Changes for AACT Proj

[github-actions[bot]]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 1 package(s) with unknown licenses.

See the Details below.

License Issues

package.json

Package	Version	License	Issue Type
@fluentui/react	^8.121.6	Null	Unknown License

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
npm/@fluentui/date-time-utilities	8.6.9	:green_circle: 6.4	Details Check Score Reason Maintained :green_circle: 10 30 commit(s) out of 30 and 22 issue activity out of 30 found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 9 GitHub code reviews found for 28 commits out of the last 30 -- score normalized to 9 CII-Best-Practices :warning: 0 no badge detected Vulnerabilities :green_circle: 10 no vulnerabilities detected Signed-Releases :warning: -1 no releases found Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches Dependency-Update-Tool :green_circle: 10 update tool detected Security-Policy :green_circle: 10 security policy file detected Packaging :warning: -1 no published package detected License :green_circle: 10 license file detected Dangerous-Workflow :warning: 0 dangerous workflow patterns detected Token-Permissions :warning: 0 non read-only tokens detected in GitHub workflows Fuzzing :warning: 0 project is not fuzzed Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :green_circle: 5 dependency not pinned by hash detected -- score normalized to 5
npm/@fluentui/dom-utilities	2.3.9	:green_circle: 6.4	Details Check Score Reason Maintained :green_circle: 10 30 commit(s) out of 30 and 22 issue activity out of 30 found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 9 GitHub code reviews found for 28 commits out of the last 30 -- score normalized to 9 CII-Best-Practices :warning: 0 no badge detected Vulnerabilities :green_circle: 10 no vulnerabilities detected Signed-Releases :warning: -1 no releases found Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches Dependency-Update-Tool :green_circle: 10 update tool detected Security-Policy :green_circle: 10 security policy file detected Packaging :warning: -1 no published package detected License :green_circle: 10 license file detected Dangerous-Workflow :warning: 0 dangerous workflow patterns detected Token-Permissions :warning: 0 non read-only tokens detected in GitHub workflows Fuzzing :warning: 0 project is not fuzzed Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :green_circle: 5 dependency not pinned by hash detected -- score normalized to 5
npm/@fluentui/font-icons-mdl2	8.5.54	:green_circle: 6.4	Details Check Score Reason Maintained :green_circle: 10 30 commit(s) out of 30 and 22 issue activity out of 30 found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 9 GitHub code reviews found for 28 commits out of the last 30 -- score normalized to 9 CII-Best-Practices :warning: 0 no badge detected Vulnerabilities :green_circle: 10 no vulnerabilities detected Signed-Releases :warning: -1 no releases found Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches Dependency-Update-Tool :green_circle: 10 update tool detected Security-Policy :green_circle: 10 security policy file detected Packaging :warning: -1 no published package detected License :green_circle: 10 license file detected Dangerous-Workflow :warning: 0 dangerous workflow patterns detected Token-Permissions :warning: 0 non read-only tokens detected in GitHub workflows Fuzzing :warning: 0 project is not fuzzed Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :green_circle: 5 dependency not pinned by hash detected -- score normalized to 5
npm/@fluentui/foundation-legacy	8.4.20	:green_circle: 6.4	Details Check Score Reason Maintained :green_circle: 10 30 commit(s) out of 30 and 22 issue activity out of 30 found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 9 GitHub code reviews found for 28 commits out of the last 30 -- score normalized to 9 CII-Best-Practices :warning: 0 no badge detected Vulnerabilities :green_circle: 10 no vulnerabilities detected Signed-Releases :warning: -1 no releases found Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches Dependency-Update-Tool :green_circle: 10 update tool detected Security-Policy :green_circle: 10 security policy file detected Packaging :warning: -1 no published package detected License :green_circle: 10 license file detected Dangerous-Workflow :warning: 0 dangerous workflow patterns detected Token-Permissions :warning: 0 non read-only tokens detected in GitHub workflows Fuzzing :warning: 0 project is not fuzzed Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :green_circle: 5 dependency not pinned by hash detected -- score normalized to 5
