Bump @babel/core from 7.23.5 to 7.25.7

[dependabot[bot]]

Bumps @babel/core from 7.23.5 to 7.25.7.

Release notes

Sourced from @​babel/core's releases.

v7.25.7 (2024-10-02)

Thanks @​DylanPiercey and @​YuHyeonWook for your first PRs!

:bug: Bug Fix

• babel-helper-validator-identifier
  • #16825 fix: update identifier to unicode 16 (@​JLHwung)
• babel-traverse
  • #16814 fix: issue with node path keys updated on unrelated paths (@​DylanPiercey)
• babel-plugin-transform-classes
  • #16797 Use an inclusion rather than exclusion list for super() check (@​nicolo-ribaudo)
• babel-generator
  • #16788 Fix printing of TS infer in compact mode (@​nicolo-ribaudo)
  • #16785 Print TS type annotations for destructuring in assignment pattern (@​nicolo-ribaudo)
  • #16778 Respect [no LineTerminator here] after nodes (@​nicolo-ribaudo)

:nail_care: Polish

• babel-types
  • #16852 Add deprecated JSDOC for fields (@​liuxingbaoyu)

:house: Internal

• babel-core
  • #16820 Allow sync loading of ESM when --experimental-require-module (@​nicolo-ribaudo)
• babel-helper-compilation-targets, babel-helper-plugin-utils, babel-preset-env
  • #16858 Add browserslist config to external dependency (@​JLHwung)
• babel-plugin-proposal-destructuring-private, babel-plugin-syntax-decimal, babel-plugin-syntax-import-reflection, babel-standalone
  • #16809 Archive syntax-import-reflection and syntax-decimal (@​nicolo-ribaudo)
• babel-generator
  • #16779 Simplify logic for [no LineTerminator here] before nodes (@​nicolo-ribaudo)

:running_woman: Performance

• babel-plugin-transform-typescript
  • #16875 perf: Avoid extra cloning of namespaces (@​liuxingbaoyu)
• babel-types
  • #16842 perf: Improve @​babel/types builders (@​liuxingbaoyu)
  • #16828 Only access BABEL_TYPES_8_BREAKING at startup (@​nicolo-ribaudo)

Committers: 8

• Babel Bot (@​babel-bot)
• Dylan Piercey (@​DylanPiercey)
• Huáng Jùnliàng (@​JLHwung)
• Nicolò Ribaudo (@​nicolo-ribaudo)
• @​liuxingbaoyu
• coderaiser (@​coderaiser)
• fisker Cheung (@​fisker)
• hwook (@​YuHyeonWook)

v7.25.6 (2024-08-29)

Thanks @​j4k0xb for your first PR!

... (truncated)

Changelog

Sourced from @​babel/core's changelog.

v7.25.7 (2024-10-02)

:bug: Bug Fix

• babel-helper-validator-identifier
  • #16825 fix: update identifier to unicode 16 (@​JLHwung)
• babel-traverse
  • #16814 fix: issue with node path keys updated on unrelated paths (@​DylanPiercey)
• babel-plugin-transform-classes
  • #16797 Use an inclusion rather than exclusion list for super() check (@​nicolo-ribaudo)
• babel-generator
  • #16788 Fix printing of TS infer in compact mode (@​nicolo-ribaudo)
  • #16785 Print TS type annotations for destructuring in assignment pattern (@​nicolo-ribaudo)
  • #16778 Respect [no LineTerminator here] after nodes (@​nicolo-ribaudo)

:nail_care: Polish

• babel-types
  • #16852 Add deprecated JSDOC for fields (@​liuxingbaoyu)

:house: Internal

• babel-core
  • #16820 Allow sync loading of ESM when --experimental-require-module (@​nicolo-ribaudo)
• babel-helper-compilation-targets, babel-helper-plugin-utils, babel-preset-env
  • #16858 Add browserslist config to external dependency (@​JLHwung)
• babel-plugin-proposal-destructuring-private, babel-plugin-syntax-decimal, babel-plugin-syntax-import-reflection, babel-standalone
  • #16809 Archive syntax-import-reflection and syntax-decimal (@​nicolo-ribaudo)
• babel-generator
  • #16779 Simplify logic for [no LineTerminator here] before nodes (@​nicolo-ribaudo)

