Bump @typescript-eslint/eslint-plugin from 5.62.0 to 8.12.2

[dependabot[bot]]

Bumps @typescript-eslint/eslint-plugin from 5.62.0 to 8.12.2.

Release notes

Sourced from @​typescript-eslint/eslint-plugin's releases.

v8.12.2

8.12.2 (2024-10-29)

🩹 Fixes

• eslint-plugin: [switch-exhaustiveness-check] invert considerDefaultExhaustiveForUnions (#10223)

❤️ Thank You

• Kirk Waiblinger @​kirkwaiblinger

You can read about our versioning strategy and releases on our website.

v8.12.1

8.12.1 (2024-10-28)

🚀 Features

• eslint-plugin: [prefer-nullish-coalescing] add support for assignment expressions (#10152)
• eslint-plugin: [consistent-indexed-object-style] report mapped types (#10160)
• eslint-plugin: [switch-exhaustiveness-check] add considerDefaultExhaustiveForUnions option (#9954)
• eslint-plugin: [no-base-to-string] handle String() (#10005)
• typescript-eslint: improve undefined extension handling (#10177)

🩹 Fixes

• eslint-plugin: [no-unsafe-return] don't reiterate through all type parts for each part (#10203)
• website: enable noImplicitAny (#10175)
• rule-tester: use cwd option to set base path for tests with file name (#10201)

❤️ Thank You

• Abraham Guo
• Dave @​reduckted
• Kim Sang Du @​developer-bandi
• Kirk Waiblinger @​kirkwaiblinger
• Maxim Stykow @​mstykow
• Terry Fu
• YeonJuan @​yeonjuan

You can read about our versioning strategy and releases on our website.

v8.12.0

See https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.12.1

v8.11.0

8.11.0 (2024-10-21)

🚀 Features

... (truncated)

Changelog

Sourced from @​typescript-eslint/eslint-plugin's changelog.

8.12.2 (2024-10-29)

🩹 Fixes

• eslint-plugin: [switch-exhaustiveness-check] invert considerDefaultExhaustiveForUnions (#10223)

❤️ Thank You

• Kirk Waiblinger @​kirkwaiblinger

You can read about our versioning strategy and releases on our website.

8.12.1 (2024-10-28)

This was a version bump only for eslint-plugin to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.12.0 (2024-10-28)

🚀 Features

• eslint-plugin: [no-base-to-string] handle String() (#10005)
• eslint-plugin: [switch-exhaustiveness-check] add allowDefaultCaseMatchUnionMember option (#9954)
• eslint-plugin: [consistent-indexed-object-style] report mapped types (#10160)
• eslint-plugin: [prefer-nullish-coalescing] add support for assignment expressions (#10152)

❤️ Thank You

• Abraham Guo
• Kim Sang Du @​developer-bandi
• Kirk Waiblinger @​kirkwaiblinger
• YeonJuan @​yeonjuan

You can read about our versioning strategy and releases on our website.

8.11.0 (2024-10-21)

🚀 Features

• eslint-plugin: [no-unnecessary-type-parameters] add suggestion fixer (#10149)
• eslint-plugin: [no-base-to-string] add support for catching toLocaleString (#10138)

🩹 Fixes

• eslint-plugin: [class-literal-property-style] don't report nodes with override keyword (#10135)

❤️ Thank You

• Kirk Waiblinger @​kirkwaiblinger

... (truncated)

