eslint-config-egg — Greenflagged

Node.js Style Guide for EggJS

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

gxkleggjs-adminfengmk2atian25dead_horsewanghxhyj1991killagucoolme200mansonchor.zzwhubcarlgemwuuakitasummerpopomore

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
phantom-deps	phantom-dep:eslint-plugin-node	AI (phantom-deps): ESLint config packages reference plugins in config files, not via require/import. This is the standard pattern; not a real phantom dep.	ai	2026/04/23
phantom-deps	phantom-dep:eslint-plugin-jsdoc	AI (phantom-deps): ESLint config packages reference plugins in config files, not via require/import. This is the standard pattern; not a real phantom dep.	ai	2026/04/23
phantom-deps	phantom-dep:eslint-plugin-import	AI (phantom-deps): ESLint config packages reference plugins in config files, not via require/import. This is the standard pattern; not a real phantom dep.	ai	2026/04/23
phantom-deps	phantom-dep:eslint-plugin-eggache	AI (phantom-deps): ESLint config packages reference plugins in config files, not via require/import. This is the standard pattern; not a real phantom dep.	ai	2026/04/23
phantom-deps	phantom-dep:@typescript-eslint/parser	AI (phantom-deps): ESLint config packages reference plugins in config files, not via require/import. This is the standard pattern; not a real phantom dep.	ai	2026/04/23
phantom-deps	phantom-dep:@typescript-eslint/eslint-plugin	AI (phantom-deps): ESLint config packages reference plugins in config files, not via require/import. This is the standard pattern; not a real phantom dep.	ai	2026/04/23
bogus-package	bogus-package	AI (bogus-package): Legitimate long-running EggJS ecosystem package published by trusted maintainer fengmk2. Original author popomore flag does not taint this package.	ai	2026/04/23

Versions (showing 48 of 48)

Version	Deps	Published
14.1.0	6 / 4	2025-01-21
14.0.0	6 / 4	2024-06-29
13.1.0	10 / 6	2023-12-18
13.0.0	10 / 6	2023-09-17
12.3.1	10 / 6	2023-09-17
12.3.0	10 / 6	2023-09-16
12.2.1	10 / 6	2023-03-25
12.2.0	10 / 6	2023-03-24
12.1.0	10 / 8	2022-09-29
12.0.0	10 / 8	2022-06-04
11.1.0	10 / 8	2022-05-07
11.0.1	10 / 8	2022-02-21
11.0.0	10 / 8	2022-02-15
10.0.0	10 / 8	2021-11-24
9.0.0	9 / 7	2020-11-11
8.1.2	8 / 7	2020-09-01
8.1.1	8 / 7	2020-08-31
8.1.0	8 / 7	2020-08-28
8.0.1	8 / 7	2020-01-20
8.0.0	8 / 7	2019-12-03
7.5.1	8 / 7	2019-08-27
7.5.0	8 / 7	2019-08-23
7.4.1	6 / 6	2019-05-06
7.4.0	6 / 6	2019-05-06
7.3.1	6 / 6	2019-03-27
7.3.0	6 / 6	2019-03-26
7.2.0	5 / 5	2019-03-11
7.1.0	5 / 5	2018-08-25
7.0.0	5 / 5	2018-02-24
6.0.0	4 / 5	2017-12-26
5.1.1	4 / 5	2017-09-04
5.1.0	4 / 5	2017-08-25
5.0.0	4 / 5	2017-06-28
4.2.1	4 / 5	2017-06-12
4.2.0	4 / 5	2017-05-24
4.1.0	4 / 5	2017-05-09
4.0.0	0 / 10	2017-05-05
3.2.0	0 / 4	2016-11-04
3.1.0	0 / 3	2016-07-13
3.0.3	0 / 3	2016-07-12
3.0.2	0 / 2	2016-07-11
3.0.1	0 / 2	2016-07-08
3.0.0	0 / 2	2016-07-08
2.0.0	0 / 3	2016-03-04
1.0.3	0 / 3	2016-01-11
1.0.2	0 / 3	2015-12-18
1.0.1	0 / 3	2015-11-13
1.0.0	0 / 3	2015-11-13

v14.1.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v14.0.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v13.1.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v13.0.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v0.2). This is the strongest supply chain integrity signal.