Bump the eslint group across 1 directory with 6 updates

[dependabot]

Bumps the eslint group with 6 updates in the /frontend-react directory:

Package	From	To
eslint	8.57.0	9.11.0
eslint-import-resolver-typescript	3.6.1	3.6.3
eslint-plugin-import	2.29.1	2.30.0
eslint-plugin-jsx-a11y	6.9.0	6.10.0
eslint-plugin-react	7.34.3	7.36.1
eslint-plugin-react-refresh	0.4.7	0.4.12

Updates eslint from 8.57.0 to 9.11.0

Release notes

Sourced from eslint's releases.

v9.11.0

Features

• ec30c73 feat: add "eslint/universal" to export Linter (#18883) (唯然)
• c591da6 feat: Add language to types (#18917) (Nicholas C. Zakas)
• 492eb8f feat: limit the name given to ImportSpecifier in id-length (#18861) (Tanuj Kanti)
• 19c6856 feat: Add no-useless-constructor suggestion (#18799) (Jordan Thomson)
• a48f8c2 feat: add type FormatterFunction, update LoadedFormatter (#18872) (Francesco Trotta)

Bug Fixes

• 5e5f39b fix: add missing types for no-restricted-exports rule (#18914) (Kristóf Poduszló)
• 8f630eb fix: add missing types for no-param-reassign options (#18906) (Kristóf Poduszló)
• d715781 fix: add missing types for no-extra-boolean-cast options (#18902) (Kristóf Poduszló)
• 2de5742 fix: add missing types for no-misleading-character-class options (#18905) (Kristóf Poduszló)
• c153084 fix: add missing types for no-implicit-coercion options (#18903) (Kristóf Poduszló)
• fa11b2e fix: add missing types for no-empty-function options (#18901) (Kristóf Poduszló)
• a0deed1 fix: add missing types for camelcase options (#18897) (Kristóf Poduszló)

Documentation

• e4e5709 docs: correct prefer-object-has-own type definition comment (#18924) (Nitin Kumar)
• 91cbd18 docs: add unicode abbreviations in no-irregular-whitespace rule (#18894) (Alix Royere)
• 59cfc0f docs: clarify resultsMeta in LoadedFormatter type (#18881) (Milos Djermanovic)
• adcc50d docs: Update README (GitHub Actions Bot)
• 4edac1a docs: Update README (GitHub Actions Bot)

Build Related

• 959d360 build: Support updates to previous major versions (#18871) (Milos Djermanovic)

Chores

• ca21a64 chore: upgrade @​eslint/js@​9.11.0 (#18927) (Milos Djermanovic)
• a10f90a chore: package.json update for @​eslint/js release (Jenkins)
• e4e02cc refactor: Extract processor logic into ProcessorService (#18818) (Nicholas C. Zakas)
• 6d4484d chore: updates for v8.57.1 release (Jenkins)
• 71f37c5 refactor: use optional chaining when validating config rules (#18893) (lucasrmendonca)
• 2c2805f chore: Add PR note to all templates (#18892) (Nicholas C. Zakas)
• 7b852ce refactor: use Directive class from @eslint/plugin-kit (#18884) (Milos Djermanovic)
• d594ddd chore: update dependency @​eslint/core to ^0.6.0 (#18863) (renovate[bot])
• 78b2421 chore: Update change.yml (#18882) (Nicholas C. Zakas)
• a416f0a chore: enable $ExpectType comments in .ts files (#18869) (Francesco Trotta)

v9.10.0

Features

• 301b90d feat: Add types (#18854) (Nicholas C. Zakas)
• bcf0df5 feat: limit namespace import identifier in id-length rule (#18849) (ChaedongIm)
• 45c18e1 feat: add requireFlag option to require-unicode-regexp rule (#18836) (Brett Zamir)
• 183b459 feat: add error message for duplicate flags in no-invalid-regexp (#18837) (Tanuj Kanti)
• c69b406 feat: report duplicate allowed flags in no-invalid-regexp (#18754) (Tanuj Kanti)

Documentation

• bee0e7a docs: update README (#18865) (Milos Djermanovic)
• 5d80b59 docs: specify that ruleId can be null in custom formatter docs (#18857) (Milos Djermanovic)

... (truncated)

Changelog

Sourced from eslint's changelog.

