← Home

@wistia/eslint-config

npm Repository Homepage

Wistia's ESLint configurations

8
Versions
UNLICENSED
License
No
Install Scripts
Missing
Provenance

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures gitHead linked

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

wistia_engineeringokizersheldonatwistia

Keywords

eslinteslint-configeslint configflat configtypescript

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
phantom-deps phantom-dep:@babel/core AI (phantom-deps): Babel core is loaded by convention via eslint-parser; not directly imported but legitimately declared. ai
license uncommon-license:UNLICENSED AI (license): Intentional private/proprietary license for an internal org ESLint config; stable across versions. ai
phantom-deps phantom-dep:eslint-import-resolver-typescript AI (phantom-deps): Used as a resolver in ESLint flat config; not directly imported but legitimately referenced in config files. ai
dependencies unvetted-dep:eslint-plugin-react-hooks-ssr AI (dependencies): ESLint plugin for SSR React hooks; consistent with react-ssr-compatibility config export. ai
dependencies unvetted-dep:eslint-plugin-no-typeof-window-undefined AI (dependencies): Small ESLint rule plugin; consistent with SSR-compatibility linting purpose. ai
dependencies unvetted-dep:@vitest/eslint-plugin AI (dependencies): Official vitest eslint plugin; expected dep for this package's vitest config export. ai
dependencies unvetted-dep:eslint-plugin-styled-components-a11y AI (dependencies): Legitimate a11y eslint plugin for styled-components; matches the styled-components config export. ai
dependencies unvetted-dep:eslint-plugin-barrel-files AI (dependencies): Legitimate eslint plugin for barrel file linting; fits package purpose. ai
dependencies unvetted-dep:globals-vitest AI (dependencies): Standard vitest globals helper; expected dep for an eslint-config with vitest support. ai

Versions (showing 8 of 8)

Version Deps Published
2.7.0 26 / 12
2.5.2 27 / 12
2.5.1 27 / 12
2.5.0 27 / 12
2.4.0 27 / 12
1.6.1 31 / 12
1.6.0 31 / 12
1.2.1 33 / 12

v2.7.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.5.2

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.5.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.5.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v2.4.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.6.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.6.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.2.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.