babel-preset-gatsby — Greenflagged

Gatsby uses the phenomenal project [Babel](https://babeljs.io/) to enable support for writing modern JavaScript — while still supporting older browsers. This package contains the default Babel setup for all Gatsby projects.

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures gitHead linked

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

piehkathmbeckserhalp-netlifymlgualtieri-gatsbyfktylerbarnesdaniellewgatsby

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
provenance	publisher-changed	AI (provenance): Publisher change from pieh to serhalp-netlify reflects Netlify's acquisition of Gatsby. serhalp-netlify has 5587 approved packages and 0 rejected — legitimate corporate transition.	ai	2026/04/24
maintainer-change	maintainer-added	AI (maintainer-change): New maintainers mlgualtieri-gatsby and serhalp-netlify are Netlify/Gatsby org accounts, consistent with the corporate acquisition of Gatsby.	ai	2026/04/24
maintainer-change	maintainer-removed	AI (maintainer-change): Removal of legacy individual maintainers is expected as part of Netlify's consolidation of Gatsby package ownership under org accounts.	ai	2026/04/24
phantom-deps	phantom-dep:babel-plugin-macros	AI (phantom-deps): Babel plugin declared as dependency and referenced by name in preset config; standard Babel preset pattern.	ai	2026/04/23
phantom-deps	phantom-dep:@babel/plugin-transform-spread	AI (phantom-deps): Babel plugin declared as dependency and referenced by name in preset config; standard Babel preset pattern.	ai	2026/04/23
phantom-deps	phantom-dep:@babel/plugin-transform-classes	AI (phantom-deps): Babel plugin declared as dependency and referenced by name in preset config; standard Babel preset pattern.	ai	2026/04/23
phantom-deps	phantom-dep:@babel/plugin-transform-runtime	AI (phantom-deps): Babel plugin declared as dependency and referenced by name in preset config; standard Babel preset pattern.	ai	2026/04/23
phantom-deps	phantom-dep:babel-plugin-dynamic-import-node	AI (phantom-deps): Babel plugin declared as dependency and referenced by name in preset config; standard Babel preset pattern.	ai	2026/04/23
semgrep	semgrep:dynamic-require	AI (semgrep): The dynamic require loads a fixed-path Gatsby cache file (.cache/babelState.json). This is a documented Gatsby internal pattern, not arbitrary or malicious module loading.	ai	2026/04/23
phantom-deps	phantom-dep:@babel/plugin-proposal-class-properties	AI (phantom-deps): Babel plugin declared as dependency and referenced by name in preset config; standard Babel preset pattern.	ai	2026/04/23
phantom-deps	phantom-dep:@babel/plugin-proposal-optional-chaining	AI (phantom-deps): Babel plugin declared as dependency and referenced by name in preset config; standard Babel preset pattern.	ai	2026/04/23
phantom-deps	phantom-dep:babel-plugin-transform-react-remove-prop-types	AI (phantom-deps): Babel plugin declared as dependency and referenced by name in preset config; standard Babel preset pattern.	ai	2026/04/23
phantom-deps	phantom-dep:@babel/plugin-proposal-nullish-coalescing-operator	AI (phantom-deps): Babel plugin declared as dependency and referenced by name in preset config; standard Babel preset pattern.	ai	2026/04/23
bogus-package	bogus-package	AI (bogus-package): Mass-production signal reflects Gatsby monorepo generating many similarly-named packages; this is expected for a large framework, not spam.	ai	2026/04/23
phantom-deps	phantom-dep:@babel/plugin-syntax-dynamic-import	AI (phantom-deps): Babel plugin declared as dependency and referenced by name in preset config; standard Babel preset pattern.	ai	2026/04/23
phantom-deps	phantom-dep:@babel/preset-env	AI (phantom-deps): Babel presets reference plugins by name string in config objects rather than via require(); declaring them as deps without direct import is the standard Babel preset pattern.	ai	2026/04/23
phantom-deps	phantom-dep:gatsby-core-utils	AI (phantom-deps): Referenced in config files as a Babel preset dependency; standard Gatsby monorepo pattern.	ai	2026/04/23

Versions (showing 51 of 174)

Hide prereleases View all versions

Version	Deps	Published
3.16.0	15 / 4	2026-01-26
3.15.0	15 / 4	2025-08-27
3.14.0	15 / 4	2024-11-06
3.13.2	15 / 4	2024-04-10
3.13.1	15 / 4	2024-01-23
3.13.0	15 / 4	2023-12-18
3.12.1	15 / 4	2023-10-26
3.12.0	15 / 4	2023-08-24
3.11.0	15 / 4	2023-06-15
3.10.0	15 / 4	2023-05-16
3.9.0	15 / 4	2023-04-18
3.8.0	15 / 4	2023-03-21
3.7.0	15 / 4	2023-02-21
3.6.0	15 / 4	2023-02-07
3.5.0	15 / 4	2023-01-24
3.4.0	15 / 4	2023-01-10
3.3.1	15 / 4	2022-12-14
3.3.0	15 / 4	2022-12-13
3.2.0	15 / 4	2022-11-25
3.1.0	15 / 4	2022-11-22
3.0.0	15 / 4	2022-11-08
2.25.0	15 / 4	2022-12-07
2.24.0	15 / 4	2022-09-27
2.23.0	15 / 4	2022-09-13
2.22.1	15 / 4	2022-09-08
2.22.0	15 / 4	2022-08-30
2.21.0	15 / 4	2022-08-16
2.20.0	15 / 4	2022-08-02
2.19.0	15 / 4	2022-07-19
2.18.1	15 / 4	2022-07-12
2.18.0	15 / 4	2022-07-05
2.17.0	15 / 4	2022-06-21
2.16.0	15 / 4	2022-06-07
2.15.0	15 / 4	2022-05-24
2.14.0	15 / 4	2022-05-10
2.13.0	15 / 4	2022-04-26
2.12.1	15 / 4	2022-04-12
2.12.0	15 / 4	2022-04-12
2.11.1	15 / 4	2022-03-31
2.11.0	15 / 4	2022-03-29
2.10.1	15 / 4	2022-03-23
2.10.0	15 / 4	2022-03-16
2.9.1	15 / 4	2022-03-09
2.9.0	15 / 4	2022-03-01
2.8.2	15 / 4	2022-03-01
2.8.1	15 / 4	2022-02-25
2.8.0	15 / 4	2022-02-22
2.7.0	15 / 4	2022-02-08
2.6.0	15 / 4	2022-01-25
2.5.2	15 / 4	2022-01-17
2.5.1	15 / 4	2022-01-12