semiotic No license 16 versions

semiotic

npm Repository Homepage

16

Versions

—

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

alexeyraspopovemeeks

Keywords

mcpmodel-context-protocolmcp-serverdata-visualizationchartsreactd3canvassvgstreamingnetwork-graphaillmclaudecopilotgeographicchoroplethsankeyforce-directed

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
phantom-deps	phantom-dep:d3-tile	AI (phantom-deps): d3-tile is a declared runtime dep; phantom-dep heuristic false positive for this package.	ai	2026/05/24
phantom-deps	phantom-dep:d3-format	AI (phantom-deps): d3-format is a declared runtime dep; phantom-dep heuristic false positive for this package.	ai	2026/05/24
phantom-deps	phantom-dep:d3-time-format	AI (phantom-deps): d3-time-format is a declared runtime dep; phantom-dep heuristic false positive for this package.	ai	2026/05/24
phantom-deps	phantom-dep:@types/d3-quadtree	AI (phantom-deps): @types/d3-quadtree is a declared runtime dep (type-only); phantom-dep heuristic false positive for this package.	ai	2026/05/24
semgrep	semgrep:dynamic-require	AI (semgrep): Used in AI chart-suggestion loader to probe candidate JSON config files; bounded, non-user-controlled input.	ai	2026/05/18
phantom-deps	phantom-dep:topojson-client	AI (phantom-deps): topojson-client is a declared runtime dependency; phantom-dep heuristic is a false positive here.	ai	2026/05/18

Versions (showing 16 of 16)

Version	Deps	Published
3.6.0	15 / 62	2026-05-26
3.5.4	15 / 62	2026-05-22
3.5.3	15 / 70	2026-05-19
3.5.2	15 / 67	2026-05-12
3.5.1	15 / 67	2026-05-06
3.5.0	15 / 67	2026-05-05
3.4.2	19 / 70	2026-04-23
3.4.1	21 / 69	2026-04-23
3.4.0	19 / 65	2026-04-20
3.3.1	19 / 65	2026-04-13
3.2.0	21 / 52	2026-03-25
3.1.2	21 / 52	2026-03-21
3.1.1	21 / 52	2026-03-21
3.1.0	21 / 49	2026-03-21
3.0.1	14 / 44	2026-03-13
3.0.0	14 / 54	2026-03-08

v3.6.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.5.4

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.5.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.5.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.5.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.5.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.4.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.4.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.4.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.3.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.2.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.1.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.1.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.1.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.