← Home

@react-spectrum/tree

npm Repository Homepage

Spectrum UI components in React

100
Versions
Apache-2.0
License
No
Install Scripts
Missing
Provenance

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures gitHead linked

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

devongovettaspro83

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
phantom-deps phantom-dep:@swc/helpers AI (phantom-deps): @swc/helpers is a known implicit runtime dependency of SWC-compiled code; stable pattern for this package. ai
phantom-deps phantom-dep:@react-spectrum/text AI (phantom-deps): Same-org monorepo dependency; expected pattern in React Spectrum packages. ai
bogus-package bogus-package AI (bogus-package): Minimal README and no keywords are normal for monorepo-published component packages with centralized docs; not indicative of spam. ai

Versions (showing 100 of 162)

Hide prereleases
Version Deps Published
3.2.1 3 / 2
3.2.0 3 / 0
3.1.11 11 / 2
3.1.10 11 / 2
3.1.9 11 / 2
3.1.8 11 / 2
3.1.7 11 / 2
3.1.6 11 / 2
3.1.5 11 / 2
3.1.4 11 / 2
3.1.3 11 / 2
3.1.2 11 / 2
3.1.1 11 / 2
3.1.0 11 / 2
3.0.1 11 / 2
3.0.0 11 / 2
3.0.0-nightly-ffb1a9d0d-260323 3 / 0
3.0.0-nightly-ff8f6f319-251118 11 / 2
3.0.0-nightly-fc3ea3e8c-251029 11 / 2
3.0.0-nightly-f8d513f06-251119 11 / 2
3.0.0-nightly-f61e75cea-251124 11 / 2
3.0.0-nightly-f61e75cea-251123 11 / 2
3.0.0-nightly-f3e3157d0-260219 11 / 2
3.0.0-nightly-f3e3157d0-260218 11 / 2
3.0.0-nightly-f1aafc6ce-251105 11 / 2
3.0.0-nightly-efc581c91-260413 3 / 0
3.0.0-nightly-eef731921-260216 11 / 2
3.0.0-nightly-eef731921-260215 11 / 2
3.0.0-nightly-eef731921-260214 11 / 2
3.0.0-nightly-eec6c1a4d-251223 11 / 2
3.0.0-nightly-ee49fdbaf-260306 11 / 2
3.0.0-nightly-ec7736d18-260421 3 / 0
3.0.0-nightly-e3913baaa-260422 3 / 0
3.0.0-nightly-e24140214-260309 11 / 2
3.0.0-nightly-e24140214-260308 11 / 2
3.0.0-nightly-e24140214-260307 11 / 2
3.0.0-nightly-daafdd59d-260224 11 / 2
3.0.0-nightly-daafdd59d-260223 11 / 2
3.0.0-nightly-daafdd59d-260222 11 / 2
3.0.0-nightly-daafdd59d-260221 11 / 2
3.0.0-nightly-d974b93de-260227 11 / 2
3.0.0-nightly-cfb620016-260126 11 / 2
3.0.0-nightly-cfb620016-260125 11 / 2
3.0.0-nightly-cfb620016-260124 11 / 2
3.0.0-nightly-cf7c1541e-251113 11 / 2
3.0.0-nightly-cdbfe4816-260303 11 / 2
3.0.0-nightly-c8d64314e-260208 11 / 2
3.0.0-nightly-c8d64314e-260207 11 / 2
3.0.0-nightly-c80e3d1d6-251212 11 / 2
3.0.0-nightly-c5a3ae829-260331 3 / 0
3.0.0-nightly-c2517d3bb-260115 11 / 2
3.0.0-nightly-beda77877-260414 3 / 0
3.0.0-nightly-b4382b073-260130 11 / 2
3.0.0-nightly-b321d7de8-260122 11 / 2
3.0.0-nightly-b321d7de8-260121 11 / 2
3.0.0-nightly-ac718c6cd-260402 3 / 0
3.0.0-nightly-ab5e6f3db-251110 11 / 2
3.0.0-nightly-ab5e6f3db-251109 11 / 2
3.0.0-nightly-ab5e6f3db-251108 11 / 2
3.0.0-nightly-ab5e6f3db-251107 11 / 2
3.0.0-nightly-a9fccbde0-260302 11 / 2
3.0.0-nightly-a9fccbde0-260301 11 / 2
3.0.0-nightly-a9fccbde0-260228 11 / 2
3.0.0-nightly-a911b98f1-260325 3 / 0
3.0.0-nightly-a911b98f1-260324 3 / 0
3.0.0-nightly-a90e8f141-251218 11 / 2
3.0.0-nightly-a6e720d35-260304 11 / 2
3.0.0-nightly-9e18b4a28-260412 3 / 0
3.0.0-nightly-9e18b4a28-260411 3 / 0
3.0.0-nightly-9da8c73d9-251027 11 / 2
3.0.0-nightly-9da8c73d9-251026 11 / 2
3.0.0-nightly-9da8c73d9-251025 11 / 2
3.0.0-nightly-973473718-260305 11 / 2
3.0.0-nightly-93d39fd65-251117 11 / 2
3.0.0-nightly-93d39fd65-251116 11 / 2
3.0.0-nightly-93d39fd65-251115 11 / 2
3.0.0-nightly-91022f05b-251112 11 / 2
3.0.0-nightly-8e7a57d45-251028 11 / 2
3.0.0-nightly-8d310eb29-260114 11 / 2
3.0.0-nightly-8afa735f8-251106 11 / 2
3.0.0-nightly-8ab651b09-260416 3 / 0
3.0.0-nightly-8ab651b09-260415 3 / 0
3.0.0-nightly-88fc6bd69-260213 11 / 2
3.0.0-nightly-7fa820644-260106 11 / 2
3.0.0-nightly-7cdeb29b8-260210 11 / 2
3.0.0-nightly-7ba11ce33-260324 3 / 0
3.0.0-nightly-796738501-260310 11 / 2
3.0.0-nightly-762974799-260217 11 / 2
3.0.0-nightly-6e9ba6ea2-260209 11 / 2
3.0.0-nightly-6c8fe491b-260127 11 / 2
3.0.0-nightly-6c29f7a30-251214 11 / 2
3.0.0-nightly-6c29f7a30-251213 11 / 2
3.0.0-nightly-6aee49af2-260204 11 / 2
3.0.0-nightly-6ad41a5f5-260123 11 / 2
3.0.0-nightly-6a0d13c57-260322 3 / 2
3.0.0-nightly-69b8ec6ea-251031 11 / 2
3.0.0-nightly-69b8ec6ea-251030 11 / 2
3.0.0-nightly-681c881e4-251103 11 / 2
3.0.0-nightly-681c881e4-251102 11 / 2
3.0.0-nightly-681c881e4-251101 11 / 2
Showing 100 of 162 Next page →

v3.2.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v3.2.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v3.1.11

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v3.1.10

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.1.9

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.1.8

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.1.7

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.1.6

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.1.5

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.1.4

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.1.3

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.1.2

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.1.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.1.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.0.1

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v3.0.0

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.