chore(deps): lock file maintenance

[renovate[bot]]

This PR contains the following updates:

Update	Change
lockFileMaintenance	All locks refreshed

🔧 This Pull Request updates lock files to use the latest dependency versions.

---

Configuration

📅 Schedule: Branch creation - "before 5am on monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• [ ] If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions[bot]]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
composer/composer/semver	3.4.3	:green_circle: 6.7	Details Check Score Reason Code-Review :green_circle: 5 Found 16/27 approved changesets -- score normalized to 5 Maintained :green_circle: 10 13 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Dangerous-Workflow :warning: -1 no workflows found Token-Permissions :warning: -1 No tokens found Packaging :warning: -1 packaging workflow not detected Pinned-Dependencies :warning: -1 no dependencies found Binary-Artifacts :green_circle: 10 no binaries found in the repo Signed-Releases :warning: -1 no releases found Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing :warning: 0 project is not fuzzed Security-Policy :green_circle: 9 security policy file detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
composer/nikic/php-parser	4.19.2	:green_circle: 4.9	Details Check Score Reason Code-Review :warning: 1 Found 5/30 approved changesets -- score normalized to 1 Maintained :green_circle: 10 27 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :warning: -1 no workflows found Token-Permissions :warning: -1 No tokens found Pinned-Dependencies :warning: -1 no dependencies found Binary-Artifacts :green_circle: 10 no binaries found in the repo Security-Policy :warning: 0 security policy file not detected Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Branch-Protection :green_circle: 3 branch protection is not maximal on development and all release branches SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
composer/phpstan/phpdoc-parser	1.31.0	:green_circle: 5.2	Details Check Score Reason Code-Review :warning: 0 Found 1/30 approved changesets -- score normalized to 0 Maintained :green_circle: 10 30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :warning: -1 no workflows found Token-Permissions :warning: -1 No tokens found Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: -1 no dependencies found Branch-Protection :warning: 0 branch protection not enabled on development/release branches Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Fuzzing :warning: 0 project is not fuzzed Security-Policy :green_circle: 10 security policy file detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
composer/squizlabs/php_codesniffer	3.10.3	Unknown	Unknown
composer/symfony/cache	5.4.44	:green_circle: 5.2	Details Check Score Reason Code-Review :warning: 0 Found 0/30 approved changesets -- score normalized to 0 Maintained :green_circle: 10 19 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Token-Permissions :warning: -1 No tokens found Dangerous-Workflow :warning: -1 no workflows found SAST :warning: 0 no SAST tool detected Packaging :warning: -1 packaging workflow not detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: -1 no dependencies found Branch-Protection :warning: 0 branch protection not enabled on development/release branches Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Fuzzing :warning: 0 project is not fuzzed Security-Policy :green_circle: 10 security policy file detected
composer/symfony/console	5.4.44	:green_circle: 5.1	Details Check Score Reason Code-Review :warning: 0 Found 0/30 approved changesets -- score normalized to 0 Maintained :green_circle: 10 26 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :warning: -1 no workflows found Token-Permissions :warning: -1 No tokens found SAST :warning: 0 no SAST tool detected Binary-Artifacts :green_circle: 9 binaries present in source code Pinned-Dependencies :warning: -1 no dependencies found Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Fuzzing :warning: 0 project is not fuzzed Branch-Protection :warning: 0 branch protection not enabled on development/release branches Security-Policy :green_circle: 10 security policy file detected
composer/symfony/filesystem	5.4.44	:green_circle: 5.2	Details Check Score Reason Code-Review :warning: 0 Found 0/30 approved changesets -- score normalized to 0 Maintained :green_circle: 10 15 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected SAST :warning: 0 no SAST tool detected Pinned-Dependencies :warning: -1 no dependencies found Dangerous-Workflow :warning: -1 no workflows found Binary-Artifacts :green_circle: 10 no binaries found in the repo Token-Permissions :warning: -1 No tokens found Branch-Protection :warning: 0 branch protection not enabled on development/release branches Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Fuzzing :warning: 0 project is not fuzzed Security-Policy :green_circle: 10 security policy file detected
composer/symfony/string	5.4.44	:green_circle: 5.2	Details Check Score Reason Maintained :green_circle: 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Code-Review :warning: 0 Found 0/30 approved changesets -- score normalized to 0 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Pinned-Dependencies :warning: -1 no dependencies found Token-Permissions :warning: -1 No tokens found Packaging :warning: -1 packaging workflow not detected SAST :warning: 0 no SAST tool detected Dangerous-Workflow :warning: -1 no workflows found Binary-Artifacts :green_circle: 10 no binaries found in the repo Branch-Protection :warning: 0 branch protection not enabled on development/release branches Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Fuzzing :warning: 0 project is not fuzzed Security-Policy :green_circle: 10 security policy file detected
