chore(deps): lock file maintenance

[renovate[bot]]

This PR contains the following updates:

Update	Change
lockFileMaintenance	All locks refreshed

🔧 This Pull Request updates lock files to use the latest dependency versions.

---

Configuration

📅 Schedule: Branch creation - "before 5am on monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• [ ] If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions[bot]]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
npm/@playwright/test	1.46.1	:green_circle: 6.5	Details Check Score Reason Maintained :green_circle: 10 30 commit(s) out of 30 and 6 issue activity out of 30 found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 9 GitHub code reviews found for 29 commits out of the last 30 -- score normalized to 9 CII-Best-Practices :warning: 0 no badge detected Vulnerabilities :green_circle: 10 no vulnerabilities detected Signed-Releases :warning: -1 no releases found Security-Policy :green_circle: 10 security policy file detected License :green_circle: 10 license file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 no published package detected Token-Permissions :warning: 0 non read-only tokens detected in GitHub workflows Binary-Artifacts :green_circle: 6 binaries present in source code Dependency-Update-Tool :green_circle: 10 update tool detected Fuzzing :warning: 0 project is not fuzzed Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection :green_circle: 3 branch protection is not maximal on development and all release branches
npm/@rollup/rollup-android-arm-eabi	4.21.0	:green_circle: 5.4	Details Check Score Reason Code-Review :green_circle: 3 Found 6/18 approved changesets -- score normalized to 3 Maintained :green_circle: 10 30 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches Packaging :warning: -1 packaging workflow not detected Security-Policy :warning: 0 security policy file not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 9 1 existing vulnerabilities detected
npm/@rollup/rollup-android-arm64	4.21.0	:green_circle: 5.4	Details Check Score Reason Code-Review :green_circle: 3 Found 6/18 approved changesets -- score normalized to 3 Maintained :green_circle: 10 30 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches Packaging :warning: -1 packaging workflow not detected Security-Policy :warning: 0 security policy file not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 9 1 existing vulnerabilities detected
npm/@rollup/rollup-darwin-arm64	4.21.0	:green_circle: 5.4	Details Check Score Reason Code-Review :green_circle: 3 Found 6/18 approved changesets -- score normalized to 3 Maintained :green_circle: 10 30 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches Packaging :warning: -1 packaging workflow not detected Security-Policy :warning: 0 security policy file not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 9 1 existing vulnerabilities detected
npm/@rollup/rollup-darwin-x64	4.21.0	:green_circle: 5.4	Details Check Score Reason Code-Review :green_circle: 3 Found 6/18 approved changesets -- score normalized to 3 Maintained :green_circle: 10 30 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches Packaging :warning: -1 packaging workflow not detected Security-Policy :warning: 0 security policy file not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 9 1 existing vulnerabilities detected
npm/@rollup/rollup-linux-arm-gnueabihf	4.21.0	:green_circle: 5.4	Details Check Score Reason Code-Review :green_circle: 3 Found 6/18 approved changesets -- score normalized to 3 Maintained :green_circle: 10 30 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches Packaging :warning: -1 packaging workflow not detected Security-Policy :warning: 0 security policy file not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 9 1 existing vulnerabilities detected
npm/@rollup/rollup-linux-arm-musleabihf	4.21.0	:green_circle: 5.4	Details Check Score Reason Code-Review :green_circle: 3 Found 6/18 approved changesets -- score normalized to 3 Maintained :green_circle: 10 30 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches Packaging :warning: -1 packaging workflow not detected Security-Policy :warning: 0 security policy file not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 9 1 existing vulnerabilities detected
npm/@rollup/rollup-linux-arm64-gnu	4.21.0	:green_circle: 5.4	Details Check Score Reason Code-Review :green_circle: 3 Found 6/18 approved changesets -- score normalized to 3 Maintained :green_circle: 10 30 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches Packaging :warning: -1 packaging workflow not detected Security-Policy :warning: 0 security policy file not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 9 1 existing vulnerabilities detected
npm/@rollup/rollup-linux-arm64-musl	4.21.0	:green_circle: 5.4	Details Check Score Reason Code-Review :green_circle: 3 Found 6/18 approved changesets -- score normalized to 3 Maintained :green_circle: 10 30 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches Packaging :warning: -1 packaging workflow not detected Security-Policy :warning: 0 security policy file not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 9 1 existing vulnerabilities detected
npm/@rollup/rollup-linux-powerpc64le-gnu	4.21.0	:green_circle: 5.4	Details Check Score Reason Code-Review :green_circle: 3 Found 6/18 approved changesets -- score normalized to 3 Maintained :green_circle: 10 30 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches Packaging :warning: -1 packaging workflow not detected Security-Policy :warning: 0 security policy file not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 9 1 existing vulnerabilities detected
npm/@rollup/rollup-linux-riscv64-gnu	4.21.0	:green_circle: 5.4	Details Check Score Reason Code-Review :green_circle: 3 Found 6/18 approved changesets -- score normalized to 3 Maintained :green_circle: 10 30 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches Packaging :warning: -1 packaging workflow not detected Security-Policy :warning: 0 security policy file not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 9 1 existing vulnerabilities detected
npm/@rollup/rollup-linux-s390x-gnu	4.21.0	:green_circle: 5.4	Details Check Score Reason Code-Review :green_circle: 3 Found 6/18 approved changesets -- score normalized to 3 Maintained :green_circle: 10 30 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches Packaging :warning: -1 packaging workflow not detected Security-Policy :warning: 0 security policy file not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 9 1 existing vulnerabilities detected
npm/@rollup/rollup-linux-x64-gnu	4.21.0	:green_circle: 5.4	Details Check Score Reason Code-Review :green_circle: 3 Found 6/18 approved changesets -- score normalized to 3 Maintained :green_circle: 10 30 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches Packaging :warning: -1 packaging workflow not detected Security-Policy :warning: 0 security policy file not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 9 1 existing vulnerabilities detected