v9.11.0 - September 20, 2024

• ca21a64 chore: upgrade @​eslint/js@​9.11.0 (#18927) (Milos Djermanovic)
• a10f90a chore: package.json update for @​eslint/js release (Jenkins)
• 5e5f39b fix: add missing types for no-restricted-exports rule (#18914) (Kristóf Poduszló)
• e4e5709 docs: correct prefer-object-has-own type definition comment (#18924) (Nitin Kumar)
• 8f630eb fix: add missing types for no-param-reassign options (#18906) (Kristóf Poduszló)
• d715781 fix: add missing types for no-extra-boolean-cast options (#18902) (Kristóf Poduszló)
• e4e02cc refactor: Extract processor logic into ProcessorService (#18818) (Nicholas C. Zakas)
• ec30c73 feat: add "eslint/universal" to export Linter (#18883) (唯然)
• c591da6 feat: Add language to types (#18917) (Nicholas C. Zakas)
• 91cbd18 docs: add unicode abbreviations in no-irregular-whitespace rule (#18894) (Alix Royere)
• 959d360 build: Support updates to previous major versions (#18871) (Milos Djermanovic)
• 6d4484d chore: updates for v8.57.1 release (Jenkins)
• 492eb8f feat: limit the name given to ImportSpecifier in id-length (#18861) (Tanuj Kanti)
• 2de5742 fix: add missing types for no-misleading-character-class options (#18905) (Kristóf Poduszló)
• c153084 fix: add missing types for no-implicit-coercion options (#18903) (Kristóf Poduszló)
• 19c6856 feat: Add no-useless-constructor suggestion (#18799) (Jordan Thomson)
• fa11b2e fix: add missing types for no-empty-function options (#18901) (Kristóf Poduszló)
• a0deed1 fix: add missing types for camelcase options (#18897) (Kristóf Poduszló)
• 71f37c5 refactor: use optional chaining when validating config rules (#18893) (lucasrmendonca)
• 2c2805f chore: Add PR note to all templates (#18892) (Nicholas C. Zakas)
• 7b852ce refactor: use Directive class from @eslint/plugin-kit (#18884) (Milos Djermanovic)
• a48f8c2 feat: add type FormatterFunction, update LoadedFormatter (#18872) (Francesco Trotta)
• d594ddd chore: update dependency @​eslint/core to ^0.6.0 (#18863) (renovate[bot])
• 59cfc0f docs: clarify resultsMeta in LoadedFormatter type (#18881) (Milos Djermanovic)
• 78b2421 chore: Update change.yml (#18882) (Nicholas C. Zakas)
• a416f0a chore: enable $ExpectType comments in .ts files (#18869) (Francesco Trotta)
• adcc50d docs: Update README (GitHub Actions Bot)
• 4edac1a docs: Update README (GitHub Actions Bot)

v8.57.1 - September 16, 2024

• 140ec45 chore: upgrade @​eslint/js@​8.57.1 (#18913) (Milos Djermanovic)
• bcdfc04 chore: package.json update for @​eslint/js release (Jenkins)
• 3f6ce8d chore: pin [email protected] (#18910) (Milos Djermanovic)
• a19072f fix: add logic to handle fixTypes in the lintText() method (#18900) (Francesco Trotta)
• 04c7188 fix: Don't lint same file multiple times (#18899) (Francesco Trotta)
• 87ec3c4 fix: do not throw when defining a global named __defineSetter__ (#18898) (Francesco Trotta)
• 60a1267 fix: Provide helpful error message for nullish configs (#18889) (Milos Djermanovic)
• 35d366a build: Support updates to previous major versions (#18870) (Milos Djermanovic)
• a0dea8e fix: allow name in global ignores, fix --no-ignore for non-global (#18875) (Milos Djermanovic)
• 3836bb4 fix: do not crash on error in fs.walk filter (#18886) (Milos Djermanovic)
• 2dec349 fix: skip processor code blocks that match only universal patterns (#18880) (Milos Djermanovic)
• 6a5add4 docs: v8.x Add EOL banner (#18744) (Amaresh S M)
• b034575 docs: v8.x add version support page to the dropdown (#18731) (Amaresh S M)
• 760ef7d docs: v8.x add version support page in the side navbar (#18740) (Amaresh S M)
• 428b7ea docs: Add Powered by Algolia label to the search (#18658) (Amaresh S M)
• 9f07549 chore: ignore /docs/v8.x in link checker (#18660) (Milos Djermanovic)
• c68c07f docs: version selectors synchronization (#18265) (Milos Djermanovic)