:running_woman: Performance

• babel-plugin-transform-typescript
  • #16875 perf: Avoid extra cloning of namespaces (@​liuxingbaoyu)
• babel-types
  • #16842 perf: Improve @​babel/types builders (@​liuxingbaoyu)
  • #16828 Only access BABEL_TYPES_8_BREAKING at startup (@​nicolo-ribaudo)

v7.25.6 (2024-08-29)

:bug: Bug Fix

• babel-generator
  • #16783 Properly print inner comments in TS array types (@​nicolo-ribaudo)
  • #16775 fix: jsx whitespace is not properly preserved when retainLines (@​liuxingbaoyu)
• babel-traverse
  • #16727 fix: path.getAssignmentIdentifiers may be undefined (@​liuxingbaoyu)
• babel-parser
  • #16761 fix: improve static canFollowModifier checks (@​JLHwung)
• babel-helpers, babel-plugin-transform-optional-chaining, babel-runtime-corejs3
  • #16769 Only wrap functions in superPropertyGet helper (@​nicolo-ribaudo)

:nail_care: Polish

• babel-generator, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-duplicate-named-capturing-groups-regex, babel-plugin-transform-named-capturing-groups-regex, babel-plugin-transform-react-jsx-development, babel-plugin-transform-react-jsx, babel-plugin-transform-react-pure-annotations, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env
  • #16780 Do not enforce printing space between ( and comments (@​nicolo-ribaudo)

... (truncated)

Commits

• 2533cfb v7.25.7
• 2ee4982 chore: Improve loadFullConfig types (#16872)
• b2ba04c Allow sync loading of ESM when --experimental-require-module (#16820)
• cd8ffa4 [Babel 8] fix: Throwing exceptions synchronously (#16836)
• 9e14f7d chore: Enable more lint rules (#16827)
• 7722f23 Update typescript & typescript-eslint (#16826)
• 69d65f1 [babel 8] Require Node.js ^18.20.0 || ^20.17.0 || >=22.8.0 (#16800)
• dba45d3 Ignore devDependencies when generating tsconfig.json (#16659)
• 0f8f408 v7.25.2
• 6a15d7a Ensure that requeueComputedKeyAndDecorators is available (#16695)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions[bot]]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ✅ 0 package(s) with unknown licenses.
• ⚠️ 2 packages with OpenSSF Scorecard issues.

See the Details below.

