vitepress-plugin-llms No license 22 versions

vitepress-plugin-llms

npm Repository Homepage

22

Versions

—

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

okinea

Keywords

aidocumentationllmspluginvite-pluginvitepressvitepress-plugin

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
phantom-deps	phantom-dep:unist-util-remove	AI (phantom-deps): Listed in dependencies; bundled into dist by bunup build tool.	ai	2026/05/14
phantom-deps	phantom-dep:markdown-title	AI (phantom-deps): Listed in dependencies; bundled into dist by bunup build tool.	ai	2026/05/14
phantom-deps	phantom-dep:remark-frontmatter	AI (phantom-deps): Listed in dependencies; bundled into dist by bunup build tool.	ai	2026/05/14
phantom-deps	phantom-dep:remark	AI (phantom-deps): Listed in dependencies; bundled into dist by bunup build tool.	ai	2026/05/14
phantom-deps	phantom-dep:tokenx	AI (phantom-deps): Listed in dependencies; bundled into dist by bunup build tool.	ai	2026/05/14
phantom-deps	phantom-dep:millify	AI (phantom-deps): Listed in dependencies; bundled into dist by bunup build tool.	ai	2026/05/14
phantom-deps	phantom-dep:byte-size	AI (phantom-deps): Listed in dependencies; bundled into dist by bunup build tool.	ai	2026/05/14
phantom-deps	phantom-dep:minimatch	AI (phantom-deps): Listed in dependencies; bundled into dist by bunup build tool.	ai	2026/05/14
phantom-deps	phantom-dep:picocolors	AI (phantom-deps): Listed in dependencies; bundled into dist by bunup build tool.	ai	2026/05/14
provenance	publisher-changed	AI (provenance): Transition from personal account to GitHub Actions CI/CD with SLSA provenance; consistent with legitimate automation adoption.	ai	2026/05/14
publish-pattern	new-deps-added	AI (publish-pattern): markdown-it and pretty-bytes are established packages; addition is benign for this VitePress plugin.	ai	2026/05/14
npm-metadata	url-dep:@actions/github-script	AI (npm-metadata): devDependency only; @actions/github-script is a CI utility not included in published package output.	ai	2026/05/14
dependencies	unvetted-dep:markdown-it	AI (dependencies): markdown-it is a widely-used, well-maintained markdown parser; not a risk for this package.	ai	2026/05/12
dependencies	unvetted-dep:markdown-title	AI (dependencies): markdown-title is a small, stable utility; no known risk for this package.	ai	2026/05/12

Versions (showing 22 of 22)

Version	Deps	Published
1.13.0	14 / 16	2026-05-24
1.12.2	14 / 16	2026-05-03
1.12.1	14 / 16	2026-04-15
1.12.0	14 / 16	2026-03-20
1.11.1	14 / 16	2026-03-16
1.11.0	14 / 16	2026-02-03
1.10.0	14 / 13	2025-12-26
1.9.3	14 / 12	2025-11-17
1.9.2	14 / 12	2025-11-16
1.9.1	14 / 12	2025-11-09
1.7.5	13 / 11	2025-09-11
1.6.0	13 / 9	2025-06-28
1.5.1	12 / 9	2025-06-16
1.5.0	12 / 9	2025-06-09
1.4.0	12 / 9	2025-06-07
1.3.4	11 / 9	2025-05-26
1.3.3	11 / 11	2025-05-22
1.3.2	11 / 11	2025-05-20
1.3.1	11 / 11	2025-05-19
1.3.0	11 / 11	2025-05-19
1.2.0	11 / 11	2025-05-17
1.1.4	10 / 10	2025-05-12

v1.13.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.12.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.12.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.12.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.11.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.11.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.10.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.9.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.9.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.9.1

2 findings

HIGH Publisher changed: okinea → GitHub Actions (on 2025-11-09) provenance

This version was published by a different npm account than previous versions on 2025-11-09. This could indicate a legitimate maintainer transition or an account compromise.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.7.5

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.5.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.5.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.4.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.3.4

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.3.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.3.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.3.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.3.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.2.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.1.4

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.