@sanity/visual-editing-csm No license 10 versions

@sanity/visual-editing-csm

npm Repository Homepage

10

Versions

—

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

sanity-svc.npmsanity-io

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
maintainer-change	maintainer-added	AI (maintainer-change): Sanity org package published via CI with SLSA provenance; maintainer rotation is expected for an org of this size.	ai	2026/05/20
maintainer-change	maintainer-removed	AI (maintainer-change): Same rationale — org-level maintainer rotation, not indicative of takeover given SLSA attestation.	ai	2026/05/20
bogus-package	bogus-package	AI (bogus-package): Internal Sanity sub-package; sparse README and no keywords are expected for a scoped utility library.	ai	2026/05/20

Versions (showing 10 of 10)

Version	Deps	Published
3.0.9	2 / 8	2026-05-28
3.0.8	2 / 8	2026-05-06
3.0.7	2 / 8	2026-04-14
3.0.6	2 / 8	2026-03-19
3.0.5	2 / 8	2026-02-03
3.0.4	2 / 8	2025-12-31
3.0.3	2 / 8	2025-12-17
3.0.2	2 / 7	2025-12-17
3.0.1	2 / 7	2025-12-16
3.0.0	2 / 7	2025-12-16

v3.0.9

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.8

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.7

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.6

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.5

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.4

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.