gatsby-interface — Greenflagged

Component library for Gatsby projects

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures gitHead linked

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

smcgaritykathmbecknodebotanistj0sh77mcolelittletyhoppkgarbayamarvinjudehkkylemathewsdschaupiehwardpeettylerbarnesfksmthomaslekoartsdmccrawabhiaiyerjulienprachelbahldaniellewgatsbymlgualtieri-gatsbygatsby_integrationsgreglobinski

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
provenance	publisher-changed	AI (provenance): Publisher change from elanhant to greglobinski occurred in 2021 as part of a legitimate Gatsby team transition; new maintainer list includes known Gatsby core team members. Stable for this package.	ai	2026/04/24
maintainer-change	maintainer-removed	AI (maintainer-change): Removed maintainers are former Gatsby team members; consistent with org team changes, not a hostile takeover.	ai	2026/04/24
bogus-package	bogus-package	AI (bogus-package): pieh's mass package ownership reflects Gatsby's plugin ecosystem. No repo link is a minor gap for a well-known 2500+ day old package with 800+ versions.	ai	2026/04/24
maintainer-change	maintainer-added	AI (maintainer-change): Gatsby org team rotation; new maintainers are known Gatsby contributors. Normal for a long-lived org-owned package.	ai	2026/04/24
phantom-deps	phantom-dep:@loadable/component	AI (phantom-deps): Component library pattern; @loadable/component is a legitimate dependency for re-export or consumer configuration.	ai	2026/04/24
phantom-deps	phantom-dep:gatsby-design-tokens	AI (phantom-deps): Component library pattern; gatsby-design-tokens is a legitimate dependency for re-export or consumer configuration.	ai	2026/04/24
phantom-deps	phantom-dep:@types/lodash.sample	AI (phantom-deps): @types/lodash.sample is a legitimate dev dependency declared in package.json for TypeScript support; not a phantom dependency.	ai	2026/04/24
phantom-deps	phantom-dep:case	AI (phantom-deps): case is a legitimate dependency declared in package.json and used by the component library; not a phantom dependency.	ai	2026/04/24
phantom-deps	phantom-dep:theme-ui	AI (phantom-deps): theme-ui is a legitimate dependency declared in package.json and used by the component library; not a phantom dependency.	ai	2026/04/24
phantom-deps	phantom-dep:@reach/alert	AI (phantom-deps): @reach/alert is a legitimate dependency declared in package.json and used by the component library; not a phantom dependency.	ai	2026/04/24
phantom-deps	phantom-dep:@mdx-js/react	AI (phantom-deps): @mdx-js/react is a legitimate dependency declared in package.json and used by the component library; not a phantom dependency.	ai	2026/04/24
phantom-deps	phantom-dep:lodash.sample	AI (phantom-deps): lodash.sample is a legitimate dependency declared in package.json and used by the component library; not a phantom dependency.	ai	2026/04/24

Versions (showing 100 of 290)

