chore(deps): lock file maintenance

[renovate[bot]]

This PR contains the following updates:

Update	Change
lockFileMaintenance	All locks refreshed

🔧 This Pull Request updates lock files to use the latest dependency versions.

---

Configuration

📅 Schedule: Branch creation - "before 5am on monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• [ ] If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions[bot]]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
composer/netresearch/jsonmapper	4.5.0	:green_circle: 4.3	Details Check Score Reason Maintained :green_circle: 10 14 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 Code-Review :warning: 0 Found 0/30 approved changesets -- score normalized to 0 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected Signed-Releases :warning: -1 no releases found License :green_circle: 10 license file detected Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :warning: -1 no workflows found Binary-Artifacts :green_circle: 10 no binaries found in the repo SAST :warning: 0 no SAST tool detected Pinned-Dependencies :warning: -1 no dependencies found Token-Permissions :warning: -1 No tokens found Branch-Protection :warning: 0 branch protection not enabled on development/release branches Security-Policy :warning: 0 security policy file not detected Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Fuzzing :warning: 0 project is not fuzzed
composer/phpstan/phpdoc-parser	1.30.1	:green_circle: 4.8	Details Check Score Reason Code-Review :green_circle: 4 Found 11/26 approved changesets -- score normalized to 4 Maintained :green_circle: 3 4 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 3 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Token-Permissions :warning: -1 No tokens found Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :warning: -1 no workflows found Pinned-Dependencies :warning: -1 no dependencies found Branch-Protection :warning: 0 branch protection not enabled on development/release branches Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Security-Policy :green_circle: 10 security policy file detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
composer/vimeo/psalm	5.26.0	:green_circle: 6.6	Details Check Score Reason Code-Review :green_circle: 9 Found 13/14 approved changesets -- score normalized to 9 Maintained :green_circle: 10 24 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :green_circle: 8 5 out of the last 5 releases have a total of 5 signed artifacts. Token-Permissions :warning: -1 No tokens found Dangerous-Workflow :warning: -1 no workflows found Packaging :warning: -1 packaging workflow not detected Security-Policy :warning: 0 security policy file not detected Fuzzing :warning: 0 project is not fuzzed Branch-Protection :warning: -1 internal error: error during GetBranch(master): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: -1 no dependencies found SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
npm/@rtsao/scc	1.1.0	:green_circle: 3.3	Details Check Score Reason Maintained :warning: 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 Code-Review :warning: 2 Found 1/4 approved changesets -- score normalized to 2 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Pinned-Dependencies :warning: -1 no dependencies found Dangerous-Workflow :warning: -1 no workflows found Token-Permissions :warning: -1 No tokens found Binary-Artifacts :green_circle: 10 no binaries found in the repo Packaging :warning: -1 packaging workflow not detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Branch-Protection :warning: 0 branch protection not enabled on development/release branches Security-Policy :warning: 0 security policy file not detected Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected
npm/axobject-query	4.1.0	:green_circle: 4.4	Details Check Score Reason Maintained :green_circle: 10 21 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 Code-Review :warning: 1 Found 2/15 approved changesets -- score normalized to 1 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :green_circle: 8 dependency not pinned by hash detected -- score normalized to 8 Security-Policy :warning: 0 security policy file not detected Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :warning: 0 36 existing vulnerabilities detected
npm/caniuse-lite	1.0.30001658	:green_circle: 4.3	Details Check Score Reason Code-Review :warning: 0 Found 0/28 approved changesets -- score normalized to 0 Maintained :green_circle: 10 27 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected Branch-Protection :warning: 0 branch protection not enabled on development/release branches Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Security-Policy :warning: 0 security policy file not detected Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :green_circle: 9 1 existing vulnerabilities detected
npm/debug	4.3.7	:green_circle: 4.1	Details Check Score Reason Code-Review :green_circle: 3 Found 11/28 approved changesets -- score normalized to 3 Maintained :green_circle: 5 3 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 5 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Packaging :warning: -1 packaging workflow not detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Dangerous-Workflow :warning: -1 no workflows found Token-Permissions :warning: -1 No tokens found Pinned-Dependencies :warning: -1 no dependencies found Branch-Protection :warning: 0 branch protection not enabled on development/release branches Security-Policy :warning: 0 security policy file not detected Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Fuzzing :warning: 0 project is not fuzzed Signed-Releases :warning: -1 no releases found SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
npm/electron-to-chromium	1.5.18	Unknown	Unknown
npm/eslint-module-utils	2.11.0	:green_circle: 6	Details Check Score Reason Code-Review :green_circle: 5 Found 16/30 approved changesets -- score normalized to 5 Maintained :green_circle: 10 15 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
npm/eslint-plugin-import	2.30.0	:green_circle: 6	Details Check Score Reason Code-Review :green_circle: 5 Found 16/30 approved changesets -- score normalized to 5 Maintained :green_circle: 10 15 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
npm/eslint-plugin-jsx-a11y	6.10.0	:green_circle: 5.8	Details Check Score Reason Code-Review :green_circle: 3 Found 11/29 approved changesets -- score normalized to 3 Maintained :green_circle: 10 25 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Fuzzing :warning: 0 project is not fuzzed Signed-Releases :warning: -1 no releases found Security-Policy :green_circle: 9 security policy file detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
npm/eslint-plugin-react	7.35.2	:green_circle: 5.7	Details Check Score Reason Code-Review :warning: 2 Found 7/30 approved changesets -- score normalized to 2 Maintained :green_circle: 10 29 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy :green_circle: 10 security policy file detected Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
npm/ms	2.1.3	:green_circle: 4.3	Details Check Score Reason Code-Review :green_circle: 6 Found 19/29 approved changesets -- score normalized to 6 Maintained :warning: 0 1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Binary-Artifacts :green_circle: 10 no binaries found in the repo Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Fuzzing :warning: 0 project is not fuzzed Security-Policy :green_circle: 10 security policy file detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :warning: 2 8 existing vulnerabilities detected
npm/picocolors	1.1.0	:green_circle: 4.3	Details Check Score Reason Code-Review :green_circle: 5 Found 9/18 approved changesets -- score normalized to 5 Maintained :green_circle: 4 3 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 4 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Packaging :warning: -1 packaging workflow not detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection :warning: 0 branch protection not enabled on development/release branches Signed-Releases :warning: -1 no releases found Security-Policy :warning: 0 security policy file not detected Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0

Scanned Manifest Files

composer.lock

• netresearch/jsonmapper@4.5.0
• phpstan/phpdoc-parser@1.30.1
• vimeo/psalm@5.26.0
• netresearch/jsonmapper@4.4.1
• phpstan/phpdoc-parser@1.30.0
• vimeo/psalm@5.25.0

package-lock.json

• @rtsao/scc@1.1.0
• axobject-query@4.1.0
• caniuse-lite@1.0.30001658
• debug@4.3.7
• electron-to-chromium@1.5.18
• eslint-module-utils@2.11.0
• eslint-plugin-import@2.30.0
• eslint-plugin-jsx-a11y@6.10.0
• eslint-plugin-react@7.35.2
• ms@2.1.3
• picocolors@1.1.0
• axobject-query@3.1.1
• caniuse-lite@1.0.30001655
• debug@4.3.6
• electron-to-chromium@1.5.13
• eslint-module-utils@2.8.2
• eslint-plugin-import@2.29.1
• eslint-plugin-jsx-a11y@6.9.0
• eslint-plugin-react@7.35.0
• ms@2.1.2
• picocolors@1.0.1