Commits

• 4af866a chore(release): publish 8.12.2
• cc7177c fix(eslint-plugin): [switch-exhaustiveness-check] invert `considerDefaultExha...
• 1edec1d chore(release): publish 8.12.1
• 3413a2d chore(release): publish 8.12.0
• ac18749 feat(eslint-plugin): [no-base-to-string] handle String() (#10005)
• 3c8978d feat(eslint-plugin): [switch-exhaustiveness-check] add allowDefaultCaseMatchU...
• af4743f test(eslint-plugin): fix a typo in a test, causing it to test the error typ...
• 9c956ee feat(eslint-plugin): [consistent-indexed-object-style] report mapped types (#...
• e765033 feat(eslint-plugin): [prefer-nullish-coalescing] add support for assignment e...
• 79c27a8 chore(release): publish 8.11.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions[bot]]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
npm/@eslint-community/eslint-utils	4.4.1	Unknown	Unknown
npm/@eslint-community/regexpp	4.12.1	Unknown	Unknown
npm/@eslint/config-array	0.18.0	Unknown	Unknown
npm/@eslint/core	0.7.0	Unknown	Unknown
npm/@eslint/eslintrc	3.1.0	:green_circle: 5.7	Details Check Score Reason Code-Review :green_circle: 9 Found 19/21 approved changesets -- score normalized to 9 Maintained :warning: 0 1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Fuzzing :warning: 0 project is not fuzzed Security-Policy :green_circle: 10 security policy file detected Packaging :green_circle: 10 packaging workflow detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
npm/@eslint/js	9.13.0	:green_circle: 7	Details Check Score Reason Code-Review :green_circle: 8 Found 25/30 approved changesets -- score normalized to 8 Maintained :green_circle: 10 30 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Security-Policy :green_circle: 10 security policy file detected Fuzzing :warning: 0 project is not fuzzed SAST :green_circle: 10 SAST tool is run on all commits
npm/@eslint/object-schema	2.1.4	Unknown	Unknown
npm/@eslint/plugin-kit	0.2.2	Unknown	Unknown
npm/@humanfs/core	0.19.1	Unknown	Unknown
npm/@humanfs/node	0.16.6	Unknown	Unknown
npm/@humanwhocodes/module-importer	1.0.1	Unknown	Unknown
npm/@humanwhocodes/retry	0.3.1	Unknown	Unknown
npm/@types/estree	1.0.6	:green_circle: 6.9	Details Check Score Reason Maintained :green_circle: 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 8 Found 25/30 approved changesets -- score normalized to 8 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :green_circle: 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing :warning: 0 project is not fuzzed
npm/@types/json-schema	7.0.15	:green_circle: 6.9	Details Check Score Reason Maintained :green_circle: 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 8 Found 25/30 approved changesets -- score normalized to 8 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :green_circle: 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing :warning: 0 project is not fuzzed
npm/@typescript-eslint/eslint-plugin	8.12.2	:green_circle: 5.3	Details Check Score Reason Code-Review :green_circle: 8 Found 24/28 approved changesets -- score normalized to 8 Maintained :green_circle: 10 30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases :warning: -1 no releases found Security-Policy :green_circle: 10 security policy file detected Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :warning: 0 22 existing vulnerabilities detected
npm/@typescript-eslint/scope-manager	8.12.2	:green_circle: 5.3	Details Check Score Reason Code-Review :green_circle: 8 Found 24/28 approved changesets -- score normalized to 8 Maintained :green_circle: 10 30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases :warning: -1 no releases found Security-Policy :green_circle: 10 security policy file detected Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :warning: 0 22 existing vulnerabilities detected
npm/@typescript-eslint/type-utils	8.12.2	:green_circle: 5.3	Details Check Score Reason Code-Review :green_circle: 8 Found 24/28 approved changesets -- score normalized to 8 Maintained :green_circle: 10 30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases :warning: -1 no releases found Security-Policy :green_circle: 10 security policy file detected Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :warning: 0 22 existing vulnerabilities detected
npm/@typescript-eslint/types	8.12.2	:green_circle: 5.3	Details Check Score Reason Code-Review :green_circle: 8 Found 24/28 approved changesets -- score normalized to 8 Maintained :green_circle: 10 30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases :warning: -1 no releases found Security-Policy :green_circle: 10 security policy file detected Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :warning: 0 22 existing vulnerabilities detected
npm/@typescript-eslint/typescript-estree	8.12.2	:green_circle: 5.3	Details Check Score Reason Code-Review :green_circle: 8 Found 24/28 approved changesets -- score normalized to 8 Maintained :green_circle: 10 30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases :warning: -1 no releases found Security-Policy :green_circle: 10 security policy file detected Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :warning: 0 22 existing vulnerabilities detected
npm/@typescript-eslint/utils	8.12.2	:green_circle: 5.3	Details Check Score Reason Code-Review :green_circle: 8 Found 24/28 approved changesets -- score normalized to 8 Maintained :green_circle: 10 30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases :warning: -1 no releases found Security-Policy :green_circle: 10 security policy file detected Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :warning: 0 22 existing vulnerabilities detected
npm/@typescript-eslint/visitor-keys	8.12.2	:green_circle: 5.3	Details Check Score Reason Code-Review :green_circle: 8 Found 24/28 approved changesets -- score normalized to 8 Maintained :green_circle: 10 30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases :warning: -1 no releases found Security-Policy :green_circle: 10 security policy file detected Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :warning: 0 22 existing vulnerabilities detected
npm/acorn	8.14.0	:green_circle: 5.4	Details Check Score Reason Code-Review :green_circle: 4 Found 11/26 approved changesets -- score normalized to 4 Maintained :green_circle: 10 11 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected License :warning: 0 license file not detected Token-Permissions :green_circle: 10 GitHub workflow tokens follow principle of least privilege Branch-Protection :warning: 0 branch protection not enabled on development/release branches Binary-Artifacts :green_circle: 10 no binaries found in the repo Security-Policy :warning: 0 security policy file not detected Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
npm/eslint	9.13.0	:green_circle: 7	Details Check Score Reason Code-Review :green_circle: 8 Found 25/30 approved changesets -- score normalized to 8 Maintained :green_circle: 10 30 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Security-Policy :green_circle: 10 security policy file detected Fuzzing :warning: 0 project is not fuzzed SAST :green_circle: 10 SAST tool is run on all commits
npm/eslint-scope	8.2.0	Unknown	Unknown
npm/eslint-visitor-keys	4.2.0	Unknown	Unknown
npm/espree	10.3.0	Unknown	Unknown
npm/file-entry-cache	8.0.0	:green_circle: 4.2	Details Check Score Reason Code-Review :warning: 0 Found 0/14 approved changesets -- score normalized to 0 Maintained :green_circle: 8 10 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 8 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Binary-Artifacts :green_circle: 10 no binaries found in the repo Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Branch-Protection :warning: 0 branch protection not enabled on development/release branches Security-Policy :warning: 0 security policy file not detected Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
npm/find-up	5.0.0	:green_circle: 4.3	Details Check Score Reason Code-Review :green_circle: 3 Found 10/30 approved changesets -- score normalized to 3 Maintained :warning: 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Packaging :warning: -1 packaging workflow not detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Branch-Protection :warning: 0 branch protection not enabled on development/release branches Fuzzing :warning: 0 project is not fuzzed Signed-Releases :warning: -1 no releases found SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
npm/flat-cache	4.0.1	:green_circle: 4	Details Check Score Reason Code-Review :warning: 1 Found 2/14 approved changesets -- score normalized to 1 Maintained :warning: 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Packaging :warning: -1 packaging workflow not detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection :warning: 0 branch protection not enabled on development/release branches Security-Policy :warning: 0 security policy file not detected Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected SAST :green_circle: 8 SAST tool is not run on all commits -- score normalized to 8
npm/flatted	3.3.1	:green_circle: 3.5	Details Check Score Reason Code-Review :warning: 0 Found 1/24 approved changesets -- score normalized to 0 Maintained :warning: 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts :green_circle: 10 no binaries found in the repo Branch-Protection :warning: 0 branch protection not enabled on development/release branches Pinned-Dependencies :green_circle: 3 dependency not pinned by hash detected -- score normalized to 3 Security-Policy :warning: 0 security policy file not detected Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :green_circle: 9 1 existing vulnerabilities detected