Version	Deps	Published
0.0.295	17 / 102	2022-11-18
0.0.294	17 / 102	2022-09-07
0.0.293	17 / 102	2022-08-03
0.0.292	17 / 102	2022-08-03
0.0.291	17 / 102	2022-06-24
0.0.290	17 / 102	2022-06-14
0.0.289	17 / 102	2022-06-10
0.0.287	17 / 102	2022-06-01
0.0.286	17 / 102	2022-05-17
0.0.285	17 / 102	2022-03-25
0.0.284	17 / 102	2022-03-25
0.0.283	17 / 102	2022-03-24
0.0.282	17 / 102	2022-03-24
0.0.281	17 / 102	2022-03-23
0.0.280	17 / 102	2022-03-23
0.0.279	17 / 102	2022-03-23
0.0.278	17 / 102	2022-02-16
0.0.277	17 / 102	2022-01-28
0.0.276	17 / 102	2022-01-18
0.0.275	17 / 102	2022-01-14
0.0.274	17 / 102	2022-01-12
0.0.273	17 / 102	2021-12-09
0.0.272	17 / 102	2021-12-09
0.0.271	17 / 102	2021-12-08
0.0.270	17 / 102	2021-07-28
0.0.269	17 / 102	2021-06-16
0.0.267	17 / 102	2021-06-08
0.0.266	17 / 102	2021-06-08
0.0.265	17 / 102	2021-06-02
0.0.264	17 / 102	2021-05-28
0.0.263	17 / 102	2021-05-27
0.0.262	17 / 102	2021-05-27
0.0.261	17 / 102	2021-05-27
0.0.260	17 / 102	2021-05-26
0.0.259	17 / 102	2021-05-26
0.0.258	17 / 102	2021-05-26
0.0.257	17 / 102	2021-05-26
0.0.256	17 / 102	2021-04-30
0.0.255	17 / 102	2021-04-12
0.0.254	17 / 102	2021-04-05
0.0.253	17 / 102	2021-03-21
0.0.252	17 / 102	2021-03-19
0.0.251	17 / 102	2021-03-19
0.0.250	17 / 102	2021-02-17
0.0.249	17 / 102	2021-02-16
0.0.248	17 / 102	2021-02-11
0.0.247	17 / 102	2021-02-11
0.0.246	17 / 102	2021-02-02
0.0.245	17 / 102	2021-01-29
0.0.244	17 / 102	2021-01-24
0.0.243	17 / 102	2021-01-21
0.0.242	17 / 102	2020-12-16
0.0.241	17 / 102	2020-12-14
0.0.240	17 / 102	2020-12-11
0.0.239	17 / 102	2020-12-11
0.0.238	17 / 102	2020-12-08
0.0.237	17 / 102	2020-12-08
0.0.236	17 / 102	2020-12-08
0.0.235	17 / 100	2020-12-04
0.0.234	15 / 117	2020-12-01
0.0.233	15 / 117	2020-11-23
0.0.232	15 / 117	2020-11-23
0.0.231	15 / 114	2020-11-06
0.0.230	15 / 114	2020-10-30
0.0.229	15 / 114	2020-10-30
0.0.228	15 / 114	2020-10-29
0.0.227	15 / 114	2020-10-29
0.0.226	15 / 114	2020-10-29
0.0.225	15 / 114	2020-10-23
0.0.224	15 / 112	2020-10-22
0.0.223	15 / 112	2020-10-21
0.0.222	15 / 112	2020-10-19
0.0.221	15 / 112	2020-10-19
0.0.220	15 / 112	2020-10-18
0.0.219	15 / 112	2020-10-16
0.0.218	15 / 112	2020-10-16
0.0.217	15 / 112	2020-10-14
0.0.216	15 / 112	2020-10-13
0.0.215	15 / 112	2020-10-08
0.0.214	15 / 112	2020-10-08
0.0.213	15 / 112	2020-10-06
0.0.212	15 / 112	2020-10-06
0.0.211	15 / 112	2020-10-06
0.0.210	15 / 112	2020-10-05
0.0.209	15 / 112	2020-10-05
0.0.208	15 / 110	2020-10-05
0.0.207	15 / 110	2020-10-05
0.0.206	15 / 110	2020-10-02
0.0.205	15 / 110	2020-10-02
0.0.204	15 / 110	2020-09-30
0.0.203	15 / 110	2020-09-30
0.0.202	15 / 110	2020-09-28
0.0.201	15 / 110	2020-09-25
0.0.200	15 / 110	2020-09-23
0.0.199	15 / 110	2020-09-16
0.0.198	14 / 110	2020-09-04
0.0.197	14 / 110	2020-09-04
0.0.196	14 / 110	2020-09-02
0.0.195	14 / 110	2020-09-02
0.0.194	14 / 110	2020-09-01

Showing 100 of 290 Next page →