UI: NEWS

[vercel[bot]]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
beta-sanity	🔄 Building (Inspect)	Visit Preview	💬 Add feedback	Aug 27, 2024 4:25am
sanity	🔄 Building (Inspect)	Visit Preview	💬 Add feedback	Aug 27, 2024 4:25am

[github-actions[bot]]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
npm/@types/node	22.5.0	:green_circle: 6.9	Details Check Score Reason Code-Review :green_circle: 8 Found 23/27 approved changesets -- score normalized to 8 Maintained :green_circle: 10 30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Security-Policy :green_circle: 10 security policy file detected Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :green_circle: 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing :warning: 0 project is not fuzzed
npm/@types/react	18.3.4	:green_circle: 6.9	Details Check Score Reason Code-Review :green_circle: 8 Found 23/27 approved changesets -- score normalized to 8 Maintained :green_circle: 10 30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Security-Policy :green_circle: 10 security policy file detected Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :green_circle: 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing :warning: 0 project is not fuzzed
npm/@types/react-reconciler	0.28.8	:green_circle: 6.9	Details Check Score Reason Code-Review :green_circle: 8 Found 23/27 approved changesets -- score normalized to 8 Maintained :green_circle: 10 30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Security-Policy :green_circle: 10 security policy file detected Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :green_circle: 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing :warning: 0 project is not fuzzed
npm/typescript	5.5.4	:green_circle: 8.6	Details Check Score Reason Binary-Artifacts :green_circle: 10 no binaries found in the repo Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration CI-Tests :green_circle: 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected Code-Review :green_circle: 10 all changesets reviewed Contributors :green_circle: 10 project has 35 contributing companies or organizations Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Dependency-Update-Tool :green_circle: 10 update tool detected Fuzzing :green_circle: 10 project is fuzzed License :green_circle: 10 license file detected Maintained :green_circle: 10 30 commit(s) and 10 issue activity found in the last 90 days -- score normalized to 10 Packaging :warning: -1 packaging workflow not detected Pinned-Dependencies :green_circle: 6 dependency not pinned by hash detected -- score normalized to 6 SAST :green_circle: 10 SAST tool is run on all commits Security-Policy :green_circle: 10 security policy file detected Signed-Releases :warning: 0 Project has not signed or included provenance with any releases. Token-Permissions :green_circle: 10 GitHub workflow tokens follow principle of least privilege Vulnerabilities :green_circle: 9 1 existing vulnerabilities detected
npm/undici-types	6.19.8	:green_circle: 8.3	Details Check Score Reason Binary-Artifacts :green_circle: 8 binaries present in source code Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration CI-Tests :green_circle: 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected Code-Review :green_circle: 10 all changesets reviewed Contributors :green_circle: 10 project has 97 contributing companies or organizations Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Dependency-Update-Tool :green_circle: 10 update tool detected Fuzzing :green_circle: 10 project is fuzzed License :green_circle: 10 license file detected Maintained :green_circle: 10 30 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10 Packaging :green_circle: 10 packaging workflow detected Pinned-Dependencies :green_circle: 3 dependency not pinned by hash detected -- score normalized to 3 SAST :green_circle: 10 SAST tool is run on all commits Security-Policy :green_circle: 9 security policy file detected Signed-Releases :warning: -1 no releases found Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected
npm/@types/node	22.5.0	:green_circle: 6.9	Details Check Score Reason Code-Review :green_circle: 8 Found 23/27 approved changesets -- score normalized to 8 Maintained :green_circle: 10 30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Security-Policy :green_circle: 10 security policy file detected Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :green_circle: 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing :warning: 0 project is not fuzzed
npm/@types/react	18.3.4	:green_circle: 6.9	Details Check Score Reason Code-Review :green_circle: 8 Found 23/27 approved changesets -- score normalized to 8 Maintained :green_circle: 10 30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Security-Policy :green_circle: 10 security policy file detected Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :green_circle: 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing :warning: 0 project is not fuzzed
npm/@types/react-reconciler	^0.28.8	:green_circle: 6.9	Details Check Score Reason Code-Review :green_circle: 8 Found 23/27 approved changesets -- score normalized to 8 Maintained :green_circle: 10 30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Security-Policy :green_circle: 10 security policy file detected Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :green_circle: 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing :warning: 0 project is not fuzzed
npm/typescript	5.5.4	:green_circle: 8.6	Details Check Score Reason Binary-Artifacts :green_circle: 10 no binaries found in the repo Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration CI-Tests :green_circle: 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected Code-Review :green_circle: 10 all changesets reviewed Contributors :green_circle: 10 project has 35 contributing companies or organizations Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Dependency-Update-Tool :green_circle: 10 update tool detected Fuzzing :green_circle: 10 project is fuzzed License :green_circle: 10 license file detected Maintained :green_circle: 10 30 commit(s) and 10 issue activity found in the last 90 days -- score normalized to 10 Packaging :warning: -1 packaging workflow not detected Pinned-Dependencies :green_circle: 6 dependency not pinned by hash detected -- score normalized to 6 SAST :green_circle: 10 SAST tool is run on all commits Security-Policy :green_circle: 10 security policy file detected Signed-Releases :warning: 0 Project has not signed or included provenance with any releases. Token-Permissions :green_circle: 10 GitHub workflow tokens follow principle of least privilege Vulnerabilities :green_circle: 9 1 existing vulnerabilities detected

Scanned Manifest Files

package-lock.json

• @types/node@22.5.0
• @types/react@18.3.4
• @types/react-reconciler@0.28.8
• typescript@5.5.4
• undici-types@6.19.8
• @types/node@20.14.9
• @types/react@18.3.3
• typescript@5.5.3
• undici-types@5.26.5

package.json

• @types/node@22.5.0
• @types/react@18.3.4
• @types/react-reconciler@^0.28.8
• typescript@5.5.4