@sanity/vision
Sanity plugin for running/debugging GROQ-queries against Sanity datasets
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| maintainer-change | maintainer-removed | AI (maintainer-change): Sanity org consolidates publishing under sanity-svc.npm service account; mass maintainer removal is expected org hygiene, not a takeover. | ai | |
| phantom-deps | phantom-dep:react-fast-compare | AI (phantom-deps): Config-file reference in established package; stable pattern. | ai | |
| phantom-deps | phantom-dep:@juggle/resize-observer | AI (phantom-deps): Config-file reference in established package; stable pattern. | ai | |
| dependencies | unvetted-dep:@sanity/uuid | AI (dependencies): First-party Sanity scoped package; stable. | ai | |
| dependencies | unvetted-dep:is-hotkey-esm | AI (dependencies): ESM port of well-known is-hotkey; benign UI utility. | ai | |
| dependencies | unvetted-dep:@rexxars/react-split-pane | AI (dependencies): Maintained fork by known Sanity contributor; stable UI component. | ai | |
| dependencies | unvetted-dep:@rexxars/react-json-inspector | AI (dependencies): Maintained fork by known Sanity contributor; stable UI component. | ai | |
| dependencies | unvetted-dep:@sanity/lezer-groq | AI (dependencies): First-party Sanity GROQ language parser; stable. | ai | |
| dependencies | unvetted-dep:react-rx | AI (dependencies): Known reactive utility used across Sanity ecosystem; stable dependency. | ai | |
| dependencies | unvetted-dep:json-2-csv | AI (dependencies): Legitimate CSV conversion library; no security concerns for this use case. | ai | |
| phantom-deps | phantom-dep:@codemirror/state | AI (phantom-deps): @codemirror/state is a direct runtime dependency listed in package.json; phantom-dep is a false positive here. | ai |
Versions (showing 36 of 36)
| Version | Deps | Published |
|---|---|---|
| 5.28.0 | 23 / 26 | |
| 5.27.0 | 23 / 26 | |
| 5.26.0 | 23 / 26 | |
| 5.25.0 | 23 / 26 | |
| 5.23.0 | 23 / 26 | |
| 5.22.0 | 23 / 24 | |
| 5.19.0 | 22 / 24 | |
| 5.18.0 | 22 / 24 | |
| 5.17.0 | 22 / 24 | |
| 5.16.0 | 22 / 24 | |
| 5.15.0 | 22 / 24 | |
| 5.14.0 | 22 / 24 | |
| 5.12.0 | 23 / 24 | |
| 5.11.0 | 24 / 23 | |
| 5.8.1 | 24 / 23 | |
| 5.8.0 | 24 / 23 | |
| 5.7.0 | 24 / 22 | |
| 5.6.0 | 24 / 22 | |
| 5.5.0 | 24 / 22 | |
| 5.4.0 | 24 / 22 | |
| 5.3.1 | 24 / 22 | |
| 5.3.0 | 24 / 22 | |
| 5.0.1 | 24 / 22 | |
| 5.0.0 | 25 / 22 | |
| 4.22.0 | 26 / 22 | |
| 4.21.1 | 26 / 22 | |
| 4.21.0 | 26 / 22 | |
| 4.20.3 | 26 / 22 | |
| 4.20.2 | 26 / 22 | |
| 4.20.1 | 26 / 22 | |
| 4.20.0 | 26 / 22 | |
| 4.18.0 | 26 / 21 | |
| 4.17.0 | 26 / 21 | |
| 4.16.0 | 26 / 21 | |
| 4.15.0 | 26 / 21 | |
| 4.14.1 | 26 / 21 |
v5.28.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.27.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.26.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.25.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.23.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.22.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.19.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.18.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.17.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.16.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.15.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.14.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.12.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.11.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.8.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.8.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.7.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.6.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.5.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.4.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.3.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.3.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.0.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.0.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.22.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.21.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.21.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.20.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.20.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.20.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.20.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.18.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.17.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.16.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.15.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.14.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.