npm/@rollup/rollup-linux-x64-musl	4.21.0	:green_circle: 5.4	Details Check Score Reason Code-Review :green_circle: 3 Found 6/18 approved changesets -- score normalized to 3 Maintained :green_circle: 10 30 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches Packaging :warning: -1 packaging workflow not detected Security-Policy :warning: 0 security policy file not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 9 1 existing vulnerabilities detected
npm/@rollup/rollup-win32-arm64-msvc	4.21.0	:green_circle: 5.4	Details Check Score Reason Code-Review :green_circle: 3 Found 6/18 approved changesets -- score normalized to 3 Maintained :green_circle: 10 30 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches Packaging :warning: -1 packaging workflow not detected Security-Policy :warning: 0 security policy file not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 9 1 existing vulnerabilities detected
npm/@rollup/rollup-win32-ia32-msvc	4.21.0	:green_circle: 5.4	Details Check Score Reason Code-Review :green_circle: 3 Found 6/18 approved changesets -- score normalized to 3 Maintained :green_circle: 10 30 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches Packaging :warning: -1 packaging workflow not detected Security-Policy :warning: 0 security policy file not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 9 1 existing vulnerabilities detected
npm/@rollup/rollup-win32-x64-msvc	4.21.0	:green_circle: 5.4	Details Check Score Reason Code-Review :green_circle: 3 Found 6/18 approved changesets -- score normalized to 3 Maintained :green_circle: 10 30 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches Packaging :warning: -1 packaging workflow not detected Security-Policy :warning: 0 security policy file not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 9 1 existing vulnerabilities detected
npm/@types/node	22.4.0	:green_circle: 7	Details Check Score Reason Maintained :green_circle: 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 9 Found 27/30 approved changesets -- score normalized to 9 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Security-Policy :green_circle: 10 security policy file detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :green_circle: 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing :warning: 0 project is not fuzzed
npm/electron-to-chromium	1.5.11	Unknown	Unknown
npm/ignore	5.3.2	:green_circle: 4.2	Details Check Score Reason Code-Review :warning: 0 Found 1/19 approved changesets -- score normalized to 0 Maintained :green_circle: 8 7 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 8 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Signed-Releases :warning: -1 no releases found Branch-Protection :warning: 0 branch protection not enabled on development/release branches Security-Policy :warning: 0 security policy file not detected Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
npm/playwright	1.46.1	:green_circle: 6.5	Details Check Score Reason Maintained :green_circle: 10 30 commit(s) out of 30 and 6 issue activity out of 30 found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 9 GitHub code reviews found for 29 commits out of the last 30 -- score normalized to 9 CII-Best-Practices :warning: 0 no badge detected Vulnerabilities :green_circle: 10 no vulnerabilities detected Signed-Releases :warning: -1 no releases found Security-Policy :green_circle: 10 security policy file detected License :green_circle: 10 license file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 no published package detected Token-Permissions :warning: 0 non read-only tokens detected in GitHub workflows Binary-Artifacts :green_circle: 6 binaries present in source code Dependency-Update-Tool :green_circle: 10 update tool detected Fuzzing :warning: 0 project is not fuzzed Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection :green_circle: 3 branch protection is not maximal on development and all release branches
npm/playwright-core	1.46.1	:green_circle: 6.5	Details Check Score Reason Maintained :green_circle: 10 30 commit(s) out of 30 and 6 issue activity out of 30 found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 9 GitHub code reviews found for 29 commits out of the last 30 -- score normalized to 9 CII-Best-Practices :warning: 0 no badge detected Vulnerabilities :green_circle: 10 no vulnerabilities detected Signed-Releases :warning: -1 no releases found Security-Policy :green_circle: 10 security policy file detected License :green_circle: 10 license file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 no published package detected Token-Permissions :warning: 0 non read-only tokens detected in GitHub workflows Binary-Artifacts :green_circle: 6 binaries present in source code Dependency-Update-Tool :green_circle: 10 update tool detected Fuzzing :warning: 0 project is not fuzzed Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection :green_circle: 3 branch protection is not maximal on development and all release branches
npm/rollup	4.21.0	:green_circle: 5.4	Details Check Score Reason Code-Review :green_circle: 3 Found 6/18 approved changesets -- score normalized to 3 Maintained :green_circle: 10 30 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches Packaging :warning: -1 packaging workflow not detected Security-Policy :warning: 0 security policy file not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 9 1 existing vulnerabilities detected
npm/terser	5.31.6	:green_circle: 6.3	Details Check Score Reason Code-Review :warning: 1 Found 4/27 approved changesets -- score normalized to 1 Maintained :green_circle: 10 25 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Token-Permissions :green_circle: 10 GitHub workflow tokens follow principle of least privilege Branch-Protection :warning: 0 branch protection not enabled on development/release branches Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :green_circle: 5 dependency not pinned by hash detected -- score normalized to 5 Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected
npm/undici-types	6.19.6	:green_circle: 8.3	Details Check Score Reason Binary-Artifacts :green_circle: 8 binaries present in source code Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration CI-Tests :green_circle: 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected Code-Review :green_circle: 10 all changesets reviewed Contributors :green_circle: 10 project has 97 contributing companies or organizations Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Dependency-Update-Tool :green_circle: 10 update tool detected Fuzzing :green_circle: 10 project is fuzzed License :green_circle: 10 license file detected Maintained :green_circle: 10 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 Packaging :green_circle: 10 packaging workflow detected Pinned-Dependencies :green_circle: 3 dependency not pinned by hash detected -- score normalized to 3 SAST :green_circle: 10 SAST tool is run on all commits Security-Policy :green_circle: 9 security policy file detected Signed-Releases :warning: -1 no releases found Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected

