← Home

@sanity/logos

npm Repository Homepage
3
Versions
License
No
Install Scripts
Verified
Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

kmelvebjoergerexxarsskogsmaskintoninamattcraigjoneidejohnsenrubiozrobinpyonmariuslundgardsanity-ioevenwradhe_sanityrbottendanielsgrovesjudofyrryanblockobliadpdcilkemadkenfredcarlsenhermanwtambetsgulsethatombendersimeonsanitystipsansnorreebrankersrdunkmichael-sanityvincentquigleyritasdiaskenjonespizzajosh_sanity_iocngonzalez-sanityjjburbridgetdfka_ricksvirsryanbonial-sanityindrek.karnerashsergeisarvirorefiitodrewsanitykaspar.lippmaa.sanitydamsimen.svaletbesedadaniel.malmerjordanl17colepetersarmandocernajoan_miralles_paezchristianhgpedro-sanityjwoods-sanityricokahlertiit.kass.saitybinoy14pauloborgesfaushachrislarocquesanityrostimelkmattlewine.sanitymsfragalaadoprogtonysanitymrmrsbetsongeorgedoescodemacdonsteoinsanitydashedstripesjmswrnrsnocorp_sanitymmgjfilmajsamhemgu-stavpatricksanitymads.mogenshojsanitytomsanity-cbmm-sanitysanitykevvictor.ayoguryanbethel_sanitybrianlerouxjohnsicilip10ekrlundadrainhiss-sanityjonahsnidermwritter

Keywords

sanityuilogos

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
typosquat typosquat.levenshtein:log4js AI (typosquat): Scoped @sanity/logos package is unrelated to log4js; Levenshtein match is a false positive for this established Sanity.io package. ai

Versions (showing 3 of 3)

Version Deps Published
2.2.2 1 / 23
2.2.1 0 / 24
2.2.0 0 / 47

v2.2.2

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.2.1

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.2.0

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.