npm/@fluentui/keyboard-key	0.4.23	:green_circle: 6.4	Details Check Score Reason Maintained :green_circle: 10 30 commit(s) out of 30 and 22 issue activity out of 30 found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 9 GitHub code reviews found for 28 commits out of the last 30 -- score normalized to 9 CII-Best-Practices :warning: 0 no badge detected Vulnerabilities :green_circle: 10 no vulnerabilities detected Signed-Releases :warning: -1 no releases found Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches Dependency-Update-Tool :green_circle: 10 update tool detected Security-Policy :green_circle: 10 security policy file detected Packaging :warning: -1 no published package detected License :green_circle: 10 license file detected Dangerous-Workflow :warning: 0 dangerous workflow patterns detected Token-Permissions :warning: 0 non read-only tokens detected in GitHub workflows Fuzzing :warning: 0 project is not fuzzed Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :green_circle: 5 dependency not pinned by hash detected -- score normalized to 5
npm/@fluentui/merge-styles	8.6.13	:green_circle: 6.4	Details Check Score Reason Maintained :green_circle: 10 30 commit(s) out of 30 and 22 issue activity out of 30 found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 9 GitHub code reviews found for 28 commits out of the last 30 -- score normalized to 9 CII-Best-Practices :warning: 0 no badge detected Vulnerabilities :green_circle: 10 no vulnerabilities detected Signed-Releases :warning: -1 no releases found Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches Dependency-Update-Tool :green_circle: 10 update tool detected Security-Policy :green_circle: 10 security policy file detected Packaging :warning: -1 no published package detected License :green_circle: 10 license file detected Dangerous-Workflow :warning: 0 dangerous workflow patterns detected Token-Permissions :warning: 0 non read-only tokens detected in GitHub workflows Fuzzing :warning: 0 project is not fuzzed Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :green_circle: 5 dependency not pinned by hash detected -- score normalized to 5
npm/@fluentui/react	8.121.6	:green_circle: 6.4	Details Check Score Reason Maintained :green_circle: 10 30 commit(s) out of 30 and 22 issue activity out of 30 found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 9 GitHub code reviews found for 28 commits out of the last 30 -- score normalized to 9 CII-Best-Practices :warning: 0 no badge detected Vulnerabilities :green_circle: 10 no vulnerabilities detected Signed-Releases :warning: -1 no releases found Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches Dependency-Update-Tool :green_circle: 10 update tool detected Security-Policy :green_circle: 10 security policy file detected Packaging :warning: -1 no published package detected License :green_circle: 10 license file detected Dangerous-Workflow :warning: 0 dangerous workflow patterns detected Token-Permissions :warning: 0 non read-only tokens detected in GitHub workflows Fuzzing :warning: 0 project is not fuzzed Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :green_circle: 5 dependency not pinned by hash detected -- score normalized to 5
npm/@fluentui/react-focus	8.9.17	:green_circle: 6.4	Details Check Score Reason Maintained :green_circle: 10 30 commit(s) out of 30 and 22 issue activity out of 30 found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 9 GitHub code reviews found for 28 commits out of the last 30 -- score normalized to 9 CII-Best-Practices :warning: 0 no badge detected Vulnerabilities :green_circle: 10 no vulnerabilities detected Signed-Releases :warning: -1 no releases found Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches Dependency-Update-Tool :green_circle: 10 update tool detected Security-Policy :green_circle: 10 security policy file detected Packaging :warning: -1 no published package detected License :green_circle: 10 license file detected Dangerous-Workflow :warning: 0 dangerous workflow patterns detected Token-Permissions :warning: 0 non read-only tokens detected in GitHub workflows Fuzzing :warning: 0 project is not fuzzed Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :green_circle: 5 dependency not pinned by hash detected -- score normalized to 5