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
npm/@babel/code-frame	7.25.7	:green_circle: 6.5	Details Check Score Reason Code-Review :green_circle: 10 all changesets reviewed Maintained :green_circle: 10 30 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 2 badge detected: InProgress License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :green_circle: 9 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :warning: 0 20 existing vulnerabilities detected
npm/@babel/compat-data	7.25.7	:green_circle: 6.5	Details Check Score Reason Code-Review :green_circle: 10 all changesets reviewed Maintained :green_circle: 10 30 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 2 badge detected: InProgress License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :green_circle: 9 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :warning: 0 20 existing vulnerabilities detected
npm/@babel/core	7.25.7	:green_circle: 6.5	Details Check Score Reason Code-Review :green_circle: 10 all changesets reviewed Maintained :green_circle: 10 30 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 2 badge detected: InProgress License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :green_circle: 9 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :warning: 0 20 existing vulnerabilities detected
npm/@babel/generator	7.25.7	:green_circle: 6.5	Details Check Score Reason Code-Review :green_circle: 10 all changesets reviewed Maintained :green_circle: 10 30 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 2 badge detected: InProgress License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :green_circle: 9 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :warning: 0 20 existing vulnerabilities detected
npm/@babel/helper-compilation-targets	7.25.7	:green_circle: 6.5	Details Check Score Reason Code-Review :green_circle: 10 all changesets reviewed Maintained :green_circle: 10 30 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 2 badge detected: InProgress License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :green_circle: 9 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :warning: 0 20 existing vulnerabilities detected
npm/@babel/helper-module-imports	7.25.7	:green_circle: 6.5	Details Check Score Reason Code-Review :green_circle: 10 all changesets reviewed Maintained :green_circle: 10 30 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 2 badge detected: InProgress License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :green_circle: 9 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :warning: 0 20 existing vulnerabilities detected
npm/@babel/helper-module-transforms	7.25.7	:green_circle: 6.5	Details Check Score Reason Code-Review :green_circle: 10 all changesets reviewed Maintained :green_circle: 10 30 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 2 badge detected: InProgress License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :green_circle: 9 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :warning: 0 20 existing vulnerabilities detected
npm/@babel/helper-simple-access	7.25.7	:green_circle: 6.5	Details Check Score Reason Code-Review :green_circle: 10 all changesets reviewed Maintained :green_circle: 10 30 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 2 badge detected: InProgress License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :green_circle: 9 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :warning: 0 20 existing vulnerabilities detected
npm/@babel/helper-string-parser	7.25.7	:green_circle: 6.5	Details Check Score Reason Code-Review :green_circle: 10 all changesets reviewed Maintained :green_circle: 10 30 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 2 badge detected: InProgress License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :green_circle: 9 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :warning: 0 20 existing vulnerabilities detected
npm/@babel/helper-validator-identifier	7.25.7	:green_circle: 6.5	Details Check Score Reason Code-Review :green_circle: 10 all changesets reviewed Maintained :green_circle: 10 30 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 2 badge detected: InProgress License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :green_circle: 9 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :warning: 0 20 existing vulnerabilities detected
npm/@babel/helper-validator-option	7.25.7	:green_circle: 6.5	Details Check Score Reason Code-Review :green_circle: 10 all changesets reviewed Maintained :green_circle: 10 30 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 2 badge detected: InProgress License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :green_circle: 9 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :warning: 0 20 existing vulnerabilities detected
npm/@babel/helpers	7.25.7	:green_circle: 6.5	Details Check Score Reason Code-Review :green_circle: 10 all changesets reviewed Maintained :green_circle: 10 30 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 2 badge detected: InProgress License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :green_circle: 9 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :warning: 0 20 existing vulnerabilities detected
npm/@babel/highlight	7.25.7	:green_circle: 6.5	Details Check Score Reason Code-Review :green_circle: 10 all changesets reviewed Maintained :green_circle: 10 30 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 2 badge detected: InProgress License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :green_circle: 9 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :warning: 0 20 existing vulnerabilities detected
npm/@babel/parser	7.25.7	:green_circle: 6.5	Details Check Score Reason Code-Review :green_circle: 10 all changesets reviewed Maintained :green_circle: 10 30 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 2 badge detected: InProgress License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :green_circle: 9 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :warning: 0 20 existing vulnerabilities detected
npm/@babel/template	7.25.7	:green_circle: 6.5	Details Check Score Reason Code-Review :green_circle: 10 all changesets reviewed Maintained :green_circle: 10 30 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 2 badge detected: InProgress License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :green_circle: 9 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :warning: 0 20 existing vulnerabilities detected
npm/@babel/traverse	7.25.7	:green_circle: 6.5	Details Check Score Reason Code-Review :green_circle: 10 all changesets reviewed Maintained :green_circle: 10 30 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 2 badge detected: InProgress License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :green_circle: 9 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :warning: 0 20 existing vulnerabilities detected
npm/@babel/types	7.25.7	:green_circle: 6.5	Details Check Score Reason Code-Review :green_circle: 10 all changesets reviewed Maintained :green_circle: 10 30 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 2 badge detected: InProgress License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :green_circle: 9 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :warning: 0 20 existing vulnerabilities detected
npm/@jridgewell/gen-mapping	0.3.5	:green_circle: 3.2	Details Check Score Reason Code-Review :warning: 0 Found 1/22 approved changesets -- score normalized to 0 Maintained :warning: 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Packaging :warning: -1 packaging workflow not detected Branch-Protection :warning: 0 branch protection not enabled on development/release branches Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Security-Policy :warning: 0 security policy file not detected Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :green_circle: 7 3 existing vulnerabilities detected
npm/@jridgewell/resolve-uri	3.1.0	:warning: 2.8	Details Check Score Reason Code-Review :warning: 0 Found 1/26 approved changesets -- score normalized to 0 Maintained :warning: 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Security-Policy :warning: 0 security policy file not detected Branch-Protection :warning: 0 branch protection not enabled on development/release branches Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :green_circle: 3 7 existing vulnerabilities detected
