@webitel/ui-datalist — Greenflagged

Toolkit for building data lists in webitel ui system

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

dlohvinovnavrotskyjbiedulina_valeriiagoodxtime

Keywords

webitelwebitel-ui

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
provenance	publisher-changed	AI (provenance): Publisher changed to GitHub Actions with SLSA provenance attestation; CI/CD publishing is the expected pattern for this package going forward.	ai	2026/05/24
provenance	no-provenance	AI (provenance): Webitel org packages consistently lack provenance; stable false positive for this package family.	ai	2026/05/23
phantom-deps	phantom-dep:@webitel/styleguide	AI (phantom-deps): Same org scope; phantom-dep heuristic false positive for intra-org packages.	ai	2026/05/08
phantom-deps	phantom-dep:@vuelidate/validators	AI (phantom-deps): Referenced in config files per finding; stable false positive for this package.	ai	2026/05/08

Versions (showing 51 of 92)

View all versions

Version	Deps	Published
1.1.30	0 / 14	2026-06-03
1.1.29	0 / 14	2026-05-26
1.1.28	0 / 14	2026-05-20
1.1.27	0 / 14	2026-05-18
1.1.26	0 / 14	2026-05-11
1.1.25	0 / 14	2026-05-09
1.1.24	0 / 14	2026-04-30
1.1.23	0 / 14	2026-04-30
1.1.22	0 / 14	2026-04-16
1.1.21	0 / 14	2026-04-15
1.1.20	0 / 14	2026-04-10
1.1.19	0 / 14	2026-04-10
1.1.17	0 / 14	2026-04-09
1.1.16	0 / 14	2026-03-24
1.1.15	0 / 14	2026-03-24
1.1.14	0 / 14	2026-03-23
1.1.13	0 / 14	2026-03-17
1.1.12	0 / 14	2026-03-17
1.1.11	0 / 14	2026-03-16
1.1.10	0 / 14	2026-03-06
1.1.9	0 / 14	2026-03-04
1.1.8	0 / 14	2026-03-03
1.1.7	0 / 14	2026-02-25
1.1.6	0 / 14	2026-02-16
1.1.5	0 / 21	2026-02-04
1.1.4	0 / 21	2026-02-04
1.1.3	0 / 21	2026-02-04
1.1.2	0 / 21	2026-01-29
1.1.1	0 / 21	2026-01-22
1.0.98	8 / 24	2026-01-19
1.0.97	8 / 24	2026-01-07
1.0.96	8 / 24	2026-01-07
1.0.95	8 / 24	2026-01-05
1.0.94	8 / 24	2025-12-24
1.0.93	8 / 24	2025-12-22
1.0.92	8 / 24	2025-12-03
1.0.91	8 / 24	2025-11-28
1.0.90	8 / 24	2025-11-28
1.0.89	8 / 24	2025-11-27
1.0.88	8 / 24	2025-11-12
1.0.87	8 / 24	2025-11-12
1.0.86	8 / 24	2025-11-11
1.0.85	8 / 24	2025-11-10
1.0.84	8 / 24	2025-11-06
1.0.83	8 / 24	2025-11-06
1.0.82	8 / 24	2025-11-06
1.0.81	8 / 24	2025-11-06
1.0.80	8 / 24	2025-10-24
1.0.79	8 / 24	2025-10-01
1.0.78	8 / 24	2025-09-25
1.0.77	8 / 24	2025-09-10

v1.1.30

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.1.29

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.1.28

2 findings

HIGH Publisher changed: dlohvinov → GitHub Actions (on 2026-05-20) provenance

This version was published by a different npm account than previous versions on 2026-05-20. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.