react-style-singleton@2.2.1 has no repository, but it does

Sandworm version 1.56.1 - Latest version (I run npx @sandworm/audit@latest)

Describe the bug react-style-singleton@2.2.1 Has no repository SWRM-202-react-style-singleton-2.2.1

Manifest files

package.json


  "dependencies": {
    "@aws-sdk/client-lambda": "^3.620.0",
    "@aws-sdk/client-secrets-manager": "^3.620.0",
    "@aws-sdk/util-arn-parser": "^3.310.0",
    "@casl/ability": "^6.5.0",
    "@chakra-ui/icons": "^2.0.19",
    "@chakra-ui/react": "^2.8.2",
    "@chakra-ui/react-context": "^2.0.8",
    "@chakra-ui/react-types": "^2.0.7",
    "@chakra-ui/theme-tools": "^2.0.18",
    "@emotion/styled": "11.11.0",
    "@hookform/resolvers": "^3.0.0",
    "@nestjs/common": "10.3.9",
    "@nestjs/core": "10.3.9",
    "@nestjs/passport": "^10.0.2",
    "@nestjs/platform-express": "10.3.9",
    "@nestjs/swagger": "7.4.0",
    "@nestjs/typeorm": "^10.0.0",
    "@tanstack/match-sorter-utils": "^8.8.4",
    "@tanstack/react-query": "^5.17.0",
    "@tanstack/react-query-devtools": "^5.17.0",
    "@tanstack/react-table": "^8.16.0",
    "@tanstack/react-virtual": "^3.0.0-beta.54",
    "aws-jwt-verify": "^4.0.0",
    "aws4-axios": "^3.1.1",
    "axios": "1.7.2",
    "chakra-react-select": "^4.6.0",
    "class-transformer": "^0.5.1",
    "class-validator": "^0.14.0",
    "client-oauth2": "^4.3.3",
    "colors": "^1.4.0",
    "config": "^3.3.9",
    "connect-pg-simple": "^9.0.0",
    "dayjs": "^1.11.7",
    "express-session": "^1.17.3",
    "framer-motion": "^11.3.17",
    "jotai": "^2.2.2",
    "js-cookie": "^3.0.5",
    "kebab-case": "^1.0.2",
    "lunr": "^2.3.9",
    "node-cache": "^5.1.2",
    "openid-client": "^5.6.5",
    "openpgp": "^5.11.2",
    "p-limit": "^3.1.0",
    "passport": "^0.6.0",
    "passport-custom": "^1.1.1",
    "passport-local": "^1.0.0",
    "path-browserify": "^1.0.1",
    "pg": "^8.11.0",
    "pg-boss": "^9.0.3",
    "re-resizable": "^6.9.9",
    "react": "18.3.1",
    "react-dom": "18.3.1",
    "react-error-boundary": "^4.0.3",
    "react-hook-form": "^7.43.9",
    "react-icons": "^4.10.1",
    "react-router-dom": "^6.14.0",
    "reflect-metadata": "^0.1.13",
    "rxjs": "^7.0.0",
    "typeorm": "^0.3.20",
    "typeorm-encrypted": "^0.8.0",
    "url-join": "^5.0.0"
  },
  "devDependencies": {
    "@babel/core": "^7.24.9",
    "@babel/preset-react": "^7.14.5",
    "@babel/preset-typescript": "7.12.13",
    "@chakra-ui/cli": "^2.4.1",
    "@chakra-ui/storybook-addon": "^5.0.0",
    "@eslint/compat": "^1.1.1",
    "@faker-js/faker": "^7.6.0",
    "@nestjs/schematics": "10.1.3",
    "@nestjs/testing": "10.3.9",
    "@nx/cypress": "19.5.3",
    "@nx/devkit": "19.5.3",
    "@nx/eslint": "19.5.3",
    "@nx/eslint-plugin": "19.5.3",
    "@nx/jest": "19.5.3",
    "@nx/js": "19.5.3",
    "@nx/nest": "19.5.3",
    "@nx/node": "19.5.3",
    "@nx/plugin": "19.5.3",
    "@nx/react": "19.5.3",
    "@nx/storybook": "19.5.3",
    "@nx/vite": "19.5.3",
    "@nx/web": "19.5.3",
    "@nx/webpack": "19.5.3",