... (truncated)

Commits

• 26baf40 9.11.0
• 4cc6637 Build: changelog update for 9.11.0
• ca21a64 chore: upgrade @​eslint/js@​9.11.0 (#18927)
• a10f90a chore: package.json update for @​eslint/js release
• 5e5f39b fix: add missing types for no-restricted-exports rule (#18914)
• e4e5709 docs: correct prefer-object-has-own type definition comment (#18924)
• 8f630eb fix: add missing types for no-param-reassign options (#18906)
• d715781 fix: add missing types for no-extra-boolean-cast options (#18902)
• e4e02cc refactor: Extract processor logic into ProcessorService (#18818)
• ec30c73 feat: add "eslint/universal" to export Linter (#18883)
• Additional commits viewable in compare view

Updates eslint-import-resolver-typescript from 3.6.1 to 3.6.3

Release notes

Sourced from eslint-import-resolver-typescript's releases.

v3.6.3

Patch Changes

• #305 f8d7b82 Thanks @​SukkaW! - Fix resolve for node:test, node:sea, and node:sqlite without sacrificing installation size

• #288 a4c6c78 Thanks @​SunsetTechuila! - fix: ignore bun built-in modules

Changelog

Sourced from eslint-import-resolver-typescript's changelog.

3.6.3

Patch Changes

• #305 f8d7b82 Thanks @​SukkaW! - Fix resolve for node:test, node:sea, and node:sqlite without sacrificing installation size

• #288 a4c6c78 Thanks @​SunsetTechuila! - fix: ignore bun built-in modules

3.6.2

Patch Changes

• #294 10f9b17 Thanks @​RobinTail! - Allow either eslint-plugin-import-x or eslint-plugin-import plugin as a peer dependency.

• #295 ff3d3c6 Thanks @​wojtekmaj! - chore(deps): remove is-core-module dependency

Commits

• 3dfad60 chore(deps): update dependency node to v18.20.4 (#309)
• 47561fb chore(deps): update dependency @​changesets/cli to ^2.27.7 (#308)
• c9b5626 chore: release eslint-import-resolver-typescript (#302)
• f8d7b82 fix(#303): use @nolyfill/is-core-module (#305)
• a4c6c78 fix: ignore bun built-in modules (#288)
• 79148f4 chore: release eslint-import-resolver-typescript (#301)
• ff3d3c6 chore(deps): remove is-core-module dependency (#295)
• 10f9b17 Allow either import or import-x plugin as a peer dependency (#294)
• b777b44 ci(workflows/ci): setup node before enabling corepack (#300)
• 4f9db59 chore(deps): update dependency node to v18.20.3 (#297)
• Additional commits viewable in compare view

Updates eslint-plugin-import from 2.29.1 to 2.30.0

Release notes

Sourced from eslint-plugin-import's releases.

v2.30.0

Added

• dynamic-import-chunkname: add allowEmpty option to allow empty leading comments (#2942, thanks [@​JiangWeixian])
• dynamic-import-chunkname: Allow empty chunk name when webpackMode: 'eager' is set; add suggestions to remove name in eager mode (#3004, thanks [@​amsardesai])
• [no-unused-modules]: Add ignoreUnusedTypeExports option (#3011, thanks [@​silverwind])
• add support for Flat Config (#3018, thanks [@​michaelfaith])

Fixed

• [no-extraneous-dependencies]: allow wrong path (#3012, thanks [@​chabb])
• [no-cycle]: use scc algorithm to optimize (#2998, thanks [@​soryy708])
• [no-duplicates]: Removing duplicates breaks in TypeScript (#3033, thanks [@​yesl-kim])
• newline-after-import: fix considerComments option when require (#2952, thanks [@​developer-bandi])
• [order]: do not compare first path segment for relative paths (#2682) (#2885, thanks [@​mihkeleidast])

