@mintlify/previewing — Greenflagged

Preview Mintlify docs locally

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures gitHead linked

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

dks333hanminthahnbeeshouchem-mintlifykathrynmintlifykylefinkenian-mintlifydenssumeshskeptrune

Keywords

mintlifymintpreviewing

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
dependencies	unvetted-dep:is-online	AI (dependencies): is-online is a well-known, widely-used npm package for network connectivity checks; appropriate for a local docs preview tool. Not a security risk.	ai	2026/04/26
phantom-deps	phantom-dep:front-matter	AI (phantom-deps): front-matter is declared as a dependency and used in the broader Mintlify ecosystem; phantom detection is a false positive for this package's usage pattern.	ai	2026/04/26
phantom-deps	phantom-dep:openapi-types	AI (phantom-deps): openapi-types is a type-only package; phantom detection is expected and not a security concern for this package.	ai	2026/04/26
phantom-deps	phantom-dep:unist-util-visit	AI (phantom-deps): unist-util-visit is used transitively in the Mintlify doc processing pipeline; phantom detection is a stable false positive for this package.	ai	2026/04/26
semgrep	semgrep:child-process-import	AI (semgrep): child_process (execFile) is used in export-scripts/serve.js for a local dev server — expected behavior for a docs previewing tool. Not a security risk.	ai	2026/04/25
provenance	no-provenance	AI (provenance): Package is published via GitHub Actions CI pipeline for a well-established org with 1161 versions and 132k weekly downloads. Lack of Sigstore provenance is acceptable here.	ai	2026/04/25

Versions (showing 51 of 619)

View all versions

Version	Deps	Published
4.0.1122	21 / 18	2026-05-29
4.0.1121	21 / 18	2026-05-28
4.0.1120	21 / 18	2026-05-28
4.0.1119	21 / 18	2026-05-28
4.0.1118	21 / 18	2026-05-28
4.0.1117	21 / 18	2026-05-27
4.0.1116	21 / 18	2026-05-27
4.0.1115	21 / 18	2026-05-27
4.0.1114	21 / 18	2026-05-23
4.0.1113	21 / 20	2026-05-23
4.0.1112	21 / 20	2026/05/22
4.0.1111	21 / 20	2026-05-22
4.0.1110	21 / 20	2026-05-21
4.0.1109	21 / 20	2026-05-20
4.0.1108	21 / 20	2026-05-20
4.0.1107	21 / 20	2026-05-19
4.0.1106	21 / 20	2026-05-19
4.0.1105	21 / 20	2026-05-18
4.0.1104	21 / 20	2026-05-18
4.0.1103	21 / 20	2026-05-16
4.0.1102	21 / 20	2026-05-15
4.0.1101	21 / 20	2026-05-14
4.0.1100	21 / 20	2026-05-14
4.0.1099	21 / 20	2026-05-14
4.0.1098	21 / 20	2026-05-14
4.0.1097	21 / 20	2026-05-13
4.0.1096	21 / 20	2026-05-11
4.0.1095	21 / 20	2026-05-09
4.0.1094	21 / 20	2026-05-08
4.0.1093	21 / 20	2026-05-08
4.0.1092	21 / 20	2026-05-07
4.0.1091	21 / 20	2026-05-07
4.0.1090	21 / 20	2026-05-07
4.0.1089	21 / 20	2026-05-07
4.0.1088	21 / 20	2026-05-06
4.0.1087	21 / 20	2026-05-06
4.0.1086	21 / 20	2026-05-05
4.0.1085	21 / 20	2026-05-05
4.0.1084	21 / 20	2026-05-04
4.0.1083	21 / 20	2026-05-01
4.0.1082	21 / 20	2026-05-01
4.0.1081	21 / 20	2026-05-01
4.0.1080	21 / 20	2026-04-30
4.0.1079	21 / 20	2026-04-29
4.0.1078	21 / 20	2026-04-29
4.0.1077	21 / 20	2026-04-28
4.0.1076	21 / 20	2026-04-28
4.0.1075	21 / 20	2026-04-28
4.0.1074	21 / 20	2026-04-28
4.0.1073	21 / 20	2026-04-27
4.0.1072	21 / 20	2026-04-27