@docusaurus/babel
Docusaurus package for Babel-related utils.
13
Versions
MIT
License
No
Install Scripts
Verified
Provenance
Supply chain provenance
Status for the latest visible version.
SLSA provenance attestation
npm registry signatures
gitHead linked
Maintainers
fbslorberlex111docusaurus-bot
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| provenance | publisher-changed | AI (provenance): Docusaurus has migrated to GitHub Actions CI/CD publishing with SLSA provenance attestation. Publisher change from slorber to GitHub Actions is a legitimate, documented transition for this monorepo package. | ai | |
| dependencies | unvetted-dep:@babel/traverse | AI (dependencies): Well-known, widely-used @babel/* package; unvetted only due to review system state, not suspicious. | ai | |
| dependencies | unvetted-dep:@babel/generator | AI (dependencies): Well-known, widely-used @babel/* package; unvetted only due to review system state, not suspicious. | ai | |
| dependencies | unvetted-dep:@babel/preset-env | AI (dependencies): Well-known, widely-used @babel/* package; unvetted only due to review system state, not suspicious. | ai | |
| dependencies | unvetted-dep:@babel/preset-react | AI (dependencies): Well-known, widely-used @babel/* package; unvetted only due to review system state, not suspicious. | ai | |
| bogus-package | bogus-package | AI (bogus-package): Inflated semver, short README, and no keywords are expected for a new monorepo-extracted package tracking the Docusaurus release version. Not indicative of spam or malice. | ai | |
| dependencies | unvetted-dep:@babel/plugin-transform-runtime | AI (dependencies): Well-known, widely-used @babel/* package; unvetted only due to review system state, not suspicious. | ai | |
| dependencies | unvetted-dep:@babel/plugin-syntax-dynamic-import | AI (dependencies): Well-known, widely-used @babel/* package; unvetted only due to review system state, not suspicious. | ai | |
| dependencies | unvetted-dep:babel-plugin-dynamic-import-node | AI (dependencies): Established Babel plugin for dynamic imports; unvetted only due to review system state, not suspicious. | ai | |
| dependencies | unvetted-dep:@docusaurus/utils | AI (dependencies): Sibling @docusaurus/* package at the same version; part of the official Docusaurus monorepo release. | ai | |
| dependencies | unvetted-dep:@babel/preset-typescript | AI (dependencies): Well-known, widely-used @babel/* package; unvetted only due to review system state, not suspicious. | ai |
Versions (showing 13 of 13)
| Version | Deps | Published |
|---|---|---|
| 3.10.1 | 14 / 0 | |
| 3.10.0 | 14 / 0 | |
| 3.9.2 | 15 / 0 | |
| 3.9.1 | 15 / 0 | |
| 3.9.0 | 15 / 0 | |
| 3.8.1 | 15 / 0 | |
| 3.8.0 | 15 / 0 | |
| 3.7.0 | 15 / 0 | |
| 3.6.3 | 15 / 0 | |
| 3.6.2 | 15 / 0 | |
| 3.6.1 | 15 / 0 | |
| 3.6.0 | 15 / 0 | |
| 3.5.2 | 12 / 0 |
v3.10.1
1 finding
INFO
Has SLSA provenance attestation
provenance
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.