@wix/editor
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| dependencies | unvetted-dep:@wix/admin | AI (dependencies): Internal Wix dependency consistent with this package's ecosystem; stable pattern across versions. | ai | |
| bogus-package | bogus-package | AI (bogus-package): Wix internal CI-published package; no repo/keywords/homepage is standard for their monorepo artifacts. | ai | |
| license | uncommon-license:UNLICENSED | AI (license): Proprietary Wix package; UNLICENSED is appropriate for internal corporate packages. | ai | |
| provenance | no-provenance | AI (provenance): Internal Wix package; provenance attestation is a best-practice enhancement, not a blocker. | ai | |
| dependencies | unvetted-dep:@wix/editor-platform-environment-api | AI (dependencies): Internal @wix/* scoped dep consistent with Wix ecosystem. | ai | |
| dependencies | unvetted-dep:@wix/workspace | AI (dependencies): Internal @wix/* scoped dep consistent with Wix ecosystem; stable pattern across versions. | ai | |
| dependencies | unvetted-dep:@wix/public-editor-platform-interfaces | AI (dependencies): Internal @wix/* scoped dep consistent with Wix ecosystem. | ai | |
| dependencies | unvetted-dep:@wix/editor-platform-contexts | AI (dependencies): Internal @wix/* scoped dep consistent with Wix ecosystem. | ai | |
| dependencies | unvetted-dep:@wix/monitoring-browser-sdk-host | AI (dependencies): Internal @wix/* scoped dep consistent with Wix ecosystem. | ai | |
| dependencies | unvetted-dep:@wix/public-editor-platform-errors | AI (dependencies): Internal @wix/* scoped dep consistent with Wix ecosystem. | ai |
Versions (showing 100 of 205)
| Version | Deps | Published |
|---|---|---|
| 1.572.0 | 8 / 12 | |
| 1.571.0 | 8 / 12 | |
| 1.570.0 | 8 / 12 | |
| 1.569.0 | 8 / 12 | |
| 1.568.0 | 8 / 12 | |
| 1.567.0 | 8 / 12 | |
| 1.566.0 | 8 / 12 | |
| 1.565.0 | 8 / 12 | |
| 1.564.0 | 8 / 12 | |
| 1.563.0 | 8 / 12 | |
| 1.562.0 | 8 / 12 | |
| 1.561.0 | 8 / 12 | |
| 1.560.0 | 8 / 12 | |
| 1.559.0 | 8 / 12 | |
| 1.558.0 | 8 / 12 | |
| 1.557.0 | 8 / 12 | |
| 1.556.0 | 8 / 12 | |
| 1.555.0 | 8 / 12 | |
| 1.554.0 | 8 / 12 | |
| 1.553.0 | 8 / 12 | |
| 1.552.0 | 8 / 12 | |
| 1.551.0 | 8 / 12 | |
| 1.550.0 | 8 / 12 | |
| 1.549.0 | 8 / 12 | |
| 1.548.0 | 8 / 12 | |
| 1.547.0 | 8 / 12 | |
| 1.546.0 | 8 / 12 | |
| 1.545.0 | 8 / 12 | |
| 1.544.0 | 8 / 12 | |
| 1.543.0 | 8 / 12 | |
| 1.542.0 | 8 / 12 | |
| 1.541.0 | 8 / 12 | |
| 1.540.0 | 8 / 12 | |
| 1.539.0 | 8 / 12 | |
| 1.538.0 | 8 / 12 | |
| 1.537.0 | 8 / 12 | |
| 1.536.0 | 8 / 12 | |
| 1.535.0 | 8 / 12 | |
| 1.534.0 | 8 / 12 | |
| 1.533.0 | 8 / 12 | |
| 1.532.0 | 8 / 12 | |
| 1.531.0 | 8 / 12 | |
| 1.530.0 | 8 / 12 | |
| 1.529.0 | 8 / 12 | |
| 1.528.0 | 8 / 12 | |
| 1.527.0 | 8 / 12 | |
| 1.526.0 | 8 / 12 | |
| 1.525.0 | 8 / 12 | |
| 1.524.0 | 8 / 12 | |
| 1.523.0 | 8 / 12 | |
| 1.522.0 | 8 / 12 | |
| 1.521.0 | 8 / 12 | |
| 1.520.0 | 8 / 12 | |
| 1.519.0 | 8 / 12 | |
| 1.518.0 | 8 / 12 | |
| 1.517.0 | 8 / 12 | |
| 1.516.0 | 8 / 12 | |
| 1.513.0 | 8 / 12 | |
| 1.512.0 | 8 / 12 | |
| 1.511.0 | 8 / 12 | |
| 1.510.0 | 8 / 12 | |
| 1.509.0 | 8 / 12 | |
| 1.508.0 | 8 / 12 | |
| 1.507.0 | 8 / 12 | |
| 1.506.0 | 8 / 12 | |
| 1.505.0 | 8 / 12 | |
| 1.504.0 | 8 / 12 | |
| 1.503.0 | 8 / 12 | |
| 1.502.0 | 8 / 12 | |
| 1.501.0 | 8 / 12 | |
| 1.500.0 | 8 / 12 | |
| 1.499.0 | 8 / 12 | |
| 1.498.0 | 8 / 12 | |
| 1.497.0 | 8 / 12 | |
| 1.496.0 | 8 / 12 | |
| 1.495.0 | 8 / 12 | |
| 1.494.0 | 8 / 12 | |
| 1.493.0 | 8 / 12 | |
| 1.492.0 | 8 / 12 | |
| 1.491.0 | 8 / 12 | |
| 1.490.0 | 8 / 12 | |
| 1.489.0 | 8 / 12 | |
| 1.488.0 | 8 / 12 | |
| 1.487.0 | 8 / 12 | |
| 1.486.0 | 8 / 12 | |
| 1.485.0 | 8 / 12 | |
| 1.484.0 | 8 / 12 | |
| 1.483.0 | 8 / 12 | |
| 1.482.0 | 8 / 12 | |
| 1.481.0 | 8 / 12 | |
| 1.480.0 | 8 / 12 | |
| 1.479.0 | 8 / 12 | |
| 1.478.0 | 8 / 12 | |
| 1.477.0 | 8 / 12 | |
| 1.476.0 | 8 / 12 | |
| 1.475.0 | 8 / 12 | |
| 1.474.0 | 8 / 12 | |
| 1.473.0 | 8 / 12 | |
| 1.472.0 | 8 / 12 | |
| 1.471.0 | 8 / 12 |
v1.572.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.571.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.570.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.569.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.568.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.567.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.566.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.565.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.564.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.563.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.562.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.561.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.560.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.559.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.558.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.557.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.556.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.555.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.554.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.553.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.552.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.551.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.550.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.549.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.548.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.547.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.546.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.545.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.544.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.543.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.542.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.541.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.540.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.539.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.538.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.537.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.536.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.535.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.534.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.533.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.532.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.531.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.530.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.529.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.528.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.527.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.526.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.525.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.524.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.523.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.522.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.521.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.520.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.519.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.518.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.517.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.516.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.513.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.512.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.511.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.510.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.509.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.508.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.507.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.506.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.505.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.504.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.503.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.502.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.501.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.500.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.499.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.498.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.497.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.496.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.495.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.494.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.493.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.492.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.491.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.490.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.488.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.487.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.485.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.484.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.482.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.481.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.480.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.479.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.478.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.477.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.476.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.475.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.474.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.473.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.472.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.471.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.