react-player No license 9 versions

react-player

npm Repository Homepage

9

Versions

—

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

cookpete

Keywords

reactmediaplayervideoaudioyoutubevimeowistiahlsdashreact-component

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
phantom-deps	phantom-dep:dash-video-element	AI (phantom-deps): Referenced in config/lazy-load context; not a missing import issue for this package.	ai	2026/04/28
phantom-deps	phantom-dep:wistia-video-element	AI (phantom-deps): Referenced in config/lazy-load context; not a missing import issue for this package.	ai	2026/04/28
phantom-deps	phantom-dep:@mux/mux-player-react	AI (phantom-deps): Referenced in config/lazy-load context; not a missing import issue for this package.	ai	2026/04/28
phantom-deps	phantom-dep:cloudflare-video-element	AI (phantom-deps): Referenced in config/lazy-load context; not a missing import issue for this package.	ai	2026/04/28

Versions (showing 9 of 9)

Version	Deps	Published
3.4.0	10 / 21	2025-11-13
3.3.3	10 / 21	2025-09-19
3.3.2	10 / 21	2025-08-25
3.3.1	10 / 21	2025-07-16
3.3.0	11 / 21	2025-07-16
3.2.1	10 / 21	2025-07-15
3.2.0	10 / 21	2025-07-11
3.1.0	8 / 21	2025-07-02
3.0.0	8 / 21	2025-06-27

v3.4.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.3.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.3.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.3.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.3.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.2.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.2.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.1.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.