Changed

• [Docs] no-extraneous-dependencies: Make glob pattern description more explicit (#2944, thanks [@​mulztob])
• [no-unused-modules]: add console message to help debug #2866
• [Refactor] ExportMap: make procedures static instead of monkeypatching exportmap (#2982, thanks [@​soryy708])
• [Refactor] ExportMap: separate ExportMap instance from its builder logic (#2985, thanks [@​soryy708])
• [Docs] order: Add a quick note on how unbound imports and --fix (#2640, thanks [@​minervabot])
• [Tests] appveyor -> GHA (run tests on Windows in both pwsh and WSL + Ubuntu) (#2987, thanks [@​joeyguerra])
• [actions] migrate OSX tests to GHA ([ljharb#37], thanks [@​aks-])
• [Refactor] exportMapBuilder: avoid hoisting (#2989, thanks [@​soryy708])
• [Refactor] ExportMap: extract "builder" logic to separate files (#2991, thanks [@​soryy708])
• [Docs] [order]: update the description of the pathGroupsExcludedImportTypes option (#3036, thanks [@​liby])
• [readme] Clarify how to install the plugin (#2993, thanks [@​jwbth])

... (truncated)

Changelog

Sourced from eslint-plugin-import's changelog.

[2.30.0] - 2024-09-02

Added

• [dynamic-import-chunkname]: add allowEmpty option to allow empty leading comments (#2942, thanks [@​JiangWeixian])
• [dynamic-import-chunkname]: Allow empty chunk name when webpackMode: 'eager' is set; add suggestions to remove name in eager mode (#3004, thanks [@​amsardesai])
• [no-unused-modules]: Add ignoreUnusedTypeExports option (#3011, thanks [@​silverwind])
• add support for Flat Config (#3018, thanks [@​michaelfaith])

Fixed

• [no-extraneous-dependencies]: allow wrong path (#3012, thanks [@​chabb])
• [no-cycle]: use scc algorithm to optimize (#2998, thanks [@​soryy708])
• [no-duplicates]: Removing duplicates breaks in TypeScript (#3033, thanks [@​yesl-kim])
• [newline-after-import]: fix considerComments option when require (#2952, thanks [@​developer-bandi])
• [order]: do not compare first path segment for relative paths (#2682) (#2885, thanks [@​mihkeleidast])

Changed

• [Docs] no-extraneous-dependencies: Make glob pattern description more explicit (#2944, thanks [@​mulztob])
• [no-unused-modules]: add console message to help debug #2866
• [Refactor] ExportMap: make procedures static instead of monkeypatching exportmap (#2982, thanks [@​soryy708])
• [Refactor] ExportMap: separate ExportMap instance from its builder logic (#2985, thanks [@​soryy708])
• [Docs] order: Add a quick note on how unbound imports and --fix (#2640, thanks [@​minervabot])
• [Tests] appveyor -> GHA (run tests on Windows in both pwsh and WSL + Ubuntu) (#2987, thanks [@​joeyguerra])
• [actions] migrate OSX tests to GHA ([ljharb#37], thanks [@​aks-])
• [Refactor] exportMapBuilder: avoid hoisting (#2989, thanks [@​soryy708])
• [Refactor] ExportMap: extract "builder" logic to separate files (#2991, thanks [@​soryy708])
• [Docs] [order]: update the description of the pathGroupsExcludedImportTypes option (#3036, thanks [@​liby])
• [readme] Clarify how to install the plugin (#2993, thanks [@​jwbth])

Commits

• 18787d3 Bump to 2.30.0
• 9902298 [Deps] update eslint-module-utils
• 9d194a6 [utils] v2.9.0
• 0a58d75 [resolvers/webpack] v0.13.9
• a3015eb [Test] namespace: ensure valid case is actually included
• 8bdb32b [Test] add explicit marker for trailing whitespace in cases
• 038c26c [readme] Clarify how to install the plugin
• 32a2b89 [Fix] order: do not compare first path segment for relative paths (#2682)
• ee1ea02 [Fix] newline-after-import: fix considerComments option when require
• 806e3c2 [New] add support for Flat Config
• Additional commits viewable in compare view

Updates eslint-plugin-jsx-a11y from 6.9.0 to 6.10.0

Release notes

Sourced from eslint-plugin-jsx-a11y's releases.

