eslint-plugin-react-dom
ESLint React's ESLint plugin for DOM related rules.
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| dependencies | unvetted-dep:@eslint-react/eff | AI (dependencies): @eslint-react/eff is a first-party sibling package in the same eslint-react monorepo, always published at the same version. Not a third-party unknown dependency. | ai | |
| phantom-deps | phantom-dep:string-ts | AI (phantom-deps): Bundled ESM package; string-ts is a declared runtime dep that may be inlined in dist output rather than directly imported in source. Common pattern for compiled monorepo packages. | ai | |
| phantom-deps | phantom-dep:ts-pattern | AI (phantom-deps): Bundled ESM package; ts-pattern is a declared runtime dep that may be inlined in dist output rather than directly imported in source. Common pattern for compiled monorepo packages. | ai | |
| phantom-deps | phantom-dep:@eslint-react/eff | AI (phantom-deps): First-party sibling package in the same monorepo; phantom-dep detection is a false positive for bundled monorepo packages where deps may be inlined. | ai | |
| phantom-deps | phantom-dep:@eslint-react/ast | AI (phantom-deps): Monorepo sibling dep used indirectly via config/type references; phantom pattern is expected for this ESLint plugin architecture. | ai | |
| phantom-deps | phantom-dep:@eslint-react/var | AI (phantom-deps): Monorepo sibling dep used indirectly via config/type references; phantom pattern is expected for this ESLint plugin architecture. | ai | |
| dependencies | unvetted-dep:@eslint-react/ast | AI (dependencies): First-party sibling package from the same eslint-react monorepo, pinned to matching version. Not a third-party risk. | ai | |
| phantom-deps | phantom-dep:@typescript-eslint/scope-manager | AI (phantom-deps): Well-known typescript-eslint package; phantom status reflects indirect usage in ESLint plugin config, not a security concern. | ai | |
| phantom-deps | phantom-dep:@eslint-react/core | AI (phantom-deps): Monorepo sibling dep used indirectly via config/type references; phantom pattern is expected for this ESLint plugin architecture. | ai | |
| dependencies | unvetted-dep:@eslint-react/jsx | AI (dependencies): First-party sibling package from the same eslint-react monorepo, pinned to matching version. Not a third-party risk. | ai | |
| dependencies | unvetted-dep:@eslint-react/var | AI (dependencies): First-party sibling package from the same eslint-react monorepo, pinned to matching version. Not a third-party risk. | ai | |
| dependencies | unvetted-dep:@eslint-react/core | AI (dependencies): First-party sibling package from the same eslint-react monorepo, pinned to matching version. Not a third-party risk. | ai |
Versions (showing 52 of 52)
| Version | Deps | Published |
|---|---|---|
| 5.8.8 | 7 / 8 | |
| 5.8.7 | 7 / 8 | |
| 5.8.6 | 7 / 8 | |
| 5.8.5 | 7 / 8 | |
| 5.8.4 | 7 / 8 | |
| 5.8.3 | 7 / 8 | |
| 5.8.2 | 7 / 8 | |
| 5.8.1 | 7 / 8 | |
| 5.8.0 | 7 / 8 | |
| 5.7.10 | 7 / 8 | |
| 5.7.9 | 7 / 8 | |
| 5.7.8 | 7 / 8 | |
| 5.7.7 | 7 / 8 | |
| 5.7.6 | 7 / 8 | |
| 5.7.5 | 7 / 8 | |
| 5.7.4 | 7 / 8 | |
| 5.7.3 | 7 / 8 | |
| 5.7.2 | 7 / 8 | |
| 5.7.1 | 7 / 8 | |
| 5.7.0 | 7 / 8 | |
| 5.6.6 | 7 / 8 | |
| 5.6.4 | 7 / 8 | |
| 5.6.2 | 7 / 8 | |
| 5.6.0 | 7 / 8 | |
| 4.2.3 | 10 / 6 | |
| 4.2.1 | 10 / 6 | |
| 3.0.0 | 9 / 6 | |
| 2.13.0 | 10 / 4 | |
| 2.12.4 | 10 / 4 | |
| 2.12.2 | 10 / 4 | |
| 2.12.1 | 10 / 4 | |
| 2.12.0 | 10 / 4 | |
| 2.11.2 | 10 / 4 | |
| 2.11.1 | 10 / 4 | |
| 2.11.0 | 10 / 4 | |
| 2.10.1 | 10 / 4 | |
| 2.10.0 | 10 / 4 | |
| 2.9.4 | 10 / 4 | |
| 2.9.3 | 10 / 4 | |
| 2.9.2 | 10 / 4 | |
| 2.9.1 | 10 / 4 | |
| 2.9.0 | 10 / 4 | |
| 2.8.4 | 10 / 4 | |
| 2.8.3 | 10 / 4 | |
| 2.8.1 | 11 / 4 | |
| 2.8.0 | 11 / 4 | |
| 2.7.4 | 11 / 4 | |
| 2.6.1 | 11 / 4 | |
| 2.5.4 | 11 / 4 | |
| 2.3.10 | 11 / 4 | |
| 2.3.5 | 11 / 4 | |
| 2.3.0 | 11 / 4 |
v5.8.8
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.8.7
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.8.6
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.8.5
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.8.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.8.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.8.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.8.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.8.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.7.10
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.7.9
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.7.8
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.7.7
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.7.6
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.7.5
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.7.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.7.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.7.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.7.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.7.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.6.6
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.6.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.6.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v5.6.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.2.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.2.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.13.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.12.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.12.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.12.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.12.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.11.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.11.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.11.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.10.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.10.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.9.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.9.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.9.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.9.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.9.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.8.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.8.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.8.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.8.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.7.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.6.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.5.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.3.10
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.3.5
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.3.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.