search

sjinks / wp-two-factor-provider-webauthn

WebAuthn Provider for Two Factor plugin
https://wordpress.org/plugins/two-factor-provider-webauthn/
MIT License
15 stars 7 forks source link

chore: release 2.5.0 #875

Closed sjinks closed 2 months ago

github-actions[bot] commented 2 months ago

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
npm/caniuse-lite 1.0.30001660 :green_circle: 4.3
Details
CheckScoreReason
Code-Review:warning: 0Found 0/28 approved changesets -- score normalized to 0
Maintained:green_circle: 1027 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 10license file detected
Signed-Releases:warning: -1no releases found
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Branch-Protection:warning: 0branch protection not enabled on development/release branches
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Packaging:warning: -1packaging workflow not detected
Binary-Artifacts:green_circle: 10no binaries found in the repo
Security-Policy:warning: 0security policy file not detected
Pinned-Dependencies:warning: 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing:warning: 0project is not fuzzed
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities:green_circle: 91 existing vulnerabilities detected
npm/electron-to-chromium 1.5.20 UnknownUnknown
npm/eslint-plugin-react 7.36.0 :green_circle: 5.7
Details
CheckScoreReason
Code-Review:warning: 2Found 7/30 approved changesets -- score normalized to 2
Maintained:green_circle: 1029 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 10license file detected
Signed-Releases:warning: -1no releases found
Branch-Protection:warning: -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Security-Policy:green_circle: 10security policy file detected
Packaging:warning: -1packaging workflow not detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Binary-Artifacts:green_circle: 10no binaries found in the repo
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies:warning: 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
Fuzzing:warning: 0project is not fuzzed
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
npm/regenerate-unicode-properties 10.2.0 :green_circle: 3.5
Details
CheckScoreReason
Maintained:warning: 00 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Code-Review:warning: 1Found 3/30 approved changesets -- score normalized to 1
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 10license file detected
Signed-Releases:warning: -1no releases found
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Packaging:warning: -1packaging workflow not detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Branch-Protection:warning: 0branch protection not enabled on development/release branches
Binary-Artifacts:green_circle: 10no binaries found in the repo
Pinned-Dependencies:warning: 0dependency not pinned by hash detected -- score normalized to 0
Security-Policy:warning: 0security policy file not detected
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
Fuzzing:warning: 0project is not fuzzed
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
npm/terser 5.32.0 :green_circle: 6.3
Details
CheckScoreReason
Code-Review:warning: 1Found 4/27 approved changesets -- score normalized to 1
Maintained:green_circle: 1021 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Packaging:warning: -1packaging workflow not detected
Token-Permissions:green_circle: 10GitHub workflow tokens follow principle of least privilege
Security-Policy:green_circle: 10security policy file detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Branch-Protection:warning: 0branch protection not enabled on development/release branches
Binary-Artifacts:green_circle: 10no binaries found in the repo
Pinned-Dependencies:green_circle: 5dependency not pinned by hash detected -- score normalized to 5
Fuzzing:warning: 0project is not fuzzed
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/unicode-canonical-property-names-ecmascript 2.0.1 :green_circle: 3.4
Details
CheckScoreReason
Code-Review:warning: 0Found 0/14 approved changesets -- score normalized to 0
Maintained:warning: 00 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 10license file detected
Signed-Releases:warning: -1no releases found
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Pinned-Dependencies:warning: 0dependency not pinned by hash detected -- score normalized to 0
SAST:warning: 0no SAST tool detected
Binary-Artifacts:green_circle: 10no binaries found in the repo
Packaging:warning: -1packaging workflow not detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Branch-Protection:warning: 0branch protection not enabled on development/release branches
Security-Policy:warning: 0security policy file not detected
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
Fuzzing:warning: 0project is not fuzzed
npm/unicode-match-property-value-ecmascript 2.2.0 :green_circle: 3.4
Details
CheckScoreReason
Code-Review:warning: 0Found 1/17 approved changesets -- score normalized to 0
Maintained:warning: 00 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 10license file detected
Signed-Releases:warning: -1no releases found
Packaging:warning: -1packaging workflow not detected
Binary-Artifacts:green_circle: 10no binaries found in the repo
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies:warning: 0dependency not pinned by hash detected -- score normalized to 0
Branch-Protection:warning: 0branch protection not enabled on development/release branches
Security-Policy:warning: 0security policy file not detected
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0

Scanned Manifest Files

package-lock.json
  • caniuse-lite@1.0.30001660
  • electron-to-chromium@1.5.20
  • eslint-plugin-react@7.36.0
  • regenerate-unicode-properties@10.2.0
  • terser@5.32.0
  • unicode-canonical-property-names-ecmascript@2.0.1
  • unicode-match-property-value-ecmascript@2.2.0
  • caniuse-lite@1.0.30001659
  • electron-to-chromium@1.5.18
  • eslint-plugin-react@7.35.2
  • regenerate-unicode-properties@10.1.1
  • terser@5.31.6
  • unicode-canonical-property-names-ecmascript@2.0.0
  • unicode-match-property-value-ecmascript@2.1.0