gatsby-interface — Greenflagged

Component library for Gatsby projects

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures gitHead linked

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

smcgaritykathmbecknodebotanistj0sh77mcolelittletyhoppkgarbayamarvinjudehkkylemathewsdschaupiehwardpeettylerbarnesfksmthomaslekoartsdmccrawabhiaiyerjulienprachelbahldaniellewgatsbymlgualtieri-gatsbygatsby_integrationsgreglobinski

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
provenance	publisher-changed	AI (provenance): Publisher change from elanhant to greglobinski occurred in 2021 as part of a legitimate Gatsby team transition; new maintainer list includes known Gatsby core team members. Stable for this package.	ai	2026/04/24
maintainer-change	maintainer-removed	AI (maintainer-change): Removed maintainers are former Gatsby team members; consistent with org team changes, not a hostile takeover.	ai	2026/04/24
bogus-package	bogus-package	AI (bogus-package): pieh's mass package ownership reflects Gatsby's plugin ecosystem. No repo link is a minor gap for a well-known 2500+ day old package with 800+ versions.	ai	2026/04/24
maintainer-change	maintainer-added	AI (maintainer-change): Gatsby org team rotation; new maintainers are known Gatsby contributors. Normal for a long-lived org-owned package.	ai	2026/04/24
phantom-deps	phantom-dep:@loadable/component	AI (phantom-deps): Component library pattern; @loadable/component is a legitimate dependency for re-export or consumer configuration.	ai	2026/04/24
phantom-deps	phantom-dep:gatsby-design-tokens	AI (phantom-deps): Component library pattern; gatsby-design-tokens is a legitimate dependency for re-export or consumer configuration.	ai	2026/04/24
phantom-deps	phantom-dep:@types/lodash.sample	AI (phantom-deps): @types/lodash.sample is a legitimate dev dependency declared in package.json for TypeScript support; not a phantom dependency.	ai	2026/04/24
phantom-deps	phantom-dep:case	AI (phantom-deps): case is a legitimate dependency declared in package.json and used by the component library; not a phantom dependency.	ai	2026/04/24
phantom-deps	phantom-dep:theme-ui	AI (phantom-deps): theme-ui is a legitimate dependency declared in package.json and used by the component library; not a phantom dependency.	ai	2026/04/24
phantom-deps	phantom-dep:@reach/alert	AI (phantom-deps): @reach/alert is a legitimate dependency declared in package.json and used by the component library; not a phantom dependency.	ai	2026/04/24
phantom-deps	phantom-dep:@mdx-js/react	AI (phantom-deps): @mdx-js/react is a legitimate dependency declared in package.json and used by the component library; not a phantom dependency.	ai	2026/04/24
phantom-deps	phantom-dep:lodash.sample	AI (phantom-deps): lodash.sample is a legitimate dependency declared in package.json and used by the component library; not a phantom dependency.	ai	2026/04/24

Versions (showing 90 of 290)

Version	Deps	Published
0.0.93	13 / 115	2020-03-11
0.0.92	13 / 115	2020-03-10
0.0.91	13 / 115	2020-03-09
0.0.90	13 / 115	2020-03-09
0.0.89	13 / 115	2020-03-05
0.0.88	12 / 115	2020-03-05
0.0.87	11 / 115	2020-03-03
0.0.86	11 / 115	2020-03-03
0.0.85	11 / 115	2020-03-03
0.0.84	11 / 115	2020-03-02
0.0.83	11 / 115	2020-03-02
0.0.82	11 / 115	2020-02-28
0.0.81	11 / 115	2020-02-28
0.0.80	11 / 115	2020-02-27
0.0.79	11 / 115	2020-02-26
0.0.78	11 / 115	2020-02-25
0.0.77	11 / 113	2020-02-25
0.0.76	11 / 111	2020-02-24
0.0.75	11 / 111	2020-02-24
0.0.74	11 / 111	2020-02-17
0.0.73	11 / 111	2020-02-07
0.0.72	11 / 111	2020-02-07
0.0.71	11 / 111	2020-01-31
0.0.70	11 / 111	2020-01-31
0.0.69	10 / 109	2020-01-30
0.0.68	10 / 109	2020-01-29
0.0.67	10 / 109	2020-01-09
0.0.66	10 / 109	2020-01-09
0.0.65	10 / 110	2020-01-07
0.0.64	8 / 109	2020-01-03
0.0.63	8 / 109	2020-01-02
0.0.62	8 / 109	2019-12-20
0.0.61	7 / 108	2019-12-19
0.0.60	7 / 108	2019-12-17
0.0.59	7 / 108	2019-12-12
0.0.58	7 / 108	2019-12-02
0.0.57	7 / 108	2019-11-27
0.0.56	7 / 108	2019-11-27
0.0.55	7 / 107	2019-11-21
0.0.54	7 / 107	2019-11-21
0.0.53	7 / 103	2019-11-13
0.0.52	7 / 104	2019-11-07
0.0.51	6 / 104	2019-11-07
0.0.50	4 / 104	2019-10-25
0.0.49	4 / 104	2019-10-25
0.0.48	4 / 104	2019-10-24
0.0.47	4 / 104	2019-10-23
0.0.46	4 / 104	2019-10-15
0.0.45	4 / 94	2019-10-11
0.0.43	3 / 93	2019-10-11
0.0.42	3 / 93	2019-09-19
0.0.41	3 / 87	2019-09-05
0.0.40	3 / 87	2019-09-05
0.0.39	3 / 84	2019-09-04
0.0.38	3 / 84	2019-09-04
0.0.37	3 / 84	2019-08-30
0.0.36	3 / 84	2019-08-28
0.0.35	3 / 84	2019-08-28
0.0.34	3 / 84	2019-08-28
0.0.33	2 / 84	2019-08-28
0.0.32	2 / 84	2019-08-28
0.0.31	2 / 84	2019-08-28
0.0.30	1 / 84	2019-08-23
0.0.29	0 / 57	2019-08-09
0.0.28	0 / 57	2019-07-29
0.0.27	0 / 57	2019-07-29
0.0.26	0 / 57	2019-07-23
0.0.25	0 / 57	2019-07-20
0.0.24	0 / 57	2019-07-20
0.0.23	0 / 57	2019-07-20
0.0.22	0 / 57	2019-07-19
0.0.21	0 / 57	2019-07-19
0.0.20	0 / 57	2019-07-16
0.0.19	0 / 57	2019-07-15
0.0.18	0 / 56	2019-07-15
0.0.17	0 / 56	2019-07-15
0.0.16	0 / 56	2019-07-10
0.0.15	0 / 55	2019-07-02
0.0.14	0 / 55	2019-07-02
0.0.12	0 / 55	2019-07-02
0.0.11	0 / 55	2019-06-27
0.0.10	0 / 55	2019-06-24
0.0.9	0 / 54	2019-06-24
0.0.8	0 / 54	2019-06-24
0.0.7	0 / 54	2019-06-06
0.0.6	0 / 54	2019-06-06
0.0.5	0 / 54	2019-06-06
0.0.4	0 / 54	2019-06-06
0.0.3	0 / 54	2019-06-06
0.0.2	0 / 54	2019-06-05