← Home

react-is

npm Repository Homepage

Brand checking of React Elements.

100
Versions
MIT
License
No
Install Scripts
Missing
Provenance

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures No source commit

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

fbreact-bot

Keywords

react

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
provenance publisher-changed AI (provenance): Publisher change from acdlite to lunaruan reflects a legitimate React core team transition at Facebook in 2019; lunaruan is a well-established trusted publisher. ai
maintainer-change maintainer-added AI (maintainer-change): lunaruan is a known React core team member; this maintainer addition is a legitimate internal Facebook team transition, not a compromise. ai
provenance no-provenance AI (provenance): This version was published in 2019, predating Sigstore provenance attestation tooling. Absence of provenance is expected for this era of releases. ai

Versions (showing 100 of 397)

Hide prereleases
Version Deps Published
19.2.5 0 / 0
19.2.3 0 / 0
19.2.2 0 / 0
19.2.0 0 / 0
19.1.6 0 / 0
19.1.5 0 / 0
19.1.2 0 / 0
19.1.1 0 / 0
19.1.0 0 / 0
19.0.4 0 / 0
19.0.2 0 / 0
19.0.0 0 / 0
18.3.1 0 / 0
18.3.0 0 / 0
18.2.0 0 / 0
18.1.0 0 / 0
18.0.0 0 / 0
17.0.2 0 / 0
17.0.1 0 / 0
17.0.0 0 / 0
16.13.1 0 / 0
16.13.0 0 / 0
16.12.0 0 / 0
16.11.0 0 / 0
16.10.2 0 / 0
16.10.1 0 / 0
16.10.0 0 / 0
16.9.0 0 / 0
16.8.6 0 / 0
16.8.5 0 / 0
16.8.4 0 / 0
16.8.3 0 / 0
16.8.2 0 / 0
16.8.1 0 / 0
16.8.0 0 / 0
16.7.0 0 / 0
16.6.3 0 / 0
16.6.2 0 / 0
16.6.1 0 / 0
16.6.0 0 / 0
16.5.2 0 / 0
16.5.1 0 / 0
16.5.0 0 / 0
16.4.2 0 / 0
16.4.1 0 / 0
16.4.0 0 / 0
16.3.2 0 / 0
16.3.1 0 / 0
16.3.0 0 / 0
1.0.0 0 / 0
19.3.0-canary-fef12a01-20260413 0 / 0
19.3.0-canary-fd524fe0-20251121 0 / 0
19.3.0-canary-fb2177c1-20251114 0 / 0
19.3.0-canary-fa50caf5-20251107 0 / 0
19.3.0-canary-f93b9fd4-20251217 0 / 0
19.3.0-canary-f6a48828-20251019 0 / 0
19.3.0-canary-f646e8ff-20251104 0 / 0
19.3.0-canary-ed69815c-20260323 0 / 0
19.3.0-canary-ed4bd540-20260202 0 / 0
19.3.0-canary-ec9cc003-20251208 0 / 0
19.3.0-canary-eb89912e-20251118 0 / 0
19.3.0-canary-ead92181-20251010 0 / 0
19.3.0-canary-e8c63626-20260213 0 / 0
19.3.0-canary-e33071c6-20260224 0 / 0
19.3.0-canary-e0cc7202-20260227 0 / 0
19.3.0-canary-dd048c3b-20251105 0 / 0
19.3.0-canary-da9325b5-20260417 0 / 0
19.3.0-canary-da641178-20260129 0 / 0
19.3.0-canary-d763f313-20251210 0 / 0
19.3.0-canary-d7215b49-20251013 0 / 0
19.3.0-canary-d6cae440-20260106 0 / 0
19.3.0-canary-d2908752-20260119 0 / 0
19.3.0-canary-c9ddee7e-20251031 0 / 0
19.3.0-canary-c80a0750-20260312 0 / 0
19.3.0-canary-c7862584-20251006 0 / 0
19.3.0-canary-c137dd6f-20260204 0 / 0
19.3.0-canary-c0d218f0-20260324 0 / 0
19.3.0-canary-c0060cf2-20260224 0 / 0
19.3.0-canary-bef88f7c-20260116 0 / 0
19.3.0-canary-bcf97c75-20251215 0 / 0
19.3.0-canary-bb8a76c6-20260115 0 / 0
19.3.0-canary-bb533877-20260205 0 / 0
19.3.0-canary-b546603b-20260121 0 / 0
19.3.0-canary-b45bb335-20251211 0 / 0
19.3.0-canary-b4546cd0-20260318 0 / 0
19.3.0-canary-b4455a6e-20251027 0 / 0
19.3.0-canary-b1533b03-20260203 0 / 0
19.3.0-canary-b07aa7d6-20260209 0 / 0
19.3.0-canary-b061b597-20251212 0 / 0
19.3.0-canary-ab18f33d-20260220 0 / 0
19.3.0-canary-a757cb76-20251002 0 / 0
19.3.0-canary-a4eb2dfa-20251006 0 / 0
19.3.0-canary-98ce535f-20260226 0 / 0
19.3.0-canary-9724e3e6-20251008 0 / 0
19.3.0-canary-9627b5a1-20260327 0 / 0
19.3.0-canary-95ffd6cd-20260205 0 / 0
19.3.0-canary-94643c3b-20260421 0 / 0
19.3.0-canary-93fc5740-20251113 0 / 0
19.3.0-canary-93f85932-20251016 0 / 0
19.3.0-canary-8c34556c-20260126 0 / 0
Showing 100 of 397 Next page →

v19.3.0-canary-fef12a01-20260413

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-fd524fe0-20251121

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-fb2177c1-20251114

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-fa50caf5-20251107

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-f93b9fd4-20251217

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-f6a48828-20251019

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v19.3.0-canary-f646e8ff-20251104

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-ed69815c-20260323

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-ed4bd540-20260202

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-ec9cc003-20251208

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-eb89912e-20251118

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-ead92181-20251010

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v19.3.0-canary-e8c63626-20260213

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-e33071c6-20260224

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-e0cc7202-20260227

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-dd048c3b-20251105

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-da9325b5-20260417

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-da641178-20260129

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-d763f313-20251210

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-d7215b49-20251013

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v19.3.0-canary-d6cae440-20260106

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-d2908752-20260119

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-c9ddee7e-20251031

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-c80a0750-20260312

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-c7862584-20251006

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v19.3.0-canary-c137dd6f-20260204

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-c0d218f0-20260324

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-c0060cf2-20260224

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-bef88f7c-20260116

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-bcf97c75-20251215

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-bb8a76c6-20260115

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-bb533877-20260205

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-b546603b-20260121

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-b45bb335-20251211

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-b4546cd0-20260318

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-b4455a6e-20251027

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-b1533b03-20260203

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-b07aa7d6-20260209

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-b061b597-20251212

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-ab18f33d-20260220

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-a757cb76-20251002

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v19.3.0-canary-a4eb2dfa-20251006

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v19.3.0-canary-98ce535f-20260226

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-9724e3e6-20251008

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v19.3.0-canary-9627b5a1-20260327

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-95ffd6cd-20260205

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-94643c3b-20260421

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-93fc5740-20251113

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v19.3.0-canary-93f85932-20251016

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v19.3.0-canary-8c34556c-20260126

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.