search

sjinks / wp-two-factor-provider-webauthn

WebAuthn Provider for Two Factor plugin
https://wordpress.org/plugins/two-factor-provider-webauthn/
MIT License
15 stars 7 forks source link

chore(deps): update devdependencies (non-major) #880

Closed renovate[bot] closed 2 months ago

renovate[bot] commented 2 months ago

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
@wordpress/babel-plugin-makepot (source) 6.7.0 -> 6.8.0 age adoption passing confidence
@wordpress/eslint-plugin (source) 21.0.0 -> 21.1.2 age adoption passing confidence
@wordpress/i18n (source) 5.7.0 -> 5.8.0 age adoption passing confidence
rollup (source) 4.21.3 -> 4.22.2 age adoption passing confidence

Release Notes

WordPress/gutenberg (@​wordpress/babel-plugin-makepot) ### [`v6.8.0`](https://redirect.github.com/WordPress/gutenberg/blob/HEAD/packages/babel-plugin-makepot/CHANGELOG.md#680-2024-09-19) [Compare Source](https://redirect.github.com/WordPress/gutenberg/compare/@wordpress/babel-plugin-makepot@6.7.0...@wordpress/babel-plugin-makepot@6.8.0)
WordPress/gutenberg (@​wordpress/eslint-plugin) ### [`v21.1.2`](https://redirect.github.com/WordPress/gutenberg/compare/@wordpress/eslint-plugin@21.1.1...@wordpress/eslint-plugin@21.1.2) [Compare Source](https://redirect.github.com/WordPress/gutenberg/compare/@wordpress/eslint-plugin@21.1.1...@wordpress/eslint-plugin@21.1.2) ### [`v21.1.1`](https://redirect.github.com/WordPress/gutenberg/compare/@wordpress/eslint-plugin@21.1.0...@wordpress/eslint-plugin@21.1.1) [Compare Source](https://redirect.github.com/WordPress/gutenberg/compare/@wordpress/eslint-plugin@21.1.0...@wordpress/eslint-plugin@21.1.1) ### [`v21.1.0`](https://redirect.github.com/WordPress/gutenberg/blob/HEAD/packages/eslint-plugin/CHANGELOG.md#2110-2024-09-19) [Compare Source](https://redirect.github.com/WordPress/gutenberg/compare/@wordpress/eslint-plugin@21.0.0...@wordpress/eslint-plugin@21.1.0)
WordPress/gutenberg (@​wordpress/i18n) ### [`v5.8.0`](https://redirect.github.com/WordPress/gutenberg/blob/HEAD/packages/i18n/CHANGELOG.md#580-2024-09-19) [Compare Source](https://redirect.github.com/WordPress/gutenberg/compare/@wordpress/i18n@5.7.0...@wordpress/i18n@5.8.0)
rollup/rollup (rollup) ### [`v4.22.2`](https://redirect.github.com/rollup/rollup/blob/HEAD/CHANGELOG.md#4222) [Compare Source](https://redirect.github.com/rollup/rollup/compare/v4.22.1...v4.22.2) *2024-09-20* ##### Bug Fixes - Revert fix for side effect free modules until other issues are investigated ([#​5667](https://redirect.github.com/rollup/rollup/issues/5667)) ##### Pull Requests - [#​5667](https://redirect.github.com/rollup/rollup/pull/5667): Partially revert [#​5658](https://redirect.github.com/rollup/rollup/issues/5658) and re-apply [#​5644](https://redirect.github.com/rollup/rollup/issues/5644) ([@​lukastaegert](https://redirect.github.com/lukastaegert)) ### [`v4.22.1`](https://redirect.github.com/rollup/rollup/blob/HEAD/CHANGELOG.md#4221) [Compare Source](https://redirect.github.com/rollup/rollup/compare/v4.22.0...v4.22.1) *2024-09-20* ##### Bug Fixes - Revert [#​5644](https://redirect.github.com/rollup/rollup/issues/5644) "stable chunk hashes" while issues are being investigated ##### Pull Requests - [#​5663](https://redirect.github.com/rollup/rollup/pull/5663): chore(deps): update dependency inquirer to v11 ([@​renovate](https://redirect.github.com/renovate)\[bot], [@​lukastaegert](https://redirect.github.com/lukastaegert)) - [#​5664](https://redirect.github.com/rollup/rollup/pull/5664): chore(deps): lock file maintenance minor/patch updates ([@​renovate](https://redirect.github.com/renovate)\[bot]) - [#​5665](https://redirect.github.com/rollup/rollup/pull/5665): fix: type in CI file ([@​YuHyeonWook](https://redirect.github.com/YuHyeonWook)) - [#​5666](https://redirect.github.com/rollup/rollup/pull/5666): chore(deps): lock file maintenance minor/patch updates ([@​renovate](https://redirect.github.com/renovate)\[bot]) ### [`v4.22.0`](https://redirect.github.com/rollup/rollup/blob/HEAD/CHANGELOG.md#4220) [Compare Source](https://redirect.github.com/rollup/rollup/compare/v4.21.3...v4.22.0) *2024-09-19* ##### Features - Add additional known global values to avoid access side effects ([#​5651](https://redirect.github.com/rollup/rollup/issues/5651)) ##### Bug Fixes - Ensure deterministic chunk hash generation despite async renderChunk hook ([#​5644](https://redirect.github.com/rollup/rollup/issues/5644)) - Improve side effect detection when using "smallest" treeshaking preset when imports are optimized away ([#​5658](https://redirect.github.com/rollup/rollup/issues/5658)) ##### Pull Requests - [#​5644](https://redirect.github.com/rollup/rollup/pull/5644): fix: apply final hashes deterministically with stable placeholders set ([@​mattkubej](https://redirect.github.com/mattkubej), [@​lukastaegert](https://redirect.github.com/lukastaegert)) - [#​5646](https://redirect.github.com/rollup/rollup/pull/5646): chore(deps): update dependency [@​mermaid-js/mermaid-cli](https://redirect.github.com/mermaid-js/mermaid-cli) to v11 ([@​renovate](https://redirect.github.com/renovate)\[bot]) - [#​5647](https://redirect.github.com/rollup/rollup/pull/5647): chore(deps): update dependency concurrently to v9 ([@​renovate](https://redirect.github.com/renovate)\[bot]) - [#​5648](https://redirect.github.com/rollup/rollup/pull/5648): chore(deps): lock file maintenance minor/patch updates ([@​renovate](https://redirect.github.com/renovate)\[bot]) - [#​5651](https://redirect.github.com/rollup/rollup/pull/5651): feat: add `AggregateError`, `FinalizationRegistry`, `WeakRef` to knownGlobals ([@​re-taro](https://redirect.github.com/re-taro)) - [#​5653](https://redirect.github.com/rollup/rollup/pull/5653): Fix example selection in REPL ([@​lukastaegert](https://redirect.github.com/lukastaegert)) - [#​5657](https://redirect.github.com/rollup/rollup/pull/5657): chore(deps): update dependency vite to v5.4.6 \[security] ([@​renovate](https://redirect.github.com/renovate)\[bot]) - [#​5658](https://redirect.github.com/rollup/rollup/pull/5658): Detect variable reassignments in modules without side effects ([@​lukastaegert](https://redirect.github.com/lukastaegert))

