mobx-react — Greenflagged

React bindings for MobX. Create fully reactive components.

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

fredycmweststrateeshenbrenerandykog

Keywords

mobxmobservablereact-componentreactreactjsreactive

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
provenance	publisher-changed	AI (provenance): Legitimate migration to GitHub Actions CI/CD publishing with SLSA provenance attestation.	ai	2026/05/28
publish-pattern	dormant-publish	AI (publish-pattern): Mature package with infrequent releases; dormancy is normal for stable libraries.	ai	2026/05/28

Versions (showing 100 of 118)

Version	Deps	Published
9.2.2	1 / 3	2026-05-25
9.2.1	1 / 3	2025-09-26
9.2.0	1 / 3	2024-12-11
9.1.1	1 / 3	2024-03-28
9.1.0	1 / 3	2023-11-11
9.0.2	1 / 3	2023-11-06
9.0.1	1 / 3	2023-08-29
9.0.0	1 / 3	2023-07-12
8.0.0	1 / 3	2023-03-25
7.6.0	1 / 2	2022-11-14
7.5.3	1 / 2	2022-09-07
7.5.2	1 / 2	2022-07-07
7.5.1	1 / 2	2022-06-27
7.5.0	1 / 2	2022-05-23
7.4.0	1 / 2	2022-05-06
7.3.0	1 / 2	2022-02-17
7.2.1	1 / 2	2021-10-11
7.2.0	1 / 2	2021-05-18
7.1.0	1 / 2	2021-01-27
7.0.6	1 / 2	2021-01-23
7.0.5	1 / 2	2020-11-12
7.0.4	1 / 2	2020-11-07
7.0.3	1 / 2	2020-11-07
7.0.2	1 / 2	2020-11-06
7.0.1	1 / 2	2020-11-06
7.0.0	1 / 42	2020-09-30
6.3.1	1 / 42	2020-09-30
6.3.0	1 / 42	2020-08-27
6.2.5	1 / 42	2020-07-28
6.2.4	1 / 42	2020-07-28
6.2.3	1 / 42	2020-07-26
6.2.2	1 / 42	2020-04-08
6.2.1	1 / 42	2020-04-07
6.2.0	1 / 42	2020-04-06
6.1.8	1 / 42	2020-02-13
6.1.7	1 / 42	2020-02-06
6.1.6	1 / 42	2020-02-06
6.1.5	1 / 37	2020-01-13
6.1.4	1 / 37	2019-10-14
6.1.3	1 / 38	2019-08-09
6.1.2	1 / 38	2019-08-08
6.1.1	1 / 29	2019-06-19
6.1.0	1 / 30	2019-06-19
6.0.4	1 / 30	2019-06-18
6.0.3	1 / 28	2019-06-04
6.0.2	1 / 28	2019-05-30
6.0.1	1 / 28	2019-05-30
6.0.0	1 / 28	2019-05-29
5.4.4	2 / 40	2019-05-16
5.4.3	2 / 40	2018-12-12
5.4.2	2 / 40	2018-11-20
5.4.1	3 / 40	2018-11-20
5.4.0	3 / 40	2018-11-19
5.3.6	2 / 40	2018-10-26
5.3.5	2 / 40	2018-10-23
5.3.4	2 / 40	2018-10-19
5.3.3	2 / 40	2018-10-19
5.3.2	2 / 40	2018-10-18
5.3.1	2 / 39	2018-10-16
5.2.8	2 / 42	2018-09-10
5.2.7	2 / 42	2018-09-10
5.2.6	2 / 42	2018-09-04
5.2.5	2 / 42	2018-08-10
5.2.4	2 / 42	2018-08-10
5.2.3	2 / 42	2018-06-11
5.2.2	2 / 42	2018-06-08
5.2.1	2 / 42	2018-06-08
5.2.0	2 / 42	2018-06-04
5.1.2	2 / 42	2018-05-01
5.1.1	2 / 42	2018-05-01
5.1.0	2 / 42	2018-05-01
5.0.0	1 / 41	2018-03-12
4.4.3	1 / 41	2018-03-07
4.4.2	1 / 41	2018-02-15
4.4.1	1 / 41	2018-02-05
4.4.0	1 / 41	2018-02-05
4.3.5	1 / 38	2017-11-23
4.3.4	1 / 38	2017-11-02
4.3.3	1 / 37	2017-09-28
4.3.2	1 / 30	2017-09-19
4.3.1	1 / 30	2017-09-19
4.2.2	1 / 29	2017-06-30
4.2.1	1 / 30	2017-05-29
4.1.8	1 / 20	2017-04-12
4.1.7	1 / 20	2017-04-10
4.1.6	1 / 21	2017-04-10
4.1.5	1 / 21	2017-03-30
4.1.4	1 / 21	2017-03-30
4.1.3	1 / 21	2017-03-10
4.1.2	1 / 21	2017-03-06
4.1.1	1 / 21	2017-03-01
4.1.0	1 / 21	2017-01-07
4.0.4	1 / 21	2016-12-22
4.0.3	1 / 21	2016-11-24
4.0.2	1 / 21	2016-11-23
4.0.1	1 / 21	2016-11-22
4.0.0	1 / 21	2016-11-21
3.5.9	1 / 18	2016-11-07
3.5.8	1 / 17	2016-10-05
3.5.7	1 / 17	2016-10-03

Showing 100 of 118 Next page →

v9.2.2

2 findings

HIGH Publisher changed: mweststrate → GitHub Actions (on 2026-05-25) provenance

This version was published by a different npm account than previous versions on 2026-05-25. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.