← Home

@react-aria/combobox

npm Repository Homepage

Spectrum UI components in React

100
Versions
Apache-2.0
License
No
Install Scripts
Missing
Provenance

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures gitHead linked

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

devongovettaspro83

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
phantom-deps phantom-dep:@babel/runtime AI (phantom-deps): Framework-scoped runtime dependency; standard pattern in transpiled React packages. ai
phantom-deps phantom-dep:@react-stately/layout AI (phantom-deps): Same-org dependency; core to combobox layout logic; correctly declared. ai
phantom-deps phantom-dep:@react-aria/interactions AI (phantom-deps): Same-org dependency; core to combobox interactions; correctly declared. ai

Versions (showing 100 of 204)

Hide prereleases
Version Deps Published
3.16.1 2 / 2
3.16.0 2 / 0
3.15.0 17 / 0
3.14.2 16 / 0
3.14.1 16 / 0
3.14.0 16 / 0
3.13.2 16 / 0
3.13.1 16 / 0
3.13.0 16 / 0
3.12.5 16 / 0
3.12.4 16 / 0
3.12.3 16 / 0
3.12.2 16 / 0
3.12.1 16 / 0
3.12.0 16 / 0
3.11.1 15 / 0
3.11.0 15 / 0
3.10.5 15 / 0
3.10.4 15 / 0
3.10.3 15 / 0
3.10.2 15 / 0
3.10.1 15 / 0
3.10.0 15 / 0
3.9.1 15 / 0
3.9.0 15 / 0
3.8.4 15 / 0
3.8.3 15 / 0
3.8.2 15 / 0
3.8.1 15 / 0
3.8.0 15 / 0
3.7.1 16 / 0
3.7.0 16 / 0
3.6.4 16 / 0
3.6.3 16 / 0
3.6.2 16 / 0
3.6.1 16 / 0
3.6.0 16 / 0
3.5.1 16 / 0
3.5.0 16 / 0
3.4.4 16 / 0
3.4.3 16 / 0
3.4.2 16 / 0
3.4.1 16 / 0
3.4.0 16 / 0
3.3.1 16 / 0
3.3.0 16 / 0
3.2.6 16 / 0
3.2.5 16 / 0
3.2.4 16 / 0
3.2.3 16 / 0
3.2.2 16 / 0
3.2.1 16 / 0
3.2.0 16 / 0
3.1.0 16 / 0
3.0.1 16 / 0
3.0.0 16 / 0
3.0.0-nightly-ffb1a9d0d-260323 2 / 0
3.0.0-nightly-ff8f6f319-251118 16 / 0
3.0.0-nightly-fc3ea3e8c-251029 16 / 0
3.0.0-nightly-f8d513f06-251119 16 / 0
3.0.0-nightly-f61e75cea-251124 16 / 0
3.0.0-nightly-f61e75cea-251123 16 / 0
3.0.0-nightly-f3e3157d0-260219 16 / 0
3.0.0-nightly-f3e3157d0-260218 16 / 0
3.0.0-nightly-f1aafc6ce-251105 16 / 0
3.0.0-nightly-efc581c91-260413 2 / 0
3.0.0-nightly-eef731921-260216 16 / 0
3.0.0-nightly-eef731921-260215 16 / 0
3.0.0-nightly-eef731921-260214 16 / 0
3.0.0-nightly-eec6c1a4d-251223 16 / 0
3.0.0-nightly-ee49fdbaf-260306 17 / 0
3.0.0-nightly-ec7736d18-260421 2 / 0
3.0.0-nightly-e3913baaa-260422 2 / 0
3.0.0-nightly-e24140214-260309 17 / 0
3.0.0-nightly-e24140214-260308 17 / 0
3.0.0-nightly-e24140214-260307 17 / 0
3.0.0-nightly-daafdd59d-260224 16 / 0
3.0.0-nightly-daafdd59d-260223 16 / 0
3.0.0-nightly-daafdd59d-260222 16 / 0
3.0.0-nightly-daafdd59d-260221 16 / 0
3.0.0-nightly-d974b93de-260227 17 / 0
3.0.0-nightly-cfb620016-260126 16 / 0
3.0.0-nightly-cfb620016-260125 16 / 0
3.0.0-nightly-cfb620016-260124 16 / 0
3.0.0-nightly-cf7c1541e-251113 16 / 0
3.0.0-nightly-cdbfe4816-260303 17 / 0
3.0.0-nightly-c8d64314e-260208 16 / 0
3.0.0-nightly-c8d64314e-260207 16 / 0
3.0.0-nightly-c80e3d1d6-251212 16 / 0
3.0.0-nightly-c5a3ae829-260331 2 / 0
3.0.0-nightly-c2517d3bb-260115 16 / 0
3.0.0-nightly-beda77877-260414 2 / 0
3.0.0-nightly-b4382b073-260130 16 / 0
3.0.0-nightly-b321d7de8-260122 16 / 0
3.0.0-nightly-b321d7de8-260121 16 / 0
3.0.0-nightly-ac718c6cd-260402 2 / 0
3.0.0-nightly-ab5e6f3db-251110 16 / 0
3.0.0-nightly-ab5e6f3db-251109 16 / 0
3.0.0-nightly-ab5e6f3db-251108 16 / 0
3.0.0-nightly-ab5e6f3db-251107 16 / 0
Showing 100 of 204 Next page →

v3.16.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v3.16.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v3.15.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v3.14.2

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.14.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.14.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.13.2

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.13.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.13.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.12.5

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.12.4

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.12.3

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.12.2

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.12.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.12.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.11.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.11.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.10.5

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.10.4

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.10.3

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.10.2

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.10.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.10.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.9.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.9.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.8.4

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.8.3

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.8.2

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.8.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.8.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.7.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.7.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.6.4

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.6.3

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.6.2

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.6.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.6.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.5.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.5.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.4.4

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.4.3

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.4.2

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.4.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.4.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.3.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.3.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.2.6

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.2.5

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.2.4

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.2.3

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.2.2

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.2.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.2.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.1.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.0.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.