npm/@fluentui/react-hooks	8.8.16	:green_circle: 6.4	Details Check Score Reason Maintained :green_circle: 10 30 commit(s) out of 30 and 22 issue activity out of 30 found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 9 GitHub code reviews found for 28 commits out of the last 30 -- score normalized to 9 CII-Best-Practices :warning: 0 no badge detected Vulnerabilities :green_circle: 10 no vulnerabilities detected Signed-Releases :warning: -1 no releases found Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches Dependency-Update-Tool :green_circle: 10 update tool detected Security-Policy :green_circle: 10 security policy file detected Packaging :warning: -1 no published package detected License :green_circle: 10 license file detected Dangerous-Workflow :warning: 0 dangerous workflow patterns detected Token-Permissions :warning: 0 non read-only tokens detected in GitHub workflows Fuzzing :warning: 0 project is not fuzzed Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :green_circle: 5 dependency not pinned by hash detected -- score normalized to 5
npm/@fluentui/react-portal-compat-context	9.0.12	:green_circle: 6.4	Details Check Score Reason Maintained :green_circle: 10 30 commit(s) out of 30 and 22 issue activity out of 30 found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 9 GitHub code reviews found for 28 commits out of the last 30 -- score normalized to 9 CII-Best-Practices :warning: 0 no badge detected Vulnerabilities :green_circle: 10 no vulnerabilities detected Signed-Releases :warning: -1 no releases found Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches Dependency-Update-Tool :green_circle: 10 update tool detected Security-Policy :green_circle: 10 security policy file detected Packaging :warning: -1 no published package detected License :green_circle: 10 license file detected Dangerous-Workflow :warning: 0 dangerous workflow patterns detected Token-Permissions :warning: 0 non read-only tokens detected in GitHub workflows Fuzzing :warning: 0 project is not fuzzed Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :green_circle: 5 dependency not pinned by hash detected -- score normalized to 5
npm/@fluentui/react-window-provider	2.2.28	:green_circle: 6.4	Details Check Score Reason Maintained :green_circle: 10 30 commit(s) out of 30 and 22 issue activity out of 30 found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 9 GitHub code reviews found for 28 commits out of the last 30 -- score normalized to 9 CII-Best-Practices :warning: 0 no badge detected Vulnerabilities :green_circle: 10 no vulnerabilities detected Signed-Releases :warning: -1 no releases found Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches Dependency-Update-Tool :green_circle: 10 update tool detected Security-Policy :green_circle: 10 security policy file detected Packaging :warning: -1 no published package detected License :green_circle: 10 license file detected Dangerous-Workflow :warning: 0 dangerous workflow patterns detected Token-Permissions :warning: 0 non read-only tokens detected in GitHub workflows Fuzzing :warning: 0 project is not fuzzed Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :green_circle: 5 dependency not pinned by hash detected -- score normalized to 5
npm/@fluentui/set-version	8.2.23	:green_circle: 6.4	Details Check Score Reason Maintained :green_circle: 10 30 commit(s) out of 30 and 22 issue activity out of 30 found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 9 GitHub code reviews found for 28 commits out of the last 30 -- score normalized to 9 CII-Best-Practices :warning: 0 no badge detected Vulnerabilities :green_circle: 10 no vulnerabilities detected Signed-Releases :warning: -1 no releases found Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches Dependency-Update-Tool :green_circle: 10 update tool detected Security-Policy :green_circle: 10 security policy file detected Packaging :warning: -1 no published package detected License :green_circle: 10 license file detected Dangerous-Workflow :warning: 0 dangerous workflow patterns detected Token-Permissions :warning: 0 non read-only tokens detected in GitHub workflows Fuzzing :warning: 0 project is not fuzzed Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :green_circle: 5 dependency not pinned by hash detected -- score normalized to 5
npm/@fluentui/style-utilities	8.11.3	:green_circle: 6.4	Details Check Score Reason Maintained :green_circle: 10 30 commit(s) out of 30 and 22 issue activity out of 30 found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 9 GitHub code reviews found for 28 commits out of the last 30 -- score normalized to 9 CII-Best-Practices :warning: 0 no badge detected Vulnerabilities :green_circle: 10 no vulnerabilities detected Signed-Releases :warning: -1 no releases found Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches Dependency-Update-Tool :green_circle: 10 update tool detected Security-Policy :green_circle: 10 security policy file detected Packaging :warning: -1 no published package detected License :green_circle: 10 license file detected Dangerous-Workflow :warning: 0 dangerous workflow patterns detected Token-Permissions :warning: 0 non read-only tokens detected in GitHub workflows Fuzzing :warning: 0 project is not fuzzed Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :green_circle: 5 dependency not pinned by hash detected -- score normalized to 5