npm/@eslint/js	8.57.1	:green_circle: 6.9	Details Check Score Reason Code-Review :green_circle: 7 Found 22/29 approved changesets -- score normalized to 7 Maintained :green_circle: 10 30 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Security-Policy :green_circle: 10 security policy file detected Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing :warning: 0 project is not fuzzed SAST :green_circle: 10 SAST tool is run on all commits
npm/@humanwhocodes/config-array	0.13.0	:green_circle: 4.1	Details Check Score Reason Code-Review :green_circle: 4 Found 7/15 approved changesets -- score normalized to 4 Maintained :warning: 0 project is archived CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing :warning: 0 project is not fuzzed Security-Policy :warning: 0 security policy file not detected Packaging :green_circle: 10 packaging workflow detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :green_circle: 4 6 existing vulnerabilities detected
npm/@playwright/test	1.47.2	:green_circle: 6.5	Details Check Score Reason Maintained :green_circle: 10 30 commit(s) out of 30 and 6 issue activity out of 30 found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 9 GitHub code reviews found for 29 commits out of the last 30 -- score normalized to 9 CII-Best-Practices :warning: 0 no badge detected Vulnerabilities :green_circle: 10 no vulnerabilities detected Signed-Releases :warning: -1 no releases found Security-Policy :green_circle: 10 security policy file detected License :green_circle: 10 license file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 no published package detected Token-Permissions :warning: 0 non read-only tokens detected in GitHub workflows Binary-Artifacts :green_circle: 6 binaries present in source code Dependency-Update-Tool :green_circle: 10 update tool detected Fuzzing :warning: 0 project is not fuzzed Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection :green_circle: 3 branch protection is not maximal on development and all release branches
npm/@rollup/pluginutils	5.1.1	:green_circle: 3.4	Details Check Score Reason Code-Review :green_circle: 4 Found 14/30 approved changesets -- score normalized to 4 Maintained :green_circle: 5 2 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 5 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging :warning: -1 packaging workflow not detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Security-Policy :warning: 0 security policy file not detected Binary-Artifacts :green_circle: 7 binaries present in source code Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :warning: 0 13 existing vulnerabilities detected
npm/@rollup/rollup-android-arm-eabi	4.22.4	:green_circle: 6.1	Details Check Score Reason Code-Review :green_circle: 3 Found 7/21 approved changesets -- score normalized to 3 Maintained :green_circle: 10 30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected
npm/@rollup/rollup-android-arm64	4.22.4	:green_circle: 6.1	Details Check Score Reason Code-Review :green_circle: 3 Found 7/21 approved changesets -- score normalized to 3 Maintained :green_circle: 10 30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected
npm/@rollup/rollup-darwin-arm64	4.22.4	:green_circle: 6.1	Details Check Score Reason Code-Review :green_circle: 3 Found 7/21 approved changesets -- score normalized to 3 Maintained :green_circle: 10 30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected
npm/@rollup/rollup-darwin-x64	4.22.4	:green_circle: 6.1	Details Check Score Reason Code-Review :green_circle: 3 Found 7/21 approved changesets -- score normalized to 3 Maintained :green_circle: 10 30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected
npm/@rollup/rollup-linux-arm-gnueabihf	4.22.4	:green_circle: 6.1	Details Check Score Reason Code-Review :green_circle: 3 Found 7/21 approved changesets -- score normalized to 3 Maintained :green_circle: 10 30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected
npm/@rollup/rollup-linux-arm-musleabihf	4.22.4	:green_circle: 6.1	Details Check Score Reason Code-Review :green_circle: 3 Found 7/21 approved changesets -- score normalized to 3 Maintained :green_circle: 10 30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected
npm/@rollup/rollup-linux-arm64-gnu	4.22.4	:green_circle: 6.1	Details Check Score Reason Code-Review :green_circle: 3 Found 7/21 approved changesets -- score normalized to 3 Maintained :green_circle: 10 30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected
npm/@rollup/rollup-linux-arm64-musl	4.22.4	:green_circle: 6.1	Details Check Score Reason Code-Review :green_circle: 3 Found 7/21 approved changesets -- score normalized to 3 Maintained :green_circle: 10 30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected
npm/@rollup/rollup-linux-powerpc64le-gnu	4.22.4	:green_circle: 6.1	Details Check Score Reason Code-Review :green_circle: 3 Found 7/21 approved changesets -- score normalized to 3 Maintained :green_circle: 10 30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected
npm/@rollup/rollup-linux-riscv64-gnu	4.22.4	:green_circle: 6.1	Details Check Score Reason Code-Review :green_circle: 3 Found 7/21 approved changesets -- score normalized to 3 Maintained :green_circle: 10 30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected
npm/@rollup/rollup-linux-s390x-gnu	4.22.4	:green_circle: 6.1	Details Check Score Reason Code-Review :green_circle: 3 Found 7/21 approved changesets -- score normalized to 3 Maintained :green_circle: 10 30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected
npm/@rollup/rollup-linux-x64-gnu	4.22.4	:green_circle: 6.1	Details Check Score Reason Code-Review :green_circle: 3 Found 7/21 approved changesets -- score normalized to 3 Maintained :green_circle: 10 30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected
npm/@rollup/rollup-linux-x64-musl	4.22.4	:green_circle: 6.1	Details Check Score Reason Code-Review :green_circle: 3 Found 7/21 approved changesets -- score normalized to 3 Maintained :green_circle: 10 30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected
npm/@rollup/rollup-win32-arm64-msvc	4.22.4	:green_circle: 6.1	Details Check Score Reason Code-Review :green_circle: 3 Found 7/21 approved changesets -- score normalized to 3 Maintained :green_circle: 10 30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected
npm/@rollup/rollup-win32-ia32-msvc	4.22.4	:green_circle: 6.1	Details Check Score Reason Code-Review :green_circle: 3 Found 7/21 approved changesets -- score normalized to 3 Maintained :green_circle: 10 30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected
npm/@rollup/rollup-win32-x64-msvc	4.22.4	:green_circle: 6.1	Details Check Score Reason Code-Review :green_circle: 3 Found 7/21 approved changesets -- score normalized to 3 Maintained :green_circle: 10 30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected
npm/caniuse-lite	1.0.30001662	:green_circle: 4.3	Details Check Score Reason Code-Review :warning: 0 Found 0/28 approved changesets -- score normalized to 0 Maintained :green_circle: 10 21 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Packaging :warning: -1 packaging workflow not detected Branch-Protection :warning: 0 branch protection not enabled on development/release branches Security-Policy :warning: 0 security policy file not detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :green_circle: 9 1 existing vulnerabilities detected
npm/electron-to-chromium	1.5.27	Unknown	Unknown
npm/eslint	8.57.1	:green_circle: 6.9	Details Check Score Reason Code-Review :green_circle: 7 Found 22/29 approved changesets -- score normalized to 7 Maintained :green_circle: 10 30 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Security-Policy :green_circle: 10 security policy file detected Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing :warning: 0 project is not fuzzed SAST :green_circle: 10 SAST tool is run on all commits
npm/playwright	1.47.2	:green_circle: 6.5	Details Check Score Reason Maintained :green_circle: 10 30 commit(s) out of 30 and 6 issue activity out of 30 found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 9 GitHub code reviews found for 29 commits out of the last 30 -- score normalized to 9 CII-Best-Practices :warning: 0 no badge detected Vulnerabilities :green_circle: 10 no vulnerabilities detected Signed-Releases :warning: -1 no releases found Security-Policy :green_circle: 10 security policy file detected License :green_circle: 10 license file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 no published package detected Token-Permissions :warning: 0 non read-only tokens detected in GitHub workflows Binary-Artifacts :green_circle: 6 binaries present in source code Dependency-Update-Tool :green_circle: 10 update tool detected Fuzzing :warning: 0 project is not fuzzed Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection :green_circle: 3 branch protection is not maximal on development and all release branches
npm/playwright-core	1.47.2	:green_circle: 6.5	Details Check Score Reason Maintained :green_circle: 10 30 commit(s) out of 30 and 6 issue activity out of 30 found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 9 GitHub code reviews found for 29 commits out of the last 30 -- score normalized to 9 CII-Best-Practices :warning: 0 no badge detected Vulnerabilities :green_circle: 10 no vulnerabilities detected Signed-Releases :warning: -1 no releases found Security-Policy :green_circle: 10 security policy file detected License :green_circle: 10 license file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 no published package detected Token-Permissions :warning: 0 non read-only tokens detected in GitHub workflows Binary-Artifacts :green_circle: 6 binaries present in source code Dependency-Update-Tool :green_circle: 10 update tool detected Fuzzing :warning: 0 project is not fuzzed Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection :green_circle: 3 branch protection is not maximal on development and all release branches
npm/rollup	4.22.4	:green_circle: 6.1	Details Check Score Reason Code-Review :green_circle: 3 Found 7/21 approved changesets -- score normalized to 3 Maintained :green_circle: 10 30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Branch-Protection :green_circle: 8 branch protection is not maximal on development and all release branches SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected
npm/terser	5.33.0	:green_circle: 6.3	Details Check Score Reason Code-Review :warning: 1 Found 5/27 approved changesets -- score normalized to 1 Maintained :green_circle: 10 30 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Security-Policy :green_circle: 10 security policy file detected Packaging :warning: -1 packaging workflow not detected Token-Permissions :green_circle: 10 GitHub workflow tokens follow principle of least privilege Branch-Protection :warning: 0 branch protection not enabled on development/release branches Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :green_circle: 5 dependency not pinned by hash detected -- score normalized to 5 Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected

Scanned Manifest Files

composer.lock

• composer/semver@3.4.3
• nikic/php-parser@4.19.2
• phpstan/phpdoc-parser@1.31.0
• squizlabs/php_codesniffer@3.10.3
• symfony/cache@5.4.44
• symfony/console@5.4.44
• symfony/filesystem@5.4.44
• symfony/string@5.4.44
• composer/semver@3.4.2
• nikic/php-parser@4.19.1
• phpstan/phpdoc-parser@1.30.1
• squizlabs/php_codesniffer@3.10.2
• symfony/cache@5.4.42
• symfony/console@5.4.43
• symfony/filesystem@5.4.41
• symfony/string@5.4.43

package-lock.json

• @eslint/js@8.57.1
• @humanwhocodes/config-array@0.13.0
• @playwright/test@1.47.2
• @rollup/pluginutils@5.1.1
• @rollup/rollup-android-arm-eabi@4.22.4
• @rollup/rollup-android-arm64@4.22.4
• @rollup/rollup-darwin-arm64@4.22.4
• @rollup/rollup-darwin-x64@4.22.4
• @rollup/rollup-linux-arm-gnueabihf@4.22.4
• @rollup/rollup-linux-arm-musleabihf@4.22.4
• @rollup/rollup-linux-arm64-gnu@4.22.4
• @rollup/rollup-linux-arm64-musl@4.22.4
• @rollup/rollup-linux-powerpc64le-gnu@4.22.4
• @rollup/rollup-linux-riscv64-gnu@4.22.4
• @rollup/rollup-linux-s390x-gnu@4.22.4
• @rollup/rollup-linux-x64-gnu@4.22.4
• @rollup/rollup-linux-x64-musl@4.22.4
• @rollup/rollup-win32-arm64-msvc@4.22.4
• @rollup/rollup-win32-ia32-msvc@4.22.4
• @rollup/rollup-win32-x64-msvc@4.22.4
• caniuse-lite@1.0.30001662
• electron-to-chromium@1.5.27
• eslint@8.57.1
• playwright@1.47.2
• playwright-core@1.47.2
• rollup@4.22.4
• terser@5.33.0
• @eslint/js@8.57.0
• @humanwhocodes/config-array@0.11.14
• @playwright/test@1.47.1
• @rollup/pluginutils@5.1.0
• @rollup/rollup-android-arm-eabi@4.22.2
• @rollup/rollup-android-arm64@4.22.2
• @rollup/rollup-darwin-arm64@4.22.2
• @rollup/rollup-darwin-x64@4.22.2
• @rollup/rollup-linux-arm-gnueabihf@4.22.2
• @rollup/rollup-linux-arm-musleabihf@4.22.2
• @rollup/rollup-linux-arm64-gnu@4.22.2
• @rollup/rollup-linux-arm64-musl@4.22.2
• @rollup/rollup-linux-powerpc64le-gnu@4.22.2
• @rollup/rollup-linux-riscv64-gnu@4.22.2
• @rollup/rollup-linux-s390x-gnu@4.22.2
• @rollup/rollup-linux-x64-gnu@4.22.2
• @rollup/rollup-linux-x64-musl@4.22.2
• @rollup/rollup-win32-arm64-msvc@4.22.2
• @rollup/rollup-win32-ia32-msvc@4.22.2
• @rollup/rollup-win32-x64-msvc@4.22.2
• caniuse-lite@1.0.30001660
• electron-to-chromium@1.5.23
• eslint@8.57.0
• playwright@1.47.1
• playwright-core@1.47.1
• rollup@4.22.2
• terser@5.32.0