Scanned Manifest Files

package-lock.json

• @playwright/test@1.46.1
• @rollup/rollup-android-arm-eabi@4.21.0
• @rollup/rollup-android-arm64@4.21.0
• @rollup/rollup-darwin-arm64@4.21.0
• @rollup/rollup-darwin-x64@4.21.0
• @rollup/rollup-linux-arm-gnueabihf@4.21.0
• @rollup/rollup-linux-arm-musleabihf@4.21.0
• @rollup/rollup-linux-arm64-gnu@4.21.0
• @rollup/rollup-linux-arm64-musl@4.21.0
• @rollup/rollup-linux-powerpc64le-gnu@4.21.0
• @rollup/rollup-linux-riscv64-gnu@4.21.0
• @rollup/rollup-linux-s390x-gnu@4.21.0
• @rollup/rollup-linux-x64-gnu@4.21.0
• @rollup/rollup-linux-x64-musl@4.21.0
• @rollup/rollup-win32-arm64-msvc@4.21.0
• @rollup/rollup-win32-ia32-msvc@4.21.0
• @rollup/rollup-win32-x64-msvc@4.21.0
• @types/node@22.4.0
• electron-to-chromium@1.5.11
• ignore@5.3.2
• playwright@1.46.1
• playwright-core@1.46.1
• rollup@4.21.0
• terser@5.31.6
• undici-types@6.19.6
• @playwright/test@1.46.0
• @rollup/rollup-android-arm-eabi@4.20.0
• @rollup/rollup-android-arm64@4.20.0
• @rollup/rollup-darwin-arm64@4.20.0
• @rollup/rollup-darwin-x64@4.20.0
• @rollup/rollup-linux-arm-gnueabihf@4.20.0
• @rollup/rollup-linux-arm-musleabihf@4.20.0
• @rollup/rollup-linux-arm64-gnu@4.20.0
• @rollup/rollup-linux-arm64-musl@4.20.0
• @rollup/rollup-linux-powerpc64le-gnu@4.20.0
• @rollup/rollup-linux-riscv64-gnu@4.20.0
• @rollup/rollup-linux-s390x-gnu@4.20.0
• @rollup/rollup-linux-x64-gnu@4.20.0
• @rollup/rollup-linux-x64-musl@4.20.0
• @rollup/rollup-win32-arm64-msvc@4.20.0
• @rollup/rollup-win32-ia32-msvc@4.20.0
• @rollup/rollup-win32-x64-msvc@4.20.0
• @types/node@22.3.0
• electron-to-chromium@1.5.6
• ignore@5.3.1
• playwright@1.46.0
• playwright-core@1.46.0
• rollup@4.20.0
• terser@5.31.5
• undici-types@6.18.2