@babel/plugin-proposal-export-default-from
Compile export default to ES2015
29
Versions
MIT
License
No
Install Scripts
Verified
Provenance
Supply chain provenance
Status for the latest visible version.
SLSA provenance attestation
npm registry signatures
No source commit
Maintainers
hzooexistentialismnicolo-ribaudojlhwung
Keywords
babel-plugin
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| dependencies | unvetted-dep:@babel/plugin-syntax-export-default-from | AI (dependencies): @babel/plugin-syntax-export-default-from is a legitimate Babel monorepo package published by the same trusted publisher; this dependency is stable and expected for this plugin. | ai | |
| provenance | publisher-changed | AI (provenance): Publisher rotation within the Babel core team is routine; jlhwung is a known Babel contributor with a strong track record. This generalizes across versions of this package. | ai | |
| maintainer-change | maintainer-added | AI (maintainer-change): jlhwung is a known Babel core team member; addition is a legitimate maintainer transition within the official Babel org. | ai | |
| provenance | missing-githead | AI (provenance): Missing gitHead reflects a publish environment change in Babel's CI/CD, not a security concern. Package is from the official babel/babel monorepo. | ai | |
| bogus-package | bogus-package | AI (bogus-package): loganfsmyth and hzoo are well-known Babel core contributors, not spam publishers. Tiny payload is expected for a focused Babel syntax plugin. | ai | |
| provenance | no-provenance | AI (provenance): Official Babel monorepo package published before Sigstore provenance was common; absence of attestation is expected for this era of releases. | ai |
Versions (showing 29 of 29)
| Version | Deps | Published |
|---|---|---|
| 7.29.7 | 1 / 2 | |
| 7.27.1 | 1 / 2 | |
| 7.25.9 | 1 / 2 | |
| 7.25.8 | 1 / 2 | |
| 7.25.7 | 2 / 2 | |
| 7.24.7 | 2 / 2 | |
| 7.24.6 | 2 / 2 | |
| 7.24.1 | 2 / 2 | |
| 7.23.3 | 2 / 2 | |
| 7.22.17 | 2 / 2 | |
| 7.22.5 | 2 / 2 | |
| 7.18.10 | 2 / 2 | |
| 7.18.9 | 2 / 2 | |
| 7.18.6 | 2 / 2 | |
| 7.17.12 | 2 / 2 | |
| 7.16.7 | 2 / 2 | |
| 7.16.5 | 2 / 2 | |
| 7.16.0 | 2 / 2 | |
| 7.14.5 | 2 / 2 | |
| 7.12.13 | 2 / 2 | |
| 7.12.1 | 2 / 2 | |
| 7.10.4 | 2 / 2 | |
| 7.10.1 | 2 / 2 | |
| 7.8.3 | 2 / 2 | |
| 7.8.0 | 2 / 2 | |
| 7.7.4 | 2 / 2 | |
| 7.5.2 | 2 / 2 | |
| 7.2.0 | 2 / 2 | |
| 7.0.0 | 2 / 2 |
v7.29.7
1 finding
INFO
Has SLSA provenance attestation
provenance
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.