mdast-squeeze-paragraphs

mdast utility to remove empty paragraphs from a tree

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures gitHead linked

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

wooormkmck

Keywords

unistmdastmdast-utilutilutilitysqueezeremoveemptyparagraphwhitespacetreetransformtransformationclean

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
publish-pattern	new-deps-added	AI (publish-pattern): @types/mdast is a well-known type definitions package in the unified ecosystem; swapping @types/unist for @types/mdast is a benign, expected refinement for this mdast-specific utility.	ai	2026/04/24
dependencies	unvetted-dep:@types/mdast	AI (dependencies): @types/mdast is a standard DefinitelyTyped type package used throughout the unified/mdast ecosystem; stable false positive for this package.	ai	2026/04/23
phantom-deps	phantom-dep:@types/mdast	AI (phantom-deps): @types/mdast is a type-only dependency loaded by convention in TypeScript ESM packages; not a real phantom dependency concern.	ai	2026/04/23
bogus-package	bogus-package	AI (bogus-package): The kmck signal is misattributed; publisher is wooorm. Empty index.js is a standard thin ESM re-export pattern in the unified ecosystem.	ai	2026/04/23

Versions (showing 17 of 17)

Version	Deps	Published
6.0.0	2 / 9	2023-07-08
5.2.1	2 / 11	2023-01-25
5.2.0	2 / 12	2021-08-03
5.1.0	2 / 11	2021-07-30
5.0.0	2 / 11	2021-04-23
4.0.0	1 / 7	2020-02-22
3.0.5	1 / 7	2019-05-24
3.0.4	1 / 7	2018-12-05
3.0.3	1 / 7	2018-08-20
3.0.2	1 / 2	2017-06-13
3.0.1	1 / 2	2016-01-23
3.0.0	0 / 1	2016-01-04
2.1.1	0 / 3	2015-07-22
2.1.0	0 / 3	2015-07-22
2.0.0	0 / 3	2015-07-15
1.1.0	0 / 3	2015-08-12
1.0.0	0 / 2	2015-07-14