v6.10.0

Added

• [New] add eslint 9 support by @​michaelfaith in jsx-eslint/eslint-plugin-jsx-a11y#1009
• [New] label-has-associated-control: add additional error message by @​BillyLevin in jsx-eslint/eslint-plugin-jsx-a11y#1007
• Support for attribute by @​edoardocavazza in jsx-eslint/eslint-plugin-jsx-a11y#977
• [New] Add attributes setting by @​edoardocavazza in jsx-eslint/eslint-plugin-jsx-a11y#979
• [New] allow polymorphic linting to be restricted to specified components by @​khiga8 in jsx-eslint/eslint-plugin-jsx-a11y#984

Fixed

• [readme] remove deprecated travis ci badge by @​trajan0x in jsx-eslint/eslint-plugin-jsx-a11y#995
• fix typo in shareable config section in readme by @​plbstl in jsx-eslint/eslint-plugin-jsx-a11y#997
• [readme] fix jsxA11y import name by @​k35o in jsx-eslint/eslint-plugin-jsx-a11y#1003
• [Fix]: label-has-associated-control: ignore undetermined label text by @​BillyLevin in jsx-eslint/eslint-plugin-jsx-a11y#1004

New Contributors

• @​trajan0x made their first contribution in jsx-eslint/eslint-plugin-jsx-a11y#995
• @​plbstl made their first contribution in jsx-eslint/eslint-plugin-jsx-a11y#997
• @​k35o made their first contribution in jsx-eslint/eslint-plugin-jsx-a11y#1003
• @​BillyLevin made their first contribution in jsx-eslint/eslint-plugin-jsx-a11y#1004
• @​edoardocavazza made their first contribution in jsx-eslint/eslint-plugin-jsx-a11y#977

Full Changelog: jsx-eslint/eslint-plugin-jsx-a11y@v6.9.0...v6.10.0

Changelog

Sourced from eslint-plugin-jsx-a11y's changelog.

v6.10.0 - 2024-09-03

Fixed

• [New] label-has-associated-control: add additional error message [#1005](https://github.com/jsx-eslint/eslint-plugin-jsx-a11y/issues/1005)
• [Fix] label-has-associated-control: ignore undetermined label text [#966](https://github.com/jsx-eslint/eslint-plugin-jsx-a11y/issues/966)

Commits

• [Tests] switch from jest to tape a284cbf
• [New] add eslint 9 support deac4fd
• [New] add attributes setting a1ee7f8
• [New] allow polymorphic linting to be restricted 6cd1a70
• [Tests] remove duplicate tests 74d5dec
• [Dev Deps] update @babel/cli, @babel/core, @babel/eslint-parser, @babel/plugin-transform-flow-strip-types 6eca235
• [readme] remove deprecated travis ci badge; add github actions badge 0be7ea9
• [Tests] use npm audit instead of aud 05a5e49
• [Deps] update axobject-query 912e98c
• [Deps] unpin axobject-query 75147aa
• [Deps] update axe-core 27ff7cb
• [readme] fix jsxA11y import name ce846e0
• [readme] fix typo in shareable config section in readme cca288b

Commits

• 65c9338 v6.10.0
• 912e98c [Deps] update axobject-query
• 6cd1a70 [New] allow polymorphic linting to be restricted
• a1ee7f8 [New] add attributes setting
• 83fd9c4 [New] label-has-associated-control: add additional error message
• 75147aa [Deps] unpin axobject-query
• a284cbf [Tests] switch from jest to tape
• deac4fd [New] add eslint 9 support
• 74d5dec [Tests] remove duplicate tests
• 05a5e49 [Tests] use npm audit instead of aud
• Additional commits viewable in compare view

Updates eslint-plugin-react from 7.34.3 to 7.36.1

Release notes

Sourced from eslint-plugin-react's releases.

v7.36.1

Fixed

• no-is-mounted: fix logic in method name check (#3821[] @​Mathias-S)
• jsx-no-literals: Avoid crashing on valueless boolean props (#3823[] @​reosarevok)

#3823: jsx-eslint/eslint-plugin-react#3823 #3821: jsx-eslint/eslint-plugin-react#3821

v7.36.0

Added

• [no-string-refs]: allow this.refs in > 18.3.0 (#3807[] @​henryqdineen)
• jsx-no-literals Add elementOverrides option and the ability to ignore this rule on specific elements (#3812[] @​Pearce-Ropion)
• [forward-ref-uses-ref]: add rule for checking ref parameter is added (#3667[] @​NotWoods)