npm/globals	14.0.0	:green_circle: 5.4	Details Check Score Reason Maintained :green_circle: 10 9 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 4 Found 10/23 approved changesets -- score normalized to 4 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Branch-Protection :warning: 0 branch protection not enabled on development/release branches Signed-Releases :warning: -1 no releases found SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
npm/ignore	5.3.2	:green_circle: 4.3	Details Check Score Reason Code-Review :warning: 0 Found 1/19 approved changesets -- score normalized to 0 Maintained :green_circle: 10 11 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Security-Policy :warning: 0 security policy file not detected Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Fuzzing :warning: 0 project is not fuzzed Branch-Protection :warning: 0 branch protection not enabled on development/release branches Signed-Releases :warning: -1 no releases found SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
npm/keyv	4.5.4	:green_circle: 5.6	Details Check Score Reason Code-Review :warning: 0 Found 1/30 approved changesets -- score normalized to 0 Maintained :green_circle: 10 30 commit(s) and 15 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts :green_circle: 10 no binaries found in the repo Branch-Protection :warning: 0 branch protection not enabled on development/release branches Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Fuzzing :warning: 0 project is not fuzzed Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 SAST :green_circle: 10 SAST tool is run on all commits
npm/locate-path	6.0.0	:green_circle: 4.2	Details Check Score Reason Code-Review :warning: 2 Found 8/29 approved changesets -- score normalized to 2 Maintained :warning: 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Security-Policy :green_circle: 10 security policy file detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Signed-Releases :warning: -1 no releases found Branch-Protection :warning: 0 branch protection not enabled on development/release branches Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
npm/minimatch	9.0.5	:green_circle: 4.1	Details Check Score Reason Code-Review :warning: 1 Found 3/30 approved changesets -- score normalized to 1 Maintained :warning: 2 0 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 2 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Binary-Artifacts :green_circle: 10 no binaries found in the repo Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing :warning: 0 project is not fuzzed Security-Policy :warning: 0 security policy file not detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected
npm/p-limit	3.1.0	:green_circle: 4.2	Details Check Score Reason Code-Review :warning: 2 Found 7/30 approved changesets -- score normalized to 2 Maintained :warning: 0 1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Security-Policy :green_circle: 10 security policy file detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Packaging :warning: -1 packaging workflow not detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: 0 branch protection not enabled on development/release branches Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
npm/p-locate	5.0.0	:green_circle: 4.2	Details Check Score Reason Code-Review :warning: 2 Found 5/22 approved changesets -- score normalized to 2 Maintained :warning: 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Packaging :warning: -1 packaging workflow not detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Security-Policy :green_circle: 10 security policy file detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Signed-Releases :warning: -1 no releases found Branch-Protection :warning: 0 branch protection not enabled on development/release branches Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
npm/semver	7.6.3	:green_circle: 6.7	Details Check Score Reason Maintained :green_circle: 5 5 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 5 Code-Review :green_circle: 10 all changesets reviewed CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Security-Policy :green_circle: 10 security policy file detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Fuzzing :warning: 0 project is not fuzzed SAST :green_circle: 9 SAST tool detected but not run on all commits
npm/ts-api-utils	1.4.0	Unknown	Unknown
npm/@typescript-eslint/eslint-plugin	^8.12.2	:green_circle: 5.3	Details Check Score Reason Code-Review :green_circle: 8 Found 24/28 approved changesets -- score normalized to 8 Maintained :green_circle: 10 30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases :warning: -1 no releases found Security-Policy :green_circle: 10 security policy file detected Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :warning: 0 22 existing vulnerabilities detected

Scanned Files

• package-lock.json
• package.json

[dependabot[bot]]

Superseded by #892.