ansi-styles
ANSI escape codes for styling strings in the terminal
28
Versions
MIT
License
No
Install Scripts
Missing
Provenance
Supply chain provenance
Status for the latest visible version.
No SLSA provenance
npm registry signatures
gitHead linked
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
sindresorhus
Keywords
ansistylescolorcolourcolorsterminalconsoleclistringttyescapeformattingrgb256shellxtermlogloggingcommand-linetext
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| publish-pattern | new-deps-added | AI (publish-pattern): @types/color-name is a benign TypeScript type definition package added to support the package's TypeScript declarations; not a malicious dependency injection. | ai | |
| provenance | publisher-changed | AI (provenance): qix (Josh Junon) is a known chalk org maintainer; publisher change from sindresorhus is a legitimate team arrangement. | ai | |
| maintainer-change | maintainer-added | AI (maintainer-change): dthree and qix are established chalk project collaborators; legitimate maintainer additions. | ai | |
| source-diff | source-size-tripled | AI (source-diff): Major version bump (v2→v3) adding RGB/256-color support via color-convert explains the size increase. | ai | |
| dependencies | unvetted-dep:@types/color-name | AI (dependencies): @types/color-name is a well-known DefinitelyTyped package used intentionally by ansi-styles; no security concern. | ai | |
| provenance | no-provenance | AI (provenance): Package predates Sigstore provenance on npm; absence is expected for this era and not a risk signal for this well-established package. | ai | |
| phantom-deps | phantom-dep:@types/color-name | AI (phantom-deps): @types/color-name is intentionally used as a runtime dep in ansi-styles for TypeScript type definitions; the phantom-dep finding is a stable false positive for this package. | ai |
Versions (showing 28 of 28)
| Version | Deps | Published |
|---|---|---|
| 6.2.3 | 0 / 4 | |
| 6.2.1 | 0 / 4 | |
| 6.2.0 | 0 / 4 | |
| 6.1.1 | 0 / 4 | |
| 6.1.0 | 0 / 4 | |
| 6.0.0 | 0 / 4 | |
| 5.2.0 | 0 / 4 | |
| 5.1.0 | 0 / 4 | |
| 5.0.0 | 0 / 5 | |
| 4.3.0 | 1 / 5 | |
| 4.2.1 | 2 / 5 | |
| 4.2.0 | 2 / 5 | |
| 4.1.0 | 1 / 3 | |
| 4.0.0 | 1 / 3 | |
| 3.2.1 | 1 / 4 | |
| 3.2.0 | 1 / 3 | |
| 3.1.0 | 1 / 3 | |
| 3.0.0 | 1 / 2 | |
| 2.2.1 | 0 / 1 | |
| 2.1.0 | 0 / 1 | |
| 2.0.1 | 0 / 1 | |
| 2.0.0 | 0 / 1 | |
| 1.1.0 | 0 / 1 | |
| 1.0.0 | 0 / 1 | |
| 0.2.0 | 0 / 1 | |
| 0.1.2 | 0 / 1 | |
| 0.1.1 | 0 / 1 | |
| 0.1.0 | 0 / 1 |