Fixed

• [function-component-definition], boolean-prop-naming, [jsx-first-prop-new-line], [jsx-props-no-multi-spaces], propTypes: use type args (#3629[] @​HenryBrown0)
• JSX pragma: fail gracefully (#3632[] @​ljharb)
• [jsx-props-no-spreading]: add explicitSpread option to schema (#3799[] @​ljharb)

Changed

• [Tests] add @​typescript-eslint/parser v6 (#3629[] @​HenryBrown0)
• [Tests] add @​typescript-eslint/parser v7 and v8 (#3629[] @​hampustagerud)
• [Docs] [no-danger]: update broken link (#3817[] @​lucasrmendonca)
• [types] add jsdoc type annotations (#3731[] @​y-hsgw)
• [Tests] button-has-type: add test case with spread (#3731[] @​y-hsgw)

#3799: jsx-eslint/eslint-plugin-react#3799 #3632: jsx-eslint/eslint-plugin-react#3632 #3812: jsx-eslint/eslint-plugin-react#3812 #3731: jsx-eslint/eslint-plugin-react#3731 #3694: jsx-eslint/eslint-plugin-react#3667 #3629: jsx-eslint/eslint-plugin-react#3629 #3817: jsx-eslint/eslint-plugin-react#3817 #3807: jsx-eslint/eslint-plugin-react#3807

... (truncated)

Changelog

Sourced from eslint-plugin-react's changelog.

7.36.1 - 2024.09.12

Fixed

• [no-is-mounted]: fix logic in method name check (#3821[] @​Mathias-S)
• [jsx-no-literals]: Avoid crashing on valueless boolean props (#3823[] @​reosarevok)

#3823: jsx-eslint/eslint-plugin-react#3823 #3821: jsx-eslint/eslint-plugin-react#3821

7.36.0 - 2024.09.12

Added

• [no-string-refs]: allow this.refs in > 18.3.0 (#3807[] @​henryqdineen)
• [jsx-no-literals] Add elementOverrides option and the ability to ignore this rule on specific elements (#3812[] @​Pearce-Ropion)
• [forward-ref-uses-ref]: add rule for checking ref parameter is added (#3667[] @​NotWoods)

Fixed

• [function-component-definition], [boolean-prop-naming], [jsx-first-prop-new-line], [jsx-props-no-multi-spaces], propTypes: use type args (#3629[] @​HenryBrown0)
• JSX pragma: fail gracefully (#3632[] @​ljharb)
• [jsx-props-no-spreading]: add explicitSpread option to schema (#3799[] @​ljharb)

Changed

• [Tests] add @​typescript-eslint/parser v6 (#3629[] @​HenryBrown0)
• [Tests] add @​typescript-eslint/parser v7 and v8 (#3629[] @​hampustagerud)
• [Docs] [no-danger]: update broken link (#3817[] @​lucasrmendonca)
• [types] add jsdoc type annotations (#3731[] @​y-hsgw)
• [Tests] button-has-type: add test case with spread (