    "@nx/workspace": "19.5.3",
    "@pmmmwh/react-refresh-webpack-plugin": "^0.5.7",
    "@storybook/addon-essentials": "8.1.0",
    "@storybook/core-server": "8.1.0",
    "@storybook/react": "8.1.0",
    "@storybook/react-vite": "8.1.0",
    "@storybook/react-webpack5": "8.1.0",
    "@svgr/webpack": "8.0.1",
    "@swc-node/register": "1.9.2",
    "@swc/cli": "0.3.14",
    "@swc/core": "1.5.7",
    "@testing-library/react": "15.0.6",
    "@types/connect-pg-simple": "^7.0.0",
    "@types/express-session": "^1.17.6",
    "@types/jest": "^29.4.0",
    "@types/js-cookie": "^3.0.3",
    "@types/lunr": "^2.3.7",
    "@types/node": "18.19.9",
    "@types/passport-local": "^1.0.35",
    "@types/path-browserify": "^1.0.0",
    "@types/react": "18.3.1",
    "@types/react-dom": "18.3.0",
    "@types/supertest": "^2.0.15",
    "@typescript-eslint/eslint-plugin": "7.17.0",
    "@typescript-eslint/parser": "7.17.0",
    "@vitejs/plugin-react": "4.3.1",
    "@vitest/ui": "1.6.0",
    "babel-jest": "^29.4.1",
    "babel-loader": "8.1.0",
    "cypress": "13.13.1",
    "eslint": "8.57.0",
    "eslint-config-prettier": "9.1.0",
    "eslint-plugin-cypress": "2.15.2",
    "eslint-plugin-import": "^2.29.1",
    "eslint-plugin-jest": "^28.6.0",
    "eslint-plugin-jsx-a11y": "^6.9.0",
    "eslint-plugin-react": "^7.35.0",
    "eslint-plugin-react-hooks": "^4.6.2",
    "eslint-plugin-storybook": "^0.8.0",
    "html-webpack-plugin": "^5.5.0",
    "jest": "^29.4.1",
    "jest-environment-jsdom": "^29.4.1",
    "jest-environment-node": "^29.4.1",
    "jsdom": "~20.0.3",
    "jsonc-eslint-parser": "^2.1.0",
    "nx": "19.5.3",
    "prettier": "^2.6.2",
    "react-refresh": "^0.10.0",
    "rollup-plugin-visualizer": "^5.9.2",
    "storybook": "8.1.0",
    "storybook-addon-react-router-v6": "^2.0.4",
    "supertest": "^6.3.4",
    "ts-jest": "29.1.0",
    "ts-node": "^10.9.1",
    "tsconfig-paths": "^4.2.0",
    "typescript": "5.5.4",
    "url-loader": "^4.1.1",
    "vite": "5.3.5",
    "vite-plugin-eslint": "^1.8.1",
    "vite-tsconfig-paths": "^4.0.2",
    "vitest": "1.6.0"
  }
```

To Reproduce

Install @chakra-ui/react@2.8.2
Run npx @sandworm/audit@latest
Get the issue 🟡 react-style-singleton@2.2.1 Has no repository SWRM-202-react-style-singleton-2.2.1

Expected behavior The package has a repository so there should be no issue.

If this is not a false positive, then details on how to resolve should be provided

System (please complete the following information):

Node Version - 18.20.2
Package Manager - npm
Package Manager Version - npm 10.5.0
OS: WSL

Additional context

Here's the dependency tree for react-style-singleton

└─┬ @chakra-ui/react@2.8.2
  └─┬ @chakra-ui/modal@2.3.1
    └─┬ react-remove-scroll@2.5.7
      ├─┬ react-remove-scroll-bar@2.3.4
      │ └── react-style-singleton@2.2.1 deduped
      └── react-style-singleton@2.2.1

And the link to the package: https://www.npmjs.com/package/react-style-singleton

sandworm-hq / sandworm-audit

react-style-singleton@2.2.1 has no repository, but it does #151