npm/@fluentui/theme	2.6.63	:green_circle: 6.4	Details Check Score Reason Maintained :green_circle: 10 30 commit(s) out of 30 and 22 issue activity out of 30 found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 9 GitHub code reviews found for 28 commits out of the last 30 -- score normalized to 9 CII-Best-Practices :warning: 0 no badge detected Vulnerabilities :green_circle: 10 no vulnerabilities detected Signed-Releases :warning: -1 no releases found Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches Dependency-Update-Tool :green_circle: 10 update tool detected Security-Policy :green_circle: 10 security policy file detected Packaging :warning: -1 no published package detected License :green_circle: 10 license file detected Dangerous-Workflow :warning: 0 dangerous workflow patterns detected Token-Permissions :warning: 0 non read-only tokens detected in GitHub workflows Fuzzing :warning: 0 project is not fuzzed Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :green_circle: 5 dependency not pinned by hash detected -- score normalized to 5
npm/@fluentui/utilities	8.15.19	:green_circle: 6.4	Details Check Score Reason Maintained :green_circle: 10 30 commit(s) out of 30 and 22 issue activity out of 30 found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 9 GitHub code reviews found for 28 commits out of the last 30 -- score normalized to 9 CII-Best-Practices :warning: 0 no badge detected Vulnerabilities :green_circle: 10 no vulnerabilities detected Signed-Releases :warning: -1 no releases found Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches Dependency-Update-Tool :green_circle: 10 update tool detected Security-Policy :green_circle: 10 security policy file detected Packaging :warning: -1 no published package detected License :green_circle: 10 license file detected Dangerous-Workflow :warning: 0 dangerous workflow patterns detected Token-Permissions :warning: 0 non read-only tokens detected in GitHub workflows Fuzzing :warning: 0 project is not fuzzed Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :green_circle: 5 dependency not pinned by hash detected -- score normalized to 5
npm/@microsoft/load-themed-styles	1.10.295	:green_circle: 4.9	Details Check Score Reason Maintained :green_circle: 10 30 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10 Code-Review :warning: 2 Found 8/30 approved changesets -- score normalized to 2 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging :warning: -1 packaging workflow not detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :green_circle: 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :warning: 0 21 existing vulnerabilities detected
npm/@fluentui/react	^8.121.6	:green_circle: 6.4	Details Check Score Reason Maintained :green_circle: 10 30 commit(s) out of 30 and 22 issue activity out of 30 found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 9 GitHub code reviews found for 28 commits out of the last 30 -- score normalized to 9 CII-Best-Practices :warning: 0 no badge detected Vulnerabilities :green_circle: 10 no vulnerabilities detected Signed-Releases :warning: -1 no releases found Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches Dependency-Update-Tool :green_circle: 10 update tool detected Security-Policy :green_circle: 10 security policy file detected Packaging :warning: -1 no published package detected License :green_circle: 10 license file detected Dangerous-Workflow :warning: 0 dangerous workflow patterns detected Token-Permissions :warning: 0 non read-only tokens detected in GitHub workflows Fuzzing :warning: 0 project is not fuzzed Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :green_circle: 5 dependency not pinned by hash detected -- score normalized to 5

Scanned Manifest Files

package-lock.json

• @fluentui/date-time-utilities@8.6.9
• @fluentui/dom-utilities@2.3.9
• @fluentui/font-icons-mdl2@8.5.54
• @fluentui/foundation-legacy@8.4.20
• @fluentui/keyboard-key@0.4.23
• @fluentui/merge-styles@8.6.13
• @fluentui/react@8.121.6
• @fluentui/react-focus@8.9.17
• @fluentui/react-hooks@8.8.16
• @fluentui/react-portal-compat-context@9.0.12
• @fluentui/react-window-provider@2.2.28
• @fluentui/set-version@8.2.23
• @fluentui/style-utilities@8.11.3
• @fluentui/theme@2.6.63
• @fluentui/utilities@8.15.19
• @microsoft/load-themed-styles@1.10.295

package.json

• @fluentui/react@^8.121.6