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
npm/eslint	9.11	🟢 6.9	Details Check Score Reason Code-Review 🟢 7 Found 22/29 approved changesets -- score normalized to 7 Maintained 🟢 10 30 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Vulnerabilities 🟢 10 0 existing vulnerabilities detected Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy 🟢 10 security policy file detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits
npm/eslint-import-resolver-typescript	^3.6.3	🟢 5.3	Details Check Score Reason Code-Review ⚠️ 1 Found 4/28 approved changesets -- score normalized to 1 Maintained 🟢 10 13 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 9 security policy file detected SAST 🟢 9 SAST tool detected but not run on all commits Vulnerabilities ⚠️ 2 8 existing vulnerabilities detected
npm/eslint-plugin-import	^2.30.0	🟢 6	Details Check Score Reason Code-Review 🟢 5 Found 15/30 approved changesets -- score normalized to 5 Maintained 🟢 10 24 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/eslint-plugin-jsx-a11y	^6.10.0	🟢 5.8	Details Check Score Reason Code-Review 🟢 3 Found 11/29 approved changesets -- score normalized to 3 Maintained 🟢 10 14 commit(s) and 10 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Signed-Releases ⚠️ -1 no releases found Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 9 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/eslint-plugin-react	^7.36.1	🟢 5.8	Details Check Score Reason Code-Review 🟢 3 Found 8/25 approved changesets -- score normalized to 3 Maintained 🟢 10 24 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/eslint-plugin-react-refresh	^0.4.12	Unknown	Unknown
npm/@eslint-community/regexpp	4.11.1	Unknown	Unknown
npm/@eslint/config-array	0.18.0	Unknown	Unknown
npm/@eslint/eslintrc	3.1.0	🟢 5.9	Details Check Score Reason Code-Review 🟢 9 Found 19/21 approved changesets -- score normalized to 9 Maintained ⚠️ 2 0 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 2 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 10 security policy file detected Packaging 🟢 10 packaging workflow detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/@eslint/js	9.11.0	🟢 6.9	Details Check Score Reason Code-Review 🟢 7 Found 22/29 approved changesets -- score normalized to 7 Maintained 🟢 10 30 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Vulnerabilities 🟢 10 0 existing vulnerabilities detected Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy 🟢 10 security policy file detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits
npm/@eslint/object-schema	2.1.4	Unknown	Unknown
npm/@eslint/plugin-kit	0.2.0	Unknown	Unknown
npm/@humanwhocodes/retry	0.3.0	Unknown	Unknown
npm/@nolyfill/is-core-module	1.0.39	Unknown	Unknown
npm/@rtsao/scc	1.1.0	🟢 3.3	Details Check Score Reason Code-Review ⚠️ 2 Found 1/4 approved changesets -- score normalized to 2 Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Signed-Releases ⚠️ -1 no releases found License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ -1 No tokens found Pinned-Dependencies ⚠️ -1 no dependencies found Dangerous-Workflow ⚠️ -1 no workflows found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/acorn	8.12.1	🟢 5.3	Details Check Score Reason Code-Review 🟢 3 Found 8/26 approved changesets -- score normalized to 3 Maintained 🟢 10 11 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege License ⚠️ 0 license file not detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/array.prototype.findlastindex	1.2.5	🟢 4.4	Details Check Score Reason Code-Review ⚠️ 0 Found 0/30 approved changesets -- score normalized to 0 Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected SAST ⚠️ 0 no SAST tool detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 9 security policy file detected
npm/axe-core	4.10.0	🟢 6.1	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 27 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 5 dependency not pinned by hash detected -- score normalized to 5 Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 2 8 existing vulnerabilities detected
npm/axobject-query	4.1.0	🟢 5.1	Details Check Score Reason Code-Review ⚠️ 1 Found 2/15 approved changesets -- score normalized to 1 Maintained 🟢 10 23 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 9 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 0 36 existing vulnerabilities detected
npm/enhanced-resolve	5.17.1	🟢 6	Details Check Score Reason Code-Review ⚠️ 1 Found 2/11 approved changesets -- score normalized to 1 Maintained 🟢 10 17 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected
npm/eslint	9.11.0	🟢 6.9	Details Check Score Reason Code-Review 🟢 7 Found 22/29 approved changesets -- score normalized to 7 Maintained 🟢 10 30 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Vulnerabilities 🟢 10 0 existing vulnerabilities detected Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy 🟢 10 security policy file detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits
npm/eslint-import-resolver-typescript	3.6.3	🟢 5.3	Details Check Score Reason Code-Review ⚠️ 1 Found 4/28 approved changesets -- score normalized to 1 Maintained 🟢 10 13 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 9 security policy file detected SAST 🟢 9 SAST tool detected but not run on all commits Vulnerabilities ⚠️ 2 8 existing vulnerabilities detected
