@textlint/markdown-to-ast

Parse Markdown to AST with location info.

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

azutextlint-user

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
provenance	publisher-changed	AI (provenance): Package migrated to GitHub Actions publishing with SLSA provenance attestation; this is a legitimate CI/CD transition for the textlint monorepo. Stable for future versions.	ai	2026/04/23

Versions (showing 100 of 100)

Version	Deps	Published
15.7.1	10 / 7	2026-05-18
15.7.0	10 / 7	2026-05-14
15.6.1	10 / 7	2026-05-11
15.6.0	10 / 7	2026-04-26
15.5.4	10 / 7	2026-04-09
15.5.2	10 / 8	2026-02-21
15.5.1	10 / 8	2026-01-19
15.5.0	10 / 8	2025-12-07
15.4.1	10 / 8	2025-12-03
15.4.0	10 / 8	2025-11-17
15.3.0	10 / 8	2025-11-10
15.2.3	10 / 8	2025-10-11
15.2.2	10 / 8	2025-08-20
15.2.1	10 / 8	2025-07-24
15.2.0	10 / 8	2025-07-06
15.1.1	10 / 8	2025-07-03
15.1.0	10 / 8	2025-06-29
15.0.1	10 / 8	2025-06-23
15.0.0	10 / 8	2025-06-22
14.8.4	10 / 8	2025-06-15
14.8.3	10 / 8	2025-06-15
14.8.1	9 / 8	2025-06-14
14.8.0	9 / 8	2025-06-09
14.7.2	9 / 8	2025-05-20
14.7.1	9 / 8	2025-05-03
14.7.0	9 / 8	2025-05-03
14.6.0	9 / 8	2025-04-01
14.5.0	9 / 8	2025-03-12
14.4.2	9 / 8	2025-01-01
14.4.1	9 / 8	2025-01-01
14.4.0	9 / 8	2024-12-01
14.3.0	9 / 8	2024-10-24
14.2.1	9 / 8	2024-10-05
14.2.0	9 / 8	2024-08-18
14.1.0	9 / 8	2024-08-18
14.0.5	9 / 8	2024-08-07
14.0.4	9 / 9	2024-03-12
14.0.3	9 / 9	2024-02-17
14.0.2	9 / 9	2024-02-11
14.0.1	9 / 9	2024-02-04
14.0.0	9 / 9	2024-02-03
13.4.1	9 / 9	2023-11-25
13.4.0	9 / 9	2023-11-08
13.3.3	9 / 10	2023-06-30
13.3.2	9 / 10	2023-03-25
13.3.1	9 / 11	2023-02-26
13.3.0	9 / 11	2023-02-12
13.2.0	9 / 11	2023-02-07
13.1.4	9 / 11	2023-02-05
13.1.3	9 / 11	2023-02-02
13.1.2	9 / 11	2023-02-02
13.1.1	9 / 11	2023-02-01
13.1.0	9 / 13	2023-01-31
13.0.5	9 / 13	2023-01-29
13.0.4	9 / 13	2023-01-28
13.0.3	9 / 13	2023-01-28
13.0.2	9 / 13	2023-01-28
13.0.1	9 / 13	2023-01-28
13.0.0	9 / 13	2023-01-27
12.6.1	9 / 13	2023-01-25
12.6.0	9 / 13	2023-01-21
12.5.2	9 / 13	2023-01-21
12.5.0	9 / 13	2023-01-04
12.3.0	9 / 13	2022-12-29
12.2.3	9 / 13	2022-11-10
12.2.2	9 / 13	2022-09-20
12.2.1	8 / 13	2022-06-25
12.2.0	8 / 13	2022-06-25
12.1.1	8 / 13	2022-02-23
12.1.0	8 / 13	2021-12-02
12.0.2	8 / 13	2021-07-09
12.0.0	8 / 13	2021-05-24
6.3.5	7 / 14	2021-05-08
6.3.4	7 / 14	2021-03-21
6.3.3	7 / 14	2021-03-19
6.3.2	7 / 14	2021-02-06
6.3.1	7 / 14	2021-01-22
6.3.0	7 / 14	2021-01-22
6.2.6	7 / 14	2020-12-22
6.2.5	7 / 14	2020-07-24
6.2.4	7 / 14	2020-07-24
6.2.3	7 / 14	2020-07-24
6.2.2	7 / 14	2020-07-24
6.2.1	7 / 14	2020-07-24
6.2.0	7 / 14	2020-07-24
6.1.7	7 / 12	2020-02-07
6.1.6	7 / 12	2019-10-14
6.1.5	7 / 12	2019-07-20
6.1.4	7 / 12	2019-07-13
6.1.3	7 / 12	2019-04-30
6.1.2	7 / 12	2019-01-03
6.1.1	7 / 12	2019-01-03
6.1.0	7 / 13	2019-01-01
6.0.9	7 / 13	2018-07-22
6.0.8	7 / 13	2018-04-02
6.0.7	5 / 13	2018-04-02
6.0.6	5 / 13	2018-03-25
6.0.5	5 / 13	2018-01-27
6.0.4	5 / 13	2018-01-18
6.0.3	5 / 13	2018-01-12

v15.7.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v15.7.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v15.6.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v15.6.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v15.5.4

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v15.5.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v15.5.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v15.5.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v15.4.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v15.4.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v15.3.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v15.2.3

2 findings

HIGH Publisher changed: textlint-user → GitHub Actions (on 2025-10-11) provenance

This version was published by a different npm account than previous versions on 2025-10-11. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.