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

â™» Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

This PR was generated by Mend Renovate. View the repository job log.

github-actions[bot] commented 2 months ago

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Scorecard details
PackageVersionScoreDetails
npm/@rollup/rollup-android-arm-eabi 4.22.2 :green_circle: 5.7
Details
CheckScoreReason
Code-Review:green_circle: 5Found 9/16 approved changesets -- score normalized to 5
Maintained:green_circle: 1030 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Packaging:warning: -1packaging workflow not detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Security-Policy:warning: 0security policy file not detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-android-arm64 4.22.2 :green_circle: 5.7
Details
CheckScoreReason
Code-Review:green_circle: 5Found 9/16 approved changesets -- score normalized to 5
Maintained:green_circle: 1030 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Packaging:warning: -1packaging workflow not detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Security-Policy:warning: 0security policy file not detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-darwin-arm64 4.22.2 :green_circle: 5.7
Details
CheckScoreReason
Code-Review:green_circle: 5Found 9/16 approved changesets -- score normalized to 5
Maintained:green_circle: 1030 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Packaging:warning: -1packaging workflow not detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Security-Policy:warning: 0security policy file not detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-darwin-x64 4.22.2 :green_circle: 5.7
Details
CheckScoreReason
Code-Review:green_circle: 5Found 9/16 approved changesets -- score normalized to 5
Maintained:green_circle: 1030 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Packaging:warning: -1packaging workflow not detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Security-Policy:warning: 0security policy file not detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-linux-arm-gnueabihf 4.22.2 :green_circle: 5.7
Details
CheckScoreReason
Code-Review:green_circle: 5Found 9/16 approved changesets -- score normalized to 5
Maintained:green_circle: 1030 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Packaging:warning: -1packaging workflow not detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Security-Policy:warning: 0security policy file not detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-linux-arm-musleabihf 4.22.2 :green_circle: 5.7
Details
CheckScoreReason
Code-Review:green_circle: 5Found 9/16 approved changesets -- score normalized to 5
Maintained:green_circle: 1030 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Packaging:warning: -1packaging workflow not detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Security-Policy:warning: 0security policy file not detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-linux-arm64-gnu 4.22.2 :green_circle: 5.7
Details
CheckScoreReason
Code-Review:green_circle: 5Found 9/16 approved changesets -- score normalized to 5
Maintained:green_circle: 1030 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Packaging:warning: -1packaging workflow not detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Security-Policy:warning: 0security policy file not detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-linux-arm64-musl 4.22.2 :green_circle: 5.7
Details
CheckScoreReason
Code-Review:green_circle: 5Found 9/16 approved changesets -- score normalized to 5
Maintained:green_circle: 1030 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Packaging:warning: -1packaging workflow not detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Security-Policy:warning: 0security policy file not detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-linux-powerpc64le-gnu 4.22.2 :green_circle: 5.7
Details
CheckScoreReason
Code-Review:green_circle: 5Found 9/16 approved changesets -- score normalized to 5
Maintained:green_circle: 1030 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Packaging:warning: -1packaging workflow not detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Security-Policy:warning: 0security policy file not detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-linux-riscv64-gnu 4.22.2 :green_circle: 5.7
Details
CheckScoreReason
Code-Review:green_circle: 5Found 9/16 approved changesets -- score normalized to 5
Maintained:green_circle: 1030 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Packaging:warning: -1packaging workflow not detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Security-Policy:warning: 0security policy file not detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-linux-s390x-gnu 4.22.2 :green_circle: 5.7
Details
CheckScoreReason
Code-Review:green_circle: 5Found 9/16 approved changesets -- score normalized to 5
Maintained:green_circle: 1030 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Packaging:warning: -1packaging workflow not detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Security-Policy:warning: 0security policy file not detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-linux-x64-gnu 4.22.2 :green_circle: 5.7
Details
CheckScoreReason
Code-Review:green_circle: 5Found 9/16 approved changesets -- score normalized to 5
Maintained:green_circle: 1030 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Packaging:warning: -1packaging workflow not detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Security-Policy:warning: 0security policy file not detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-linux-x64-musl 4.22.2 :green_circle: 5.7
Details
CheckScoreReason
Code-Review:green_circle: 5Found 9/16 approved changesets -- score normalized to 5
Maintained:green_circle: 1030 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Packaging:warning: -1packaging workflow not detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Security-Policy:warning: 0security policy file not detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-win32-arm64-msvc 4.22.2 :green_circle: 5.7
Details
CheckScoreReason
Code-Review:green_circle: 5Found 9/16 approved changesets -- score normalized to 5
Maintained:green_circle: 1030 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Packaging:warning: -1packaging workflow not detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Security-Policy:warning: 0security policy file not detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-win32-ia32-msvc 4.22.2 :green_circle: 5.7
Details
CheckScoreReason
Code-Review:green_circle: 5Found 9/16 approved changesets -- score normalized to 5
Maintained:green_circle: 1030 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Packaging:warning: -1packaging workflow not detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Security-Policy:warning: 0security policy file not detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-win32-x64-msvc 4.22.2 :green_circle: 5.7
Details
CheckScoreReason
Code-Review:green_circle: 5Found 9/16 approved changesets -- score normalized to 5
Maintained:green_circle: 1030 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Packaging:warning: -1packaging workflow not detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Security-Policy:warning: 0security policy file not detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@wordpress/babel-plugin-makepot 6.8.0 :green_circle: 5.6