npm/eslint-module-utils	2.11.0	🟢 6	Details Check Score Reason Code-Review 🟢 5 Found 15/30 approved changesets -- score normalized to 5 Maintained 🟢 10 24 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/eslint-plugin-import	2.30.0	🟢 6	Details Check Score Reason Code-Review 🟢 5 Found 15/30 approved changesets -- score normalized to 5 Maintained 🟢 10 24 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/eslint-plugin-jsx-a11y	6.10.0	🟢 5.8	Details Check Score Reason Code-Review 🟢 3 Found 11/29 approved changesets -- score normalized to 3 Maintained 🟢 10 14 commit(s) and 10 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Signed-Releases ⚠️ -1 no releases found Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 9 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/eslint-plugin-react	7.36.1	🟢 5.8	Details Check Score Reason Code-Review 🟢 3 Found 8/25 approved changesets -- score normalized to 3 Maintained 🟢 10 24 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/eslint-plugin-react-refresh	0.4.12	Unknown	Unknown
npm/eslint-scope	8.0.2	🟢 5.7	Details Check Score Reason Code-Review 🟢 9 Found 23/25 approved changesets -- score normalized to 9 Maintained ⚠️ 0 project is archived CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected Signed-Releases ⚠️ -1 no releases found Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 10 security policy file detected Packaging 🟢 10 packaging workflow detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/eslint-visitor-keys	4.0.0	🟢 5.6	Details Check Score Reason Code-Review 🟢 8 Found 22/26 approved changesets -- score normalized to 8 Maintained ⚠️ 0 project is archived CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Security-Policy 🟢 10 security policy file detected Packaging 🟢 10 packaging workflow detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/espree	10.1.0	Unknown	Unknown
npm/esquery	1.6.0	🟢 4.4	Details Check Score Reason Code-Review 🟢 5 Found 8/14 approved changesets -- score normalized to 5 Maintained ⚠️ 1 2 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 1 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 9 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/file-entry-cache	8.0.0	🟢 4.1	Details Check Score Reason Code-Review ⚠️ 0 Found 0/15 approved changesets -- score normalized to 0 Maintained 🟢 7 9 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 7 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/flat-cache	4.0.1	🟢 4.2	Details Check Score Reason Code-Review ⚠️ 1 Found 2/14 approved changesets -- score normalized to 1 Maintained ⚠️ 2 2 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 2 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Security-Policy ⚠️ 0 security policy file not detected Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST 🟢 8 SAST tool is not run on all commits -- score normalized to 8
npm/globals	14.0.0	🟢 4.9	Details Check Score Reason Code-Review 🟢 4 Found 10/22 approved changesets -- score normalized to 4 Maintained 🟢 5 7 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/is-bun-module	1.2.1	Unknown	Unknown
npm/is-core-module	2.15.1	🟢 5	Details Check Score Reason Code-Review ⚠️ 0 Found 0/30 approved changesets -- score normalized to 0 Maintained 🟢 6 8 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 6 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST ⚠️ 0 no SAST tool detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ -1 no releases found Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 9 security policy file detected
npm/object.groupby	1.0.3	Unknown	Unknown
npm/semver	7.6.3	🟢 7	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 8 7 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 8 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 9 SAST tool detected but not run on all commits
npm/string.prototype.repeat	1.0.0	🟢 3	Details Check Score Reason Code-Review ⚠️ 0 Found 1/17 approved changesets -- score normalized to 0 Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Token-Permissions ⚠️ -1 No tokens found Dangerous-Workflow ⚠️ -1 no workflows found Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ -1 no dependencies found Security-Policy ⚠️ 0 security policy file not detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Vulnerabilities 🟢 10 0 existing vulnerabilities detected Signed-Releases ⚠️ -1 no releases found Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0

Scanned Manifest Files

frontend-react/package.json

• [email protected]
• eslint-import-resolver-typescript@^3.6.3
• eslint-plugin-import@^2.30.0
• eslint-plugin-jsx-a11y@^6.10.0
• eslint-plugin-react@^7.36.1
• eslint-plugin-react-refresh@^0.4.12
• [email protected]
• eslint-import-resolver-typescript@^3.6.1
• eslint-plugin-import@^2.29.1
• eslint-plugin-jsx-a11y@^6.9.0
• eslint-plugin-react@^7.34.3
• eslint-plugin-react-refresh@^0.4.7

frontend-react/yarn.lock

• @eslint-community/[email protected]
• @eslint/[email protected]
• @eslint/[email protected]
• @eslint/[email protected]
• @eslint/[email protected]
• @eslint/[email protected]
• @humanwhocodes/[email protected]
• @nolyfill/[email protected]
• @rtsao/[email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• @eslint/[email protected]
• @eslint/[email protected]
• @humanwhocodes/[email protected]
• @humanwhocodes/[email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]

[dependabot]

Superseded by #16035.