@babel/preset-typescript

Babel preset for TypeScript.

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

hzooexistentialismnicolo-ribaudojlhwung

Keywords

babel-presettypescript

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
provenance	missing-githead	AI (provenance): Published in 2020 before gitHead/provenance was standard; nicolo-ribaudo is a trusted Babel core maintainer. No malicious signal.	ai	2026/04/22
publish-pattern	new-deps-added	AI (publish-pattern): @babel/helper-validator-option is a first-party Babel monorepo package; adding it is consistent with normal Babel ecosystem evolution and poses no supply chain risk.	ai	2026/04/22
provenance	publisher-changed	AI (provenance): jlhwung is a long-standing Babel core team member (2132 days, 151 packages, 1754 approved). Publisher rotation within the Babel org is expected and not a compromise signal.	ai	2026/04/22
maintainer-change	maintainer-added	AI (maintainer-change): jlhwung is an established Babel maintainer; addition reflects normal team management within the official Babel org.	ai	2026/04/22
bogus-package	bogus-package	AI (bogus-package): loganfsmyth and hzoo are well-known Babel core contributors (Logan Smyth, Henry Zhu), not spammers. Tiny payload is expected for a Babel preset that delegates to plugin packages.	ai	2026/04/22
maintainer-change	maintainer-removed	AI (maintainer-change): Removal of loganfsmyth and danez reflects normal Babel team evolution; no unknown new maintainers added. Stable pattern for this package.	ai	2026/04/22
dependencies	unvetted-dep:@babel/plugin-syntax-jsx	AI (dependencies): First-party @babel/* dependency from the same official Babel monorepo; expected and stable for this package.	ai	2026/04/21
dependencies	unvetted-dep:@babel/plugin-transform-modules-commonjs	AI (dependencies): First-party @babel/* dependency from the same official Babel monorepo; expected and stable for this package.	ai	2026/04/21
dependencies	unvetted-dep:@babel/plugin-transform-typescript	AI (dependencies): First-party @babel/* dependency from the same official Babel monorepo; expected and stable for this package.	ai	2026/04/21
provenance	no-provenance	AI (provenance): Babel publishes via GitHub Actions CI but does not attach Sigstore provenance; this is consistent across all Babel releases and not a risk indicator.	ai	2026/04/21

Versions (showing 51 of 51)

Hide prereleases

Version	Deps	Published
7.29.7	5 / 2	2026-05-25
7.28.5	5 / 2	2025-10-23
7.27.1	5 / 2	2025-04-30
7.27.0	5 / 2	2025-03-24
7.26.0	5 / 2	2024-10-25
7.25.9	5 / 2	2024-10-22
7.25.7	5 / 2	2024-10-02
7.24.7	5 / 2	2024-06-05
7.24.6	5 / 2	2024-05-24
7.24.1	5 / 2	2024-03-19
7.23.3	5 / 2	2023-11-09
7.23.2	5 / 2	2023-10-11
7.23.0	5 / 2	2023-09-25
7.22.15	5 / 2	2023-09-04
7.22.11	5 / 2	2023-08-24
7.22.5	5 / 2	2023-06-08
7.21.5	5 / 2	2023-04-28
7.21.4	5 / 2	2023-03-31
7.21.0	3 / 2	2023-02-20
7.18.6	3 / 2	2022-06-27
7.17.12	3 / 2	2022-05-16
7.16.7	3 / 2	2021-12-31
7.16.5	3 / 2	2021-12-13
7.16.0	3 / 2	2021-10-29
7.15.0	3 / 2	2021-08-04
7.14.5	3 / 2	2021-06-09
7.13.0	3 / 2	2021-02-22
7.12.17	3 / 2	2021-02-18
7.12.16	3 / 2	2021-02-11
7.12.13	3 / 2	2021-02-03
7.12.7	3 / 2	2020-11-20
7.12.1	2 / 2	2020-10-15
7.12.0	2 / 2	2020-10-14
7.10.4	2 / 2	2020-06-30
7.10.1	2 / 2	2020-05-27
7.9.0	2 / 2	2020-03-20
7.8.3	2 / 2	2020-01-13
7.8.0	2 / 2	2020-01-12
7.7.7	2 / 2	2019-12-19
7.7.4	2 / 2	2019-11-22
7.7.2	2 / 2	2019-11-06
7.7.0	2 / 2	2019-11-05
7.6.0	2 / 2	2019-09-06
7.3.3	2 / 2	2019-02-15
7.1.0	2 / 2	2018-09-17
7.0.0	2 / 2	2018-08-27
8.0.0-rc.3	4 / 2	2026-03-16
8.0.0-rc.2	4 / 2	2026-02-15
8.0.0-rc.1	4 / 2	2026-01-31
8.0.0-beta.4	4 / 2	2026-01-12
8.0.0-beta.3	5 / 2	2025-10-23

v7.29.7

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.