Details
CheckScoreReason
Code-Review:green_circle: 9Found 28/29 approved changesets -- score normalized to 9
Maintained:green_circle: 1030 commit(s) and 10 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Branch-Protection:warning: -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases:warning: 0Project has not signed or included provenance with any releases.
Security-Policy:green_circle: 9security policy file detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Packaging:green_circle: 10packaging workflow detected
Pinned-Dependencies:green_circle: 8dependency not pinned by hash detected -- score normalized to 8
Fuzzing:warning: 0project is not fuzzed
Binary-Artifacts:green_circle: 10no binaries found in the repo
Vulnerabilities:warning: 023 existing vulnerabilities detected
npm/@wordpress/babel-preset-default 8.8.2 :green_circle: 5.6
Details
CheckScoreReason
Code-Review:green_circle: 9Found 28/29 approved changesets -- score normalized to 9
Maintained:green_circle: 1030 commit(s) and 10 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Branch-Protection:warning: -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases:warning: 0Project has not signed or included provenance with any releases.
Security-Policy:green_circle: 9security policy file detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Packaging:green_circle: 10packaging workflow detected
Pinned-Dependencies:green_circle: 8dependency not pinned by hash detected -- score normalized to 8
Fuzzing:warning: 0project is not fuzzed
Binary-Artifacts:green_circle: 10no binaries found in the repo
Vulnerabilities:warning: 023 existing vulnerabilities detected
npm/@wordpress/browserslist-config 6.8.1 :green_circle: 5.6
Details
CheckScoreReason
Code-Review:green_circle: 9Found 28/29 approved changesets -- score normalized to 9
Maintained:green_circle: 1030 commit(s) and 10 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Branch-Protection:warning: -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases:warning: 0Project has not signed or included provenance with any releases.
Security-Policy:green_circle: 9security policy file detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Packaging:green_circle: 10packaging workflow detected
Pinned-Dependencies:green_circle: 8dependency not pinned by hash detected -- score normalized to 8
Fuzzing:warning: 0project is not fuzzed
Binary-Artifacts:green_circle: 10no binaries found in the repo
Vulnerabilities:warning: 023 existing vulnerabilities detected
npm/@wordpress/eslint-plugin 21.1.2 :green_circle: 5.6
Details
CheckScoreReason
Code-Review:green_circle: 9Found 28/29 approved changesets -- score normalized to 9
Maintained:green_circle: 1030 commit(s) and 10 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Branch-Protection:warning: -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases:warning: 0Project has not signed or included provenance with any releases.
Security-Policy:green_circle: 9security policy file detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Packaging:green_circle: 10packaging workflow detected
Pinned-Dependencies:green_circle: 8dependency not pinned by hash detected -- score normalized to 8
Fuzzing:warning: 0project is not fuzzed
Binary-Artifacts:green_circle: 10no binaries found in the repo
Vulnerabilities:warning: 023 existing vulnerabilities detected
npm/@wordpress/hooks 4.8.0 :green_circle: 5.6
Details
CheckScoreReason
Code-Review:green_circle: 9Found 28/29 approved changesets -- score normalized to 9
Maintained:green_circle: 1030 commit(s) and 10 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Branch-Protection:warning: -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases:warning: 0Project has not signed or included provenance with any releases.
Security-Policy:green_circle: 9security policy file detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Packaging:green_circle: 10packaging workflow detected
Pinned-Dependencies:green_circle: 8dependency not pinned by hash detected -- score normalized to 8
Fuzzing:warning: 0project is not fuzzed
Binary-Artifacts:green_circle: 10no binaries found in the repo
Vulnerabilities:warning: 023 existing vulnerabilities detected
npm/@wordpress/i18n 5.8.0 :green_circle: 5.6
Details
CheckScoreReason
Code-Review:green_circle: 9Found 28/29 approved changesets -- score normalized to 9
Maintained:green_circle: 1030 commit(s) and 10 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Branch-Protection:warning: -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases:warning: 0Project has not signed or included provenance with any releases.
Security-Policy:green_circle: 9security policy file detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Packaging:green_circle: 10packaging workflow detected
Pinned-Dependencies:green_circle: 8dependency not pinned by hash detected -- score normalized to 8
Fuzzing:warning: 0project is not fuzzed
Binary-Artifacts:green_circle: 10no binaries found in the repo
Vulnerabilities:warning: 023 existing vulnerabilities detected
npm/@wordpress/prettier-config 4.8.1 :green_circle: 5.6
Details
CheckScoreReason
Code-Review:green_circle: 9Found 28/29 approved changesets -- score normalized to 9
Maintained:green_circle: 1030 commit(s) and 10 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Branch-Protection:warning: -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases:warning: 0Project has not signed or included provenance with any releases.
Security-Policy:green_circle: 9security policy file detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Packaging:green_circle: 10packaging workflow detected
Pinned-Dependencies:green_circle: 8dependency not pinned by hash detected -- score normalized to 8
Fuzzing:warning: 0project is not fuzzed
Binary-Artifacts:green_circle: 10no binaries found in the repo
Vulnerabilities:warning: 023 existing vulnerabilities detected
npm/@wordpress/warning 3.8.1 :green_circle: 5.6
Details
CheckScoreReason
Code-Review:green_circle: 9Found 28/29 approved changesets -- score normalized to 9
Maintained:green_circle: 1030 commit(s) and 10 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Branch-Protection:warning: -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases:warning: 0Project has not signed or included provenance with any releases.
Security-Policy:green_circle: 9security policy file detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Packaging:green_circle: 10packaging workflow detected
Pinned-Dependencies:green_circle: 8dependency not pinned by hash detected -- score normalized to 8
Fuzzing:warning: 0project is not fuzzed
Binary-Artifacts:green_circle: 10no binaries found in the repo
Vulnerabilities:warning: 023 existing vulnerabilities detected
npm/rollup 4.22.2 :green_circle: 5.7
Details
CheckScoreReason
Code-Review:green_circle: 5Found 9/16 approved changesets -- score normalized to 5
Maintained:green_circle: 1030 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Packaging:warning: -1packaging workflow not detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Security-Policy:warning: 0security policy file not detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected

