@djangocfg/ui-core — Greenflagged

Pure React UI component library without Next.js dependencies - for Electron, Vite, CRA apps

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures gitHead linked

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

markolofsen

Keywords

ui-componentsreactradix-uitailwindcssdesign-systemcomponent-librarytypescriptelectronvite

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
publish-pattern	new-deps-added	AI (publish-pattern): nextjs-toploader is a legitimate, established Next.js utility; no malicious indicators.	ai	2026/05/21
dependencies	unvetted-dep:@radix-ui/react-avatar	AI (dependencies): Official Radix UI component; stable, well-known package.	ai	2026/04/29
dependencies	unvetted-dep:@radix-ui/react-hover-card	AI (dependencies): Official Radix UI component; stable, well-known package.	ai	2026/04/29
dependencies	unvetted-dep:@web3icons/react	AI (dependencies): Legitimate web3 icon library; no malware indicators.	ai	2026/04/29
phantom-deps	phantom-dep:@hookform/resolvers	AI (phantom-deps): Likely re-exported or used indirectly in a UI library context.	ai	2026/04/29
phantom-deps	phantom-dep:@radix-ui/react-toast	AI (phantom-deps): Likely re-exported or used indirectly in a UI library context.	ai	2026/04/29
phantom-deps	phantom-dep:i18n-iso-countries	AI (phantom-deps): Likely re-exported or used indirectly in a UI library context.	ai	2026/04/29

Versions (showing 83 of 183)

Version	Deps	Published
2.1.182	47 / 8	2026-02-26
2.1.181	47 / 8	2026-02-26
2.1.180	47 / 8	2026-02-26
2.1.178	47 / 8	2026-02-26
2.1.177	47 / 8	2026-02-26
2.1.176	47 / 8	2026-02-25
2.1.174	47 / 8	2026-02-25
2.1.173	47 / 8	2026-02-25
2.1.172	47 / 8	2026-02-25
2.1.171	47 / 8	2026-02-25
2.1.170	47 / 8	2026-02-20
2.1.169	47 / 8	2026-02-12
2.1.168	47 / 8	2026-02-12
2.1.167	47 / 8	2026-02-11
2.1.166	47 / 8	2026-02-11
2.1.165	47 / 8	2026-02-11
2.1.164	47 / 8	2026-02-11
2.1.163	47 / 8	2026-02-10
2.1.162	47 / 8	2026-02-10
2.1.161	47 / 8	2026-02-10
2.1.160	47 / 8	2026-02-10
2.1.159	47 / 8	2026-02-10
2.1.158	47 / 8	2026-02-10
2.1.157	47 / 8	2026-02-09
2.1.156	47 / 8	2026-02-08
2.1.155	47 / 8	2026-02-08
2.1.154	47 / 8	2026-02-08
2.1.153	47 / 8	2026-02-08
2.1.152	47 / 8	2026-02-08
2.1.151	47 / 8	2026-02-07
2.1.150	47 / 8	2026-02-07
2.1.149	47 / 8	2026-02-07
2.1.148	46 / 8	2026-02-06
2.1.147	46 / 8	2026-02-06
2.1.146	44 / 8	2026-02-06
2.1.145	44 / 8	2026-02-05
2.1.144	44 / 8	2026-02-05
2.1.143	44 / 8	2026-02-05
2.1.140	44 / 8	2026-02-05
2.1.139	44 / 8	2026-02-05
2.1.138	44 / 8	2026-02-04
2.1.137	44 / 8	2026-02-04
2.1.136	44 / 8	2026-02-04
2.1.135	44 / 8	2026-02-01
2.1.134	44 / 8	2026-02-01
2.1.133	44 / 8	2026-02-01
2.1.132	44 / 8	2026-02-01
2.1.131	44 / 8	2026-02-01
2.1.130	44 / 8	2026-01-31
2.1.129	44 / 8	2026-01-31
2.1.127	44 / 8	2026-01-31
2.1.126	44 / 8	2026-01-31
2.1.125	44 / 8	2026-01-29
2.1.124	44 / 8	2026-01-29
2.1.123	44 / 8	2026-01-29
2.1.121	44 / 8	2026-01-29
2.1.120	44 / 6	2026-01-29
2.1.119	44 / 6	2026-01-29
2.1.118	44 / 6	2026-01-24
2.1.116	44 / 6	2026-01-24
2.1.115	44 / 6	2026-01-23
2.1.114	44 / 6	2026-01-23
2.1.113	44 / 6	2026-01-23
2.1.112	44 / 6	2026-01-23
2.1.111	44 / 6	2026-01-23
2.1.110	44 / 5	2026-01-15
2.1.109	44 / 5	2026-01-15
2.1.108	44 / 5	2026-01-14
2.1.107	44 / 5	2026-01-12
2.1.106	44 / 5	2026-01-11
2.1.105	44 / 5	2026-01-07
2.1.104	44 / 5	2026-01-07
2.1.103	44 / 6	2026-01-07
2.1.102	44 / 6	2026-01-07
2.1.101	44 / 5	2026-01-07
2.1.100	44 / 5	2026-01-06
2.1.99	44 / 5	2026-01-06
2.1.97	44 / 5	2026-01-06
2.1.96	44 / 5	2026-01-06
2.1.95	44 / 5	2026-01-05
2.1.94	44 / 5	2026-01-05
2.1.92	44 / 5	2026-01-05
2.1.91	44 / 5	2026-01-03