All rc-tabs versions

[email protected] rejected Risk: 0 MIT

rc-tabs @9.1.1

rejected
This version was rejected. It did not pass GreenFlagged's security review and is not served by the registry. The findings and risk dispositions below explain why.
npm Repository Homepage Tarball
0
Risk Score
MIT
License
No
Install Scripts
7
Dependencies
17
Dev Dependencies
121.3 KB
Package Size
Published

tabs ui component for react

Maintainers

paranoidjk

Keywords

reactreact-componentreact-tabs

Dependencies (7)

PackageConstraintRegistry Status
rc-util ^4.0.4 auto_approved
warning ^3.0.0 auto_approved
classnames 2.x auto_approved
prop-types 15.x auto_approved
rc-hammerjs ~0.6.0 auto_approved
babel-runtime 6.x pending
create-react-class 15.x auto_approved

Dev Dependencies (17)

PackageConstraintRegistry Status
jest ^19.0.2 auto_approved
react 15.x auto_approved
enzyme ^2.7.1 auto_approved
preact ^8.2.1 auto_approved
history ^1.17.0 auto_approved
rc-test ^6.0.1 Not imported
rc-tools 6.x auto_approved
coveralls ^2.11.16 auto_approved
cross-env ^5.0.1 auto_approved
expect.js ~0.3.1 auto_approved
fastclick ~1.0.6 auto_approved
react-dom ^15.5.4 auto_approved
pre-commit 1.x auto_approved
react-router 2.x auto_approved
preact-compat ^3.16.0 auto_approved
enzyme-to-json ^1.5.0 auto_approved
react-test-renderer ^15.5.4 auto_approved

Transitive Dependency Tree

15 transitive deps max depth 4
  ├─ babel-runtime 6.x
  ├─ classnames 2.x → 2.5.1
  ├─ create-react-class 15.x → 15.7.0
  ├─ prop-types 15.x → 15.8.1
  ├─ rc-hammerjs ~0.6.0 → 0.6.9
  ├─ rc-util ^4.0.4 → 4.21.1
├─ warning ^3.0.0 → 3.0.0
  ├─ add-dom-event-listener ^1.1.0 → 1.1.0
  ├─ babel-runtime 6.x
  ├─ hammerjs ^2.0.8 → 2.0.8
  ├─ loose-envify ^1.4.0 → 1.4.0
  ├─ loose-envify ^1.0.0 → 1.4.0
  ├─ loose-envify ^1.3.1 → 1.4.0
  ├─ object-assign ^4.1.1 → 4.1.1
  ├─ prop-types ^15.5.9 → 15.8.1
  ├─ prop-types ^15.5.10 → 15.8.1
  ├─ react-is ^16.12.0 → 16.13.1
  ├─ react-is ^16.13.1 → 16.13.1
  ├─ react-lifecycles-compat ^3.0.4 → 3.0.4
├─ shallowequal ^1.1.0 → 1.1.0
  ├─ js-tokens ^3.0.0 || ^4.0.0 → 4.0.0
  ├─ loose-envify ^1.4.0 → 1.4.0
  ├─ object-assign 4.x → 4.1.1
  ├─ object-assign ^4.1.1 → 4.1.1
├─ react-is ^16.13.1 → 16.13.1
  ├─ js-tokens ^3.0.0 || ^4.0.0 → 4.0.0

Risk Dispositions (0 applicable to this version, 1 other)

Accepted rules are downgraded to INFO on future analyses; rejected rules escalate to CRITICAL.

Show 1 disposition(s) that do not match any finding on this version
Rule Source Disposition Author Reason
bogus-package bogus-package reject AI AI (bogus-package): Maintainer afc163 flagged as spam publisher; verdict generalizes to all versions under this maintainer.

SAST Findings (2)

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

INFO Publisher changed: yiminghe → paranoidjk (on 2017-08-15) provenance

[Accepted risk] This version was published by a different npm account than previous versions on 2017-08-15. This could indicate a legitimate maintainer transition or an account compromise.

Review Summary

Risk score: 0. Findings: 10 info (+0).

Commit: e64af5b5550c Browse source

Published to npm: