← Home

html-react-parser

17
Versions
License
No
Install Scripts
Verified
Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

remarkablemark

Keywords

html-react-parserhtmlreactparserdom

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
provenance publisher-changed AI (provenance): Transition to GitHub Actions publishing with SLSA attestation; consistent with CI/CD automation by original maintainer. ai
publish-pattern dormant-publish AI (publish-pattern): Established package with 165 versions; dormancy followed by CI/CD migration is benign for this package. ai
dependencies unvetted-dep:react-property AI (dependencies): react-property is a sibling package by the same author; stable dependency across versions. ai
dependencies unvetted-dep:html-dom-parser AI (dependencies): html-dom-parser is a sibling package by the same author; stable dependency across versions. ai

Versions (showing 17 of 17)

Version Deps Published
6.1.4 4 / 36
6.1.3 4 / 36
6.1.2 4 / 36
6.1.1 4 / 36
6.1.0 4 / 36
6.0.1 4 / 36
6.0.0 4 / 36
5.2.17 4 / 36
5.2.16 4 / 36
5.2.15 4 / 36
5.2.14 4 / 35
5.2.13 4 / 35
5.2.12 4 / 35
5.2.11 4 / 35
5.2.10 4 / 35
5.2.9 4 / 35
5.2.8 4 / 35

v6.1.4

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.1.3

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.1.2

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.0.1

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.0.0

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.