npm/@jridgewell/set-array	1.2.1	:warning: 2.8	Details Check Score Reason Code-Review :warning: 0 Found 0/21 approved changesets -- score normalized to 0 Maintained :warning: 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 no SAST tool detected Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection :warning: 0 branch protection not enabled on development/release branches Security-Policy :warning: 0 security policy file not detected Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 3 7 existing vulnerabilities detected
npm/@jridgewell/sourcemap-codec	1.4.15	:green_circle: 3.4	Details Check Score Reason Code-Review :warning: 0 Found 1/15 approved changesets -- score normalized to 0 Maintained :warning: 0 1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Binary-Artifacts :green_circle: 10 no binaries found in the repo Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Branch-Protection :warning: 0 branch protection not enabled on development/release branches SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Security-Policy :warning: 0 security policy file not detected Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Fuzzing :warning: 0 project is not fuzzed Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0
npm/@jridgewell/trace-mapping	0.3.25	:green_circle: 3.2	Details Check Score Reason Code-Review :warning: 0 Found 1/30 approved changesets -- score normalized to 0 Maintained :warning: 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts :green_circle: 10 no binaries found in the repo Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Branch-Protection :warning: 0 branch protection not enabled on development/release branches SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Security-Policy :warning: 0 security policy file not detected Fuzzing :warning: 0 project is not fuzzed Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities :green_circle: 7 3 existing vulnerabilities detected
npm/browserslist	4.24.0	:green_circle: 4.6	Details Check Score Reason Code-Review :warning: 2 Found 7/30 approved changesets -- score normalized to 2 Maintained :green_circle: 10 11 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Security-Policy :warning: 0 security policy file not detected Branch-Protection :warning: 0 branch protection not enabled on development/release branches Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected
npm/caniuse-lite	1.0.30001666	:green_circle: 4.3	Details Check Score Reason Code-Review :warning: 0 Found 0/29 approved changesets -- score normalized to 0 Maintained :green_circle: 10 21 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Packaging :warning: -1 packaging workflow not detected Branch-Protection :warning: 0 branch protection not enabled on development/release branches Security-Policy :warning: 0 security policy file not detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :green_circle: 9 1 existing vulnerabilities detected
npm/debug	4.3.4	:green_circle: 4.2	Details Check Score Reason Code-Review :green_circle: 3 Found 11/28 approved changesets -- score normalized to 3 Maintained :green_circle: 6 5 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 6 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Dangerous-Workflow :warning: -1 no workflows found Packaging :warning: -1 packaging workflow not detected Token-Permissions :warning: -1 No tokens found Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: -1 no dependencies found Security-Policy :warning: 0 security policy file not detected Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Signed-Releases :warning: -1 no releases found Fuzzing :warning: 0 project is not fuzzed Branch-Protection :warning: 0 branch protection not enabled on development/release branches SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
npm/electron-to-chromium	1.5.31	Unknown	Unknown
npm/escalade	3.2.0	:green_circle: 3.7	Details Check Score Reason Code-Review :warning: 1 Found 3/30 approved changesets -- score normalized to 1 Maintained :warning: 2 3 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 2 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection :warning: 0 branch protection not enabled on development/release branches Security-Policy :warning: 0 security policy file not detected Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
npm/globals	11.12.0	:green_circle: 5	Details Check Score Reason Code-Review :green_circle: 4 Found 11/23 approved changesets -- score normalized to 4 Maintained :green_circle: 6 7 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 6 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection :warning: 0 branch protection not enabled on development/release branches Signed-Releases :warning: -1 no releases found Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
npm/jsesc	3.0.2	:green_circle: 3.2	Details Check Score Reason Code-Review :warning: 1 Found 4/30 approved changesets -- score normalized to 1 Maintained :warning: 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Dangerous-Workflow :warning: -1 no workflows found Packaging :warning: -1 packaging workflow not detected Token-Permissions :warning: -1 No tokens found Pinned-Dependencies :warning: -1 no dependencies found Binary-Artifacts :green_circle: 10 no binaries found in the repo Branch-Protection :warning: 0 branch protection not enabled on development/release branches Fuzzing :warning: 0 project is not fuzzed Signed-Releases :warning: -1 no releases found Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Security-Policy :warning: 0 security policy file not detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
npm/ms	2.1.2	:green_circle: 4.3	Details Check Score Reason Code-Review :green_circle: 6 Found 19/29 approved changesets -- score normalized to 6 Maintained :warning: 0 1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Binary-Artifacts :green_circle: 10 no binaries found in the repo Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing :warning: 0 project is not fuzzed Security-Policy :green_circle: 10 security policy file detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :warning: 2 8 existing vulnerabilities detected
npm/node-releases	2.0.18	:green_circle: 4.5	Details Check Score Reason Code-Review :warning: 0 Found 0/30 approved changesets -- score normalized to 0 Maintained :green_circle: 10 12 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Packaging :warning: -1 packaging workflow not detected Binary-Artifacts :green_circle: 10 no binaries found in the repo SAST :warning: 0 no SAST tool detected Signed-Releases :warning: -1 no releases found Pinned-Dependencies :green_circle: 3 dependency not pinned by hash detected -- score normalized to 3 Branch-Protection :warning: 0 branch protection not enabled on development/release branches Security-Policy :warning: 0 security policy file not detected Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 9 1 existing vulnerabilities detected
npm/picocolors	1.1.0	:green_circle: 4.4	Details Check Score Reason Code-Review :green_circle: 5 Found 10/19 approved changesets -- score normalized to 5 Maintained :green_circle: 5 3 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 5 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Binary-Artifacts :green_circle: 10 no binaries found in the repo Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection :warning: 0 branch protection not enabled on development/release branches Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Security-Policy :warning: 0 security policy file not detected Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
npm/update-browserslist-db	1.1.1	:green_circle: 3.2	Details Check Score Reason Code-Review :warning: 1 Found 3/21 approved changesets -- score normalized to 1 Maintained :green_circle: 4 3 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 4 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Security-Policy :warning: 0 security policy file not detected Fuzzing :warning: 0 project is not fuzzed Branch-Protection :warning: 0 branch protection not enabled on development/release branches SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :green_circle: 3 7 existing vulnerabilities detected
npm/@babel/core	^7.25.7	:green_circle: 6.5	Details Check Score Reason Code-Review :green_circle: 10 all changesets reviewed Maintained :green_circle: 10 30 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 2 badge detected: InProgress License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :green_circle: 9 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :warning: 0 20 existing vulnerabilities detected