Scanned Manifest Files

package-lock.json
  • @rollup/rollup-android-arm-eabi@4.22.2
  • @rollup/rollup-android-arm64@4.22.2
  • @rollup/rollup-darwin-arm64@4.22.2
  • @rollup/rollup-darwin-x64@4.22.2
  • @rollup/rollup-linux-arm-gnueabihf@4.22.2
  • @rollup/rollup-linux-arm-musleabihf@4.22.2
  • @rollup/rollup-linux-arm64-gnu@4.22.2
  • @rollup/rollup-linux-arm64-musl@4.22.2
  • @rollup/rollup-linux-powerpc64le-gnu@4.22.2
  • @rollup/rollup-linux-riscv64-gnu@4.22.2
  • @rollup/rollup-linux-s390x-gnu@4.22.2
  • @rollup/rollup-linux-x64-gnu@4.22.2
  • @rollup/rollup-linux-x64-musl@4.22.2
  • @rollup/rollup-win32-arm64-msvc@4.22.2
  • @rollup/rollup-win32-ia32-msvc@4.22.2
  • @rollup/rollup-win32-x64-msvc@4.22.2
  • @wordpress/babel-plugin-makepot@6.8.0
  • @wordpress/babel-preset-default@8.8.2
  • @wordpress/browserslist-config@6.8.1
  • @wordpress/eslint-plugin@21.1.2
  • @wordpress/hooks@4.8.0
  • @wordpress/i18n@5.8.0
  • @wordpress/prettier-config@4.8.1
  • @wordpress/warning@3.8.1
  • rollup@4.22.2
  • @rollup/rollup-android-arm-eabi@4.21.3
  • @rollup/rollup-android-arm64@4.21.3
  • @rollup/rollup-darwin-arm64@4.21.3
  • @rollup/rollup-darwin-x64@4.21.3
  • @rollup/rollup-linux-arm-gnueabihf@4.21.3
  • @rollup/rollup-linux-arm-musleabihf@4.21.3
  • @rollup/rollup-linux-arm64-gnu@4.21.3
  • @rollup/rollup-linux-arm64-musl@4.21.3
  • @rollup/rollup-linux-powerpc64le-gnu@4.21.3
  • @rollup/rollup-linux-riscv64-gnu@4.21.3
  • @rollup/rollup-linux-s390x-gnu@4.21.3
  • @rollup/rollup-linux-x64-gnu@4.21.3
  • @rollup/rollup-linux-x64-musl@4.21.3
  • @rollup/rollup-win32-arm64-msvc@4.21.3
  • @rollup/rollup-win32-ia32-msvc@4.21.3
  • @rollup/rollup-win32-x64-msvc@4.21.3
  • @wordpress/babel-plugin-makepot@6.7.0
  • @wordpress/babel-preset-default@8.7.0
  • @wordpress/browserslist-config@6.7.0
  • @wordpress/eslint-plugin@21.0.0
  • @wordpress/hooks@4.7.0
  • @wordpress/i18n@5.7.0
  • @wordpress/prettier-config@4.7.0
  • @wordpress/warning@3.7.0
  • rollup@4.21.3