gatsby-source-filesystem

Gatsby source plugin for building websites from local data. Markdown, JSON, images, YAML, CSV, and dozens of other data types supported.

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures gitHead linked

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

piehkathmbeckserhalp-netlifymlgualtieri-gatsbyfktylerbarnesdaniellewgatsby

Keywords

gatsbygatsby-plugin

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
provenance	publisher-changed	AI (provenance): Publisher change reflects Netlify's acquisition of Gatsby; serhalp-netlify is a verified Netlify employee with 5570 approved packages. This transition is organizational, not a takeover.	ai	2026/04/23
maintainer-change	maintainer-added	AI (maintainer-change): New maintainers mlgualtieri-gatsby and serhalp-netlify are Netlify employees taking over Gatsby maintenance post-acquisition. Legitimate organizational transition.	ai	2026/04/23
maintainer-change	maintainer-removed	AI (maintainer-change): Removal of original Gatsby founders (kylemathews, dschau) is consistent with Netlify acquisition transition. Not indicative of malicious takeover.	ai	2026/04/23
phantom-deps	phantom-dep:mime	AI (phantom-deps): Declared runtime dependency; phantom detection likely due to compiled Babel output being distributed rather than source files.	ai	2026/04/23
phantom-deps	phantom-dep:xstate	AI (phantom-deps): Declared runtime dependency; phantom detection likely due to compiled Babel output being distributed rather than source files.	ai	2026/04/23
phantom-deps	phantom-dep:chokidar	AI (phantom-deps): Declared runtime dependency; phantom detection likely due to compiled Babel output being distributed rather than source files.	ai	2026/04/23
phantom-deps	phantom-dep:fs-extra	AI (phantom-deps): Declared runtime dependency; phantom detection likely due to compiled Babel output being distributed rather than source files.	ai	2026/04/23
phantom-deps	phantom-dep:file-type	AI (phantom-deps): Declared runtime dependency; phantom detection likely due to compiled Babel output being distributed rather than source files.	ai	2026/04/23
phantom-deps	phantom-dep:valid-url	AI (phantom-deps): Declared runtime dependency; phantom detection likely due to compiled Babel output being distributed rather than source files.	ai	2026/04/23
phantom-deps	phantom-dep:pretty-bytes	AI (phantom-deps): Declared runtime dependency; phantom detection likely due to compiled Babel output being distributed rather than source files.	ai	2026/04/23
phantom-deps	phantom-dep:@babel/runtime	AI (phantom-deps): Framework-scoped Babel runtime dependency; standard for Gatsby packages compiled with babel-preset-gatsby-package.	ai	2026/04/23
phantom-deps	phantom-dep:gatsby-core-utils	AI (phantom-deps): Declared runtime dependency; phantom detection likely due to compiled Babel output being distributed rather than source files.	ai	2026/04/23

Versions (showing 100 of 284)

Hide prereleases

Version	Deps	Published
5.16.0	9 / 4	2026-01-26
5.15.0	9 / 4	2025-08-27
5.14.0	9 / 4	2024-11-06
5.13.1	9 / 4	2024-01-23
5.13.0	9 / 4	2023-12-18
5.12.1	9 / 4	2023-10-26
5.12.0	9 / 4	2023-08-24
5.11.0	9 / 4	2023-06-15
5.10.0	9 / 4	2023-05-16
5.9.0	9 / 4	2023-04-18
5.8.0	9 / 4	2023-03-21
5.7.0	9 / 4	2023-02-21
5.6.0	9 / 4	2023-02-07
5.5.0	9 / 4	2023-01-24
5.4.0	10 / 4	2023-01-10
5.3.1	10 / 4	2022-12-14
5.3.0	10 / 4	2022-12-13
5.2.0	10 / 4	2022-11-25
5.1.0	10 / 4	2022-11-22
5.0.0	10 / 4	2022-11-08
4.25.0	10 / 4	2022-12-07
4.24.0	10 / 4	2022-09-27
4.23.0	10 / 4	2022-09-13
4.22.0	10 / 4	2022-08-30
4.21.1	11 / 4	2022-08-18
4.21.0	11 / 4	2022-08-16
4.20.0	12 / 4	2022-08-02
4.19.0	12 / 4	2022-07-19
4.18.1	12 / 4	2022-07-12
4.18.0	12 / 4	2022-07-05
4.17.0	12 / 4	2022-06-21
4.16.0	12 / 4	2022-06-07
4.15.0	12 / 4	2022-05-24
4.14.0	12 / 4	2022-05-10
4.13.0	12 / 4	2022-04-26
4.12.1	12 / 4	2022-04-12
4.12.0	12 / 4	2022-04-12
4.11.1	12 / 4	2022-03-31
4.11.0	12 / 4	2022-03-29
4.10.1	12 / 4	2022-03-23
4.10.0	12 / 4	2022-03-16
4.9.1	12 / 4	2022-03-09
4.9.0	12 / 4	2022-03-01
4.8.2	12 / 4	2022-03-01
4.8.1	12 / 4	2022-02-25
4.7.0	12 / 4	2022-02-08
4.6.0	13 / 4	2022-01-25
4.5.2	13 / 4	2022-01-17
4.5.0	13 / 4	2022-01-11
4.4.0	13 / 4	2021-12-14
4.2.0	13 / 4	2021-11-16
4.1.2	13 / 4	2021-11-11
4.1.1	13 / 4	2021-11-10
4.0.0	13 / 4	2021-10-21
3.15.0	13 / 4	2022-12-07
3.14.0	13 / 4	2021-09-17
3.13.0	13 / 5	2021-08-31
3.12.0	13 / 5	2021-08-18
3.11.0	13 / 5	2021-08-04
3.10.0	13 / 5	2021-07-20
3.9.0	13 / 5	2021-07-06
3.8.0	13 / 5	2021-06-22
3.7.1	13 / 5	2021-06-10
3.7.0	13 / 5	2021-06-08
3.6.0	13 / 5	2021-05-25
3.5.0	13 / 5	2021-05-11
3.4.0	13 / 5	2021-04-27
3.3.0	13 / 5	2021-04-13
3.2.0	13 / 5	2021-03-30
3.1.0	13 / 5	2021-03-16
3.0.0	13 / 5	2021-03-02
2.11.1	13 / 5	2021-02-24
2.11.0	13 / 5	2021-02-02
2.10.0	13 / 5	2021-01-19
2.9.1	13 / 5	2021-01-16
2.9.0	13 / 4	2021-01-05
2.8.1	13 / 4	2020-12-23
2.8.0	13 / 4	2020-12-15
2.7.0	13 / 4	2020-12-02
2.6.1	13 / 4	2020-11-23
2.6.0	13 / 4	2020-11-19
2.5.0	14 / 4	2020-11-12
2.4.2	14 / 4	2020-11-06
2.4.1	14 / 4	2020-11-04
2.4.0	14 / 4	2020-11-02
2.3.37	14 / 4	2020-10-27
2.3.36	14 / 4	2020-10-26
2.3.35	14 / 4	2020-10-16
2.3.34	14 / 4	2020-10-08
2.3.33	15 / 4	2020-10-06
2.3.32	15 / 4	2020-10-01
2.3.31	15 / 4	2020-09-28
2.3.30	15 / 4	2020-09-15
2.3.29	15 / 4	2020-09-09
2.3.28	15 / 4	2020-09-07
2.3.27	15 / 4	2020-08-28
2.3.26	15 / 4	2020-08-26
2.3.25	15 / 4	2020-08-24
2.3.24	15 / 4	2020-08-05
2.3.23	15 / 4	2020-07-24

Showing 100 of 284 Next page →