@tscircuit/runframe
[tscircuit](https://github.com/tscircuit/tscircuit) ⋅ [View Examples](https://runframe.vercel.app)
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| phantom-deps | phantom-dep:@tscircuit/footprinter | AI (phantom-deps): Same-org dep referenced in config; stable pattern. | ai | |
| phantom-deps | phantom-dep:@radix-ui/react-progress | AI (phantom-deps): Config-referenced external; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:cssnano | AI (phantom-deps): CSS build tool referenced in config; not a runtime import. | ai | |
| phantom-deps | phantom-dep:jscad-fiber | AI (phantom-deps): Referenced in config/externals; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:circuit-to-svg | AI (phantom-deps): Config reference; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:comlink | AI (phantom-deps): Build/config reference, not a missing runtime import; stable pattern for this package. | ai | |
| phantom-deps | phantom-dep:schematic-symbols | AI (phantom-deps): Config reference; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:tailwindcss-animate | AI (phantom-deps): Tailwind plugin referenced in config; stable false positive. | ai | |
| phantom-deps | phantom-dep:@tscircuit/file-server | AI (phantom-deps): Same-org dep; config reference pattern, stable false positive. | ai | |
| source-diff | encoded-string-file:dist/standalone-preview.min.js | AI (source-diff): Long strings in this minified bundle are CSS animations and schematic rendering logic from the Vite build process — not obfuscated payloads. Stable false positive for this circuit visualization package. | ai | |
| source-diff | encoded-string-file:dist/standalone.min.js | AI (source-diff): Long strings in this minified bundle are CSS animations and schematic rendering logic from the Vite build process — not obfuscated payloads. Stable false positive for this circuit visualization package. | ai | |
| provenance | no-provenance | AI (provenance): Established package with 1863 versions and 17k weekly downloads; lack of provenance is consistent across all prior versions and is not a security concern here. | ai |
Versions (showing 100 of 1605)
| Version | Deps | Published |
|---|---|---|
| 0.0.1971 | 2 / 80 | |
| 0.0.1970 | 2 / 80 | |
| 0.0.1969 | 2 / 80 | |
| 0.0.1968 | 2 / 80 | |
| 0.0.1967 | 2 / 80 | |
| 0.0.1966 | 2 / 80 | |
| 0.0.1965 | 2 / 80 | |
| 0.0.1964 | 2 / 80 | |
| 0.0.1963 | 2 / 80 | |
| 0.0.1962 | 2 / 80 | |
| 0.0.1961 | 2 / 80 | |
| 0.0.1960 | 2 / 80 | |
| 0.0.1959 | 2 / 80 | |
| 0.0.1958 | 2 / 80 | |
| 0.0.1957 | 2 / 80 | |
| 0.0.1956 | 2 / 80 | |
| 0.0.1955 | 2 / 80 | |
| 0.0.1954 | 2 / 80 | |
| 0.0.1953 | 2 / 80 | |
| 0.0.1952 | 2 / 80 | |
| 0.0.1951 | 2 / 80 | |
| 0.0.1950 | 2 / 80 | |
| 0.0.1949 | 2 / 80 | |
| 0.0.1948 | 2 / 80 | |
| 0.0.1947 | 2 / 80 | |
| 0.0.1946 | 2 / 80 | |
| 0.0.1945 | 2 / 80 | |
| 0.0.1944 | 2 / 80 | |
| 0.0.1943 | 2 / 80 | |
| 0.0.1942 | 2 / 80 | |
| 0.0.1941 | 2 / 80 | |
| 0.0.1940 | 2 / 80 | |
| 0.0.1939 | 2 / 80 | |
| 0.0.1938 | 2 / 80 | |
| 0.0.1937 | 2 / 80 | |
| 0.0.1936 | 2 / 80 | |
| 0.0.1935 | 2 / 80 | |
| 0.0.1934 | 2 / 80 | |
| 0.0.1933 | 2 / 80 | |
| 0.0.1932 | 2 / 80 | |
| 0.0.1931 | 2 / 80 | |
| 0.0.1930 | 2 / 80 | |
| 0.0.1929 | 2 / 80 | |
| 0.0.1928 | 2 / 80 | |
| 0.0.1927 | 2 / 80 | |
| 0.0.1926 | 2 / 80 | |
| 0.0.1925 | 2 / 80 | |
| 0.0.1924 | 2 / 80 | |
| 0.0.1923 | 2 / 80 | |
| 0.0.1922 | 2 / 80 | |
| 0.0.1921 | 2 / 80 | |
| 0.0.1920 | 2 / 80 | |
| 0.0.1919 | 2 / 80 | |
| 0.0.1918 | 2 / 80 | |
| 0.0.1917 | 2 / 80 | |
| 0.0.1916 | 2 / 80 | |
| 0.0.1915 | 2 / 80 | |
| 0.0.1914 | 2 / 80 | |
| 0.0.1913 | 2 / 80 | |
| 0.0.1912 | 2 / 80 | |
| 0.0.1911 | 2 / 80 | |
| 0.0.1910 | 2 / 80 | |
| 0.0.1909 | 2 / 80 | |
| 0.0.1908 | 2 / 80 | |
| 0.0.1907 | 2 / 80 | |
| 0.0.1906 | 2 / 80 | |
| 0.0.1905 | 2 / 80 | |
| 0.0.1904 | 2 / 80 | |
| 0.0.1903 | 2 / 80 | |
| 0.0.1902 | 2 / 80 | |
| 0.0.1901 | 2 / 80 | |
| 0.0.1900 | 2 / 80 | |
| 0.0.1899 | 2 / 80 | |
| 0.0.1898 | 2 / 80 | |
| 0.0.1897 | 2 / 80 | |
| 0.0.1896 | 2 / 80 | |
| 0.0.1895 | 2 / 80 | |
| 0.0.1894 | 2 / 80 | |
| 0.0.1893 | 2 / 80 | |
| 0.0.1892 | 2 / 80 | |
| 0.0.1891 | 2 / 80 | |
| 0.0.1890 | 2 / 80 | |
| 0.0.1889 | 2 / 80 | |
| 0.0.1888 | 2 / 80 | |
| 0.0.1887 | 2 / 80 | |
| 0.0.1886 | 2 / 80 | |
| 0.0.1885 | 2 / 80 | |
| 0.0.1884 | 2 / 80 | |
| 0.0.1883 | 2 / 80 | |
| 0.0.1882 | 2 / 80 | |
| 0.0.1881 | 2 / 80 | |
| 0.0.1880 | 2 / 80 | |
| 0.0.1879 | 2 / 80 | |
| 0.0.1878 | 2 / 80 | |
| 0.0.1877 | 2 / 80 | |
| 0.0.1876 | 2 / 80 | |
| 0.0.1875 | 2 / 80 | |
| 0.0.1874 | 2 / 80 | |
| 0.0.1873 | 2 / 80 | |
| 0.0.1872 | 2 / 80 |
v0.0.1971
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1970
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1969
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1968
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1967
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1966
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1965
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1964
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1963
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1962
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1961
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1960
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1959
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1958
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1957
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1956
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1955
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1954
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1953
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1952
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1951
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1950
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1949
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1948
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1947
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1946
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1945
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1944
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1943
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1942
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1941
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1940
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1939
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1938
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1937
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1936
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1935
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1934
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1933
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1932
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1931
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1930
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1929
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1928
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1927
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1926
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1925
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1924
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1923
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1922
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1921
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1920
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1919
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1918
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1917
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1916
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1915
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1914
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1913
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1912
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1911
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1910
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1909
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1908
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1907
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1906
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1905
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1904
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1903
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1902
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1901
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1900
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1899
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1898
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1896
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1895
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1893
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1892
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1890
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1889
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1888
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1887
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1886
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1885
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1884
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1883
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1881
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1880
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1879
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1878
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1877
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1876
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1875
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1874
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.1873
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.1872
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.