Scanned Manifest Files

package-lock.json

• @babel/code-frame@7.25.7
• @babel/compat-data@7.25.7
• @babel/core@7.25.7
• @babel/generator@7.25.7
• @babel/helper-compilation-targets@7.25.7
• @babel/helper-module-imports@7.25.7
• @babel/helper-module-transforms@7.25.7
• @babel/helper-simple-access@7.25.7
• @babel/helper-string-parser@7.25.7
• @babel/helper-validator-identifier@7.25.7
• @babel/helper-validator-option@7.25.7
• @babel/helpers@7.25.7
• @babel/highlight@7.25.7
• @babel/parser@7.25.7
• @babel/template@7.25.7
• @babel/traverse@7.25.7
• @babel/types@7.25.7
• @jridgewell/gen-mapping@0.3.5
• @jridgewell/resolve-uri@3.1.0
• @jridgewell/set-array@1.2.1
• @jridgewell/sourcemap-codec@1.4.15
• @jridgewell/trace-mapping@0.3.25
• browserslist@4.24.0
• caniuse-lite@1.0.30001666
• debug@4.3.4
• electron-to-chromium@1.5.31
• escalade@3.2.0
• globals@11.12.0
• jsesc@3.0.2
• ms@2.1.2
• node-releases@2.0.18
• picocolors@1.1.0
• update-browserslist-db@1.1.1
• @babel/code-frame@7.23.5
• @babel/compat-data@7.23.2
• @babel/core@7.23.5
• @babel/generator@7.23.5
• @babel/helper-compilation-targets@7.22.15
• @babel/helper-environment-visitor@7.22.20
• @babel/helper-function-name@7.23.0
• @babel/helper-hoist-variables@7.22.5
• @babel/helper-module-imports@7.22.15
• @babel/helper-module-transforms@7.23.3
• @babel/helper-simple-access@7.22.5
• @babel/helper-split-export-declaration@7.22.6
• @babel/helper-string-parser@7.23.4
• @babel/helper-validator-identifier@7.22.20
• @babel/helper-validator-option@7.22.15
• @babel/helpers@7.23.5
• @babel/highlight@7.23.4
• @babel/parser@7.23.5
• @babel/template@7.22.15
• @babel/traverse@7.23.5
• @babel/types@7.23.5
• @jridgewell/gen-mapping@0.3.3
• @jridgewell/resolve-uri@3.1.0
• @jridgewell/set-array@1.1.2
• @jridgewell/sourcemap-codec@1.4.15
• @jridgewell/sourcemap-codec@1.4.14
• @jridgewell/trace-mapping@0.3.18
• browserslist@4.22.1
• caniuse-lite@1.0.30001547
• debug@4.3.4
• electron-to-chromium@1.4.551
• escalade@3.1.1
• globals@11.12.0
• jsesc@2.5.2
• ms@2.1.2
• node-releases@2.0.13
• picocolors@1.0.0
• update-browserslist-db@1.0.13

package.json

• @babel/core@^7.25.7
• @babel/core@^7.23.2

[dependabot[bot]]

Superseded by #272.