← Home

@nolebase/ui

npm Repository Homepage

A collection of Vue components Nolebase uses.

5
Versions
MIT
License
No
Install Scripts
Verified
Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

nekomeowwwoikawa_rizumu

Keywords

unjsvuevitevitepressvitepress-plugincomponentscomponent-librarymarkdownfrontmatternolebasenolebase-integration

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
typosquat typosquat.levenshtein:uuid AI (typosquat): Scoped package @nolebase/ui; not a typosquat of uuid. ai
typosquat typosquat.levenshtein:pg AI (typosquat): Scoped package @nolebase/ui; not a typosquat of pg. ai
typosquat typosquat.levenshtein:qs AI (typosquat): Scoped package @nolebase/ui; not a typosquat of qs. ai
typosquat typosquat.levenshtein:joi AI (typosquat): Scoped package @nolebase/ui; not a typosquat of joi. ai
typosquat typosquat.levenshtein:yup AI (typosquat): Scoped package @nolebase/ui; not a typosquat of yup. ai
phantom-deps phantom-dep:less AI (phantom-deps): less is a declared runtime dep used in build/config context; stable false positive for this package. ai
phantom-deps phantom-dep:@iconify-json/octicon AI (phantom-deps): Icon data dep referenced in config; stable false positive for this package. ai

Versions (showing 5 of 5)

Version Deps Published
2.18.2 2 / 0
2.18.1 2 / 0
2.18.0 3 / 0
2.17.2 3 / 0
2.17.1 3 / 0

v2.18.2

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.18.1

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.18.0

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.17.2

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.17.1

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.