← Home

@powerlines/plugin-react

npm Repository Homepage

A package containing a Powerlines plugin for building a React application.

85
Versions
Apache-2.0
License
No
Install Scripts
Verified
Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

stormie-botsullivanpj

Keywords

reactpowerlinesstorm-softwarepowerlines-plugin

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
phantom-deps phantom-dep:@storm-software/config-tools AI (phantom-deps): Config-only reference, consistent with the storm-software monorepo tooling pattern seen across this package family. ai
provenance publisher-changed AI (provenance): stormie-bot is the established bot publisher for storm-software org with 2775 approved packages; transition from GH Actions is expected CI automation change. ai
source-diff obfuscated-file:dist/index.cjs AI (source-diff): Standard rolldown/rollup minified bundle; readable logic, no malicious patterns. Stable for this package. ai
source-diff obfuscated-file:dist/index.mjs AI (source-diff): Standard rolldown/rollup minified ESM bundle; readable logic, no malicious patterns. Stable for this package. ai
phantom-deps phantom-dep:@powerlines/alloy AI (phantom-deps): Same-org dependency from Storm Software's @powerlines/* ecosystem; consistent pattern across all plugin packages in this monorepo. ai
phantom-deps phantom-dep:@powerlines/plugin-env AI (phantom-deps): Same-org dependency; plugin wrapper pattern where deps are configured but not directly imported in analyzed entry points. ai
phantom-deps phantom-dep:@powerlines/plugin-babel AI (phantom-deps): Same-org dependency; plugin wrapper pattern where deps are configured but not directly imported in analyzed entry points. ai
phantom-deps phantom-dep:@vitejs/plugin-react AI (phantom-deps): This package wraps @vitejs/plugin-react; it's expected to reference it in config files without direct imports in all entry points. ai
phantom-deps phantom-dep:defu AI (phantom-deps): Utility used in config composition; referenced in config files rather than direct imports — stable pattern for this build plugin package. ai
phantom-deps phantom-dep:powerlines AI (phantom-deps): Core powerlines package used in config context; same phantom-dep pattern consistent across this monorepo's plugin packages. ai
phantom-deps phantom-dep:@powerlines/plugin-plugin AI (phantom-deps): Same-org @powerlines dependency declared for runtime plugin loading by the powerlines framework, not direct import. Consistent with plugin architecture pattern across this package family. ai
dependencies unvetted-dep:@powerlines/alloy AI (dependencies): Same-org @powerlines dependency from publisher with 351 approved packages and SLSA provenance. Consistent with the broader @powerlines ecosystem used throughout this package. ai
phantom-deps phantom-dep:@stryke/convert AI (phantom-deps): Referenced in config files rather than direct imports; consistent with plugin/build-tool architecture across all versions. ai
phantom-deps phantom-dep:@stryke/path AI (phantom-deps): Referenced in config files rather than direct imports; consistent with plugin/build-tool architecture across all versions. ai
phantom-deps phantom-dep:@stryke/cli AI (phantom-deps): Referenced in config files rather than direct imports; consistent with plugin/build-tool architecture across all versions. ai
phantom-deps phantom-dep:@babel/core AI (phantom-deps): Build plugin package; @babel/core is a framework-scoped dep loaded by convention, not direct import. Stable pattern for this package type. ai
phantom-deps phantom-dep:@alloy-js/markdown AI (phantom-deps): Referenced in config files rather than direct imports; consistent with plugin/build-tool architecture across all versions. ai
phantom-deps phantom-dep:@powerlines/plugin-vite AI (phantom-deps): Same-org package from Powerlines ecosystem; loaded by convention in plugin architecture, not a security concern. ai
phantom-deps phantom-dep:@alloy-js/json AI (phantom-deps): Referenced in config files rather than direct imports; consistent with plugin/build-tool architecture across all versions. ai
phantom-deps phantom-dep:@stryke/fs AI (phantom-deps): Referenced in config files rather than direct imports; consistent with plugin/build-tool architecture across all versions. ai

Versions (showing 85 of 588)

Version Deps Published
0.1.135 16 / 6
0.1.134 16 / 6
0.1.133 16 / 6
0.1.132 16 / 6
0.1.131 16 / 6
0.1.130 16 / 6
0.1.129 16 / 6
0.1.128 16 / 6
0.1.127 16 / 6
0.1.126 16 / 6
0.1.125 16 / 6
0.1.124 16 / 6
0.1.123 16 / 6
0.1.122 16 / 6
0.1.121 16 / 6
0.1.120 16 / 6
0.1.119 16 / 6
0.1.118 16 / 6
0.1.117 16 / 6
0.1.116 16 / 6
0.1.115 16 / 6
0.1.114 16 / 6
0.1.113 16 / 6
0.1.112 16 / 6
0.1.111 16 / 6
0.1.110 16 / 9
0.1.109 12 / 11
0.1.108 12 / 11
0.1.107 12 / 11
0.1.106 12 / 9
0.1.104 13 / 6
0.1.103 13 / 6
0.1.102 13 / 6
0.1.101 13 / 6
0.1.99 13 / 2
0.1.98 13 / 2
0.1.96 13 / 2
0.1.92 13 / 2
0.1.91 13 / 2
0.1.90 13 / 2
0.1.89 13 / 2
0.1.85 13 / 2
0.1.78 13 / 2
0.1.75 13 / 2
0.1.73 13 / 2
0.1.72 13 / 2
0.1.71 13 / 2
0.1.67 13 / 2
0.1.65 13 / 2
0.1.63 13 / 2
0.1.62 13 / 2
0.1.61 13 / 2
0.1.59 13 / 2
0.1.58 13 / 2
0.1.56 13 / 2
0.1.55 13 / 2
0.1.54 13 / 2
0.1.49 13 / 2
0.1.46 13 / 3
0.1.45 13 / 3
0.1.43 13 / 3
0.1.40 13 / 3
0.1.38 13 / 3
0.1.36 13 / 3
0.1.35 13 / 3
0.1.34 13 / 3
0.1.32 13 / 3
0.1.29 13 / 3
0.1.28 13 / 3
0.1.27 13 / 3
0.1.26 13 / 3
0.1.23 13 / 3
0.1.21 13 / 3
0.1.16 13 / 3
0.1.15 13 / 3
0.1.13 13 / 3
0.1.10 13 / 3
0.1.9 13 / 3
0.1.7 13 / 3
0.1.5 13 / 3
0.1.4 13 / 3
0.1.3 13 / 3
0.1.2 13 / 3
0.1.1 13 / 3
0.1.0 13 / 3

v0.1.3

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.1.2

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.