All @react-querybuilder/material versions
@react-querybuilder/material @8.14.1
rejected
This version was rejected.
It did not pass GreenFlagged's security review and is not served by the registry.
The findings and risk dispositions below explain why.
38
Risk Score
—
License
No
Install Scripts
0
Dependencies
15
Dev Dependencies
54.2 KB
Package Size
Published
Maintainers
jakeboone02
Keywords
reactquerybuildermuimaterialquerybuilderoperatorscomponentclauseexpressionsql
Dev Dependencies (15)
| Package | Constraint | Registry Status |
|---|---|---|
| vite | ^8.0.2 | auto_approved |
| react | ^19.2.4 | auto_approved |
| react-dom | ^19.2.4 | auto_approved |
| typescript | ^6.0.2 | auto_approved |
| @types/react | ^19.2.10 | auto_approved |
| @mui/material | ^7.3.9 | auto_approved |
| @emotion/react | ^11.14.0 | auto_approved |
| @emotion/styled | ^11.14.1 | auto_approved |
| react-querybuilder | 8.14.1 | auto_approved |
| @mui/icons-material | ^7.3.9 | auto_approved |
| regenerator-runtime | ^0.14.1 | auto_approved |
| @testing-library/dom | ^10.4.1 | auto_approved |
| @vitejs/plugin-react | ^6.0.1 | auto_approved |
| @testing-library/react | ^16.3.2 | auto_approved |
| rollup-plugin-visualizer | ^7.0.1 | auto_approved |
Changes from v8.14.0
No metadata changes detected.
File Changes
0 added
0 removed
15 modified
size delta: -446.2 KB
Risk Dispositions (1 applicable to this version, 0 other)
Accepted rules are downgraded to INFO on future analyses; rejected rules escalate to CRITICAL.
| Rule | Source | Disposition | Author | Reason | |
|---|---|---|---|---|---|
regressed-provenance |
provenance | reject | AI | AI (provenance): Provenance regression on an established package with CI/CD history is a strong account-compromise indicator. |
SAST Findings (1)
HIGH
Provenance attestation missing — previous versions had it
provenance
This version was published without provenance, but prior versions were published via CI/CD with attestations. This is a strong signal of a potential account compromise or unauthorized publish. The axios attack (March 2026) exhibited exactly this pattern.
Review Summary
Risk score: 38. Findings: 1 high (+25), 1 medium (+10), 1 low (+3).
Commit: f0189159c62b Browse source
Published to npm: