rollup-plugin-typescript2
Seamless integration between Rollup and TypeScript. Now with errors.
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| install-scripts | install-script:postinstall | AI (install-scripts): `typings install` was the standard TS type-definition installer in the TS 2.x era; benign and expected for this package's vintage. | ai | |
| phantom-deps | phantom-dep:tslib | AI (phantom-deps): tslib is a standard TypeScript runtime helper used implicitly via compiled output; phantom-dep finding is a stable false positive for this TypeScript plugin. | ai | |
| phantom-deps | phantom-dep:find-cache-dir | AI (phantom-deps): find-cache-dir is referenced in config files as documented; phantom-dep finding is a stable false positive for this package. | ai | |
| provenance | no-provenance | AI (provenance): Package predates Sigstore provenance; long-standing publisher with 78 approved versions and clean history. No provenance is expected for this package. | ai |
Versions (showing 51 of 78)
| Version | Deps | Published |
|---|---|---|
| 0.37.0 | 5 / 25 | |
| 0.36.0 | 5 / 25 | |
| 0.35.0 | 5 / 23 | |
| 0.34.1 | 5 / 23 | |
| 0.34.0 | 4 / 24 | |
| 0.33.0 | 4 / 24 | |
| 0.32.1 | 5 / 24 | |
| 0.32.0 | 5 / 24 | |
| 0.31.2 | 6 / 22 | |
| 0.31.1 | 6 / 22 | |
| 0.31.0 | 6 / 22 | |
| 0.30.0 | 5 / 23 | |
| 0.29.0 | 5 / 23 | |
| 0.28.0 | 5 / 23 | |
| 0.27.3 | 5 / 23 | |
| 0.27.2 | 5 / 23 | |
| 0.27.1 | 5 / 23 | |
| 0.27.0 | 5 / 23 | |
| 0.26.0 | 5 / 23 | |
| 0.25.3 | 5 / 23 | |
| 0.25.2 | 5 / 23 | |
| 0.24.3 | 5 / 23 | |
| 0.24.2 | 5 / 23 | |
| 0.24.1 | 5 / 23 | |
| 0.24.0 | 5 / 23 | |
| 0.23.0 | 4 / 22 | |
| 0.22.1 | 4 / 22 | |
| 0.22.0 | 4 / 22 | |
| 0.21.2 | 4 / 22 | |
| 0.21.1 | 4 / 22 | |
| 0.21.0 | 4 / 22 | |
| 0.20.1 | 4 / 22 | |
| 0.20.0 | 4 / 22 | |
| 0.19.3 | 4 / 22 | |
| 0.19.2 | 4 / 22 | |
| 0.19.1 | 4 / 22 | |
| 0.19.0 | 4 / 22 | |
| 0.18.1 | 4 / 22 | |
| 0.18.0 | 4 / 22 | |
| 0.17.2 | 4 / 22 | |
| 0.17.1 | 4 / 22 | |
| 0.17.0 | 4 / 20 | |
| 0.16.1 | 4 / 20 | |
| 0.16.0 | 4 / 20 | |
| 0.15.1 | 4 / 20 | |
| 0.15.0 | 4 / 20 | |
| 0.14.0 | 4 / 20 | |
| 0.13.0 | 4 / 20 | |
| 0.12.0 | 4 / 20 | |
| 0.11.1 | 4 / 20 | |
| 0.11.0 | 4 / 20 |
v0.37.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.36.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.35.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.34.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.34.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.33.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.32.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.32.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.31.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.31.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.31.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.30.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.29.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.28.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.27.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.27.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.27.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.27.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.26.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.25.3
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.25.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.24.3
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.24.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.24.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.24.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.23.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.22.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.22.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.21.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.21.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.21.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.20.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.20.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.19.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.19.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.19.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.19.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.18.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.18.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.17.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.17.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.17.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.16.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.16.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.15.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.15.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.14.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.13.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.12.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.11.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.11.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.