convention. | ai | |
| phantom-deps | phantom-dep:eslint-config-prettier | AI (phantom-deps): Config package; eslint config loaded by convention. | ai | |
| phantom-deps | phantom-dep:jest-environment-jsdom | AI (phantom-deps): Config package; jest environment declared as peer dep loaded by convention. | ai | |
| phantom-deps | phantom-dep:eslint-plugin-only-warn | AI (phantom-deps): Config package; eslint plugin declared as peer dep loaded by convention. | ai | |
| phantom-deps | phantom-dep:eslint-plugin-react-hooks | AI (phantom-deps): Config package; eslint plugin declared as peer dep loaded by convention. | ai |
Versions (showing 22 of 22)
| Version | Deps | Published |
|---|---|---|
| 4.0.2 | 20 / 0 | |
| 4.0.1 | 20 / 0 | |
| 4.0.0 | 20 / 0 | |
| 3.4.2 | 20 / 0 | |
| 3.4.1 | 20 / 0 | |
| 3.4.0 | 20 / 0 | |
| 3.3.1 | 20 / 0 | |
| 3.3.0 | 20 / 0 | |
| 3.2.0 | 20 / 0 | |
| 3.1.1 | 20 / 0 | |
| 3.1.0 | 20 / 0 | |
| 3.0.2 | 20 / 0 | |
| 3.0.1 | 20 / 0 | |
| 3.0.0 | 20 / 0 | |
| 2.1.1 | 20 / 0 | |
| 2.1.0 | 20 / 0 | |
| 2.0.1 | 20 / 0 | |
| 2.0.0 | 20 / 0 | |
| 1.1.0 | 20 / 0 | |
| 1.0.2 | 20 / 0 | |
| 1.0.1 | 20 / 0 | |
| 1.0.0 | 20 / 0 |
v4.0.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.0.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.0.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v3.4.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v3.4.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.4.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.3.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.3.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v3.2.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.1.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.1.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v3.0.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.0.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.0.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.1.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.0.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.0.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.1.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.