search

sjinks / wp-two-factor-provider-webauthn

WebAuthn Provider for Two Factor plugin
https://wordpress.org/plugins/two-factor-provider-webauthn/
MIT License
15 stars 7 forks source link

chore(deps): update devdependencies (non-major) #922

Closed renovate[bot] closed 3 weeks ago

renovate[bot] commented 3 weeks ago

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
@babel/preset-env (source) 7.25.7 -> 7.26.0 age adoption passing confidence
@types/node (source) 22.8.1 -> 22.8.4 age adoption passing confidence
@wordpress/babel-plugin-makepot (source) 6.10.0 -> 6.11.0 age adoption passing confidence
@wordpress/eslint-plugin (source) 21.3.0 -> 21.4.0 age adoption passing confidence
@wordpress/i18n (source) 5.10.0 -> 5.11.0 age adoption passing confidence
rollup (source) 4.24.2 -> 4.24.3 age adoption passing confidence

Release Notes

babel/babel (@​babel/preset-env) ### [`v7.26.0`](https://redirect.github.com/babel/babel/blob/HEAD/CHANGELOG.md#v7260-2024-10-25) [Compare Source](https://redirect.github.com/babel/babel/compare/v7.25.9...v7.26.0) ##### :rocket: New Feature - `babel-core`, `babel-generator`, `babel-parser`, `babel-plugin-syntax-import-assertions`, `babel-plugin-syntax-import-attributes`, `babel-preset-env`, `babel-standalone`, `babel-types` - [#​16850](https://redirect.github.com/babel/babel/pull/16850) Enable import attributes parsing by default ([@​nicolo-ribaudo](https://redirect.github.com/nicolo-ribaudo)) - `babel-core` - [#​16862](https://redirect.github.com/babel/babel/pull/16862) feat: support async plugin's pre/post ([@​timofei-iatsenko](https://redirect.github.com/timofei-iatsenko)) - `babel-compat-data`, `babel-plugin-proposal-regexp-modifiers`, `babel-plugin-transform-regexp-modifiers`, `babel-preset-env`, `babel-standalone` - [#​16692](https://redirect.github.com/babel/babel/pull/16692) Add `transform-regexp-modifiers` to `preset-env` ([@​JLHwung](https://redirect.github.com/JLHwung)) - `babel-parser` - [#​16849](https://redirect.github.com/babel/babel/pull/16849) feat: add `startIndex` parser option ([@​DylanPiercey](https://redirect.github.com/DylanPiercey)) - `babel-generator`, `babel-parser`, `babel-plugin-syntax-flow` - [#​16841](https://redirect.github.com/babel/babel/pull/16841) Always enable parsing of Flow enums ([@​nicolo-ribaudo](https://redirect.github.com/nicolo-ribaudo)) - `babel-helpers`, `babel-preset-typescript`, `babel-runtime-corejs3` - [#​16794](https://redirect.github.com/babel/babel/pull/16794) Support `import()` in `rewriteImportExtensions` ([@​liuxingbaoyu](https://redirect.github.com/liuxingbaoyu)) - `babel-generator`, `babel-parser` - [#​16708](https://redirect.github.com/babel/babel/pull/16708) Add experimental format-preserving mode to `@babel/generator` ([@​nicolo-ribaudo](https://redirect.github.com/nicolo-ribaudo)) ##### :bug: Bug Fix - `babel-core` - [#​16928](https://redirect.github.com/babel/babel/pull/16928) Workaround Node.js bug for parallel loading of TLA modules ([@​nicolo-ribaudo](https://redirect.github.com/nicolo-ribaudo)) - [#​16926](https://redirect.github.com/babel/babel/pull/16926) Fix loading of modules with TLA in Node.js 23 ([@​nicolo-ribaudo](https://redirect.github.com/nicolo-ribaudo)) ##### :nail_care: Polish - `babel-plugin-proposal-json-modules`, `babel-plugin-transform-json-modules`, `babel-standalone` - [#​16924](https://redirect.github.com/babel/babel/pull/16924) Rename `proposal-json-modules` to `transform-json-modules` ([@​nicolo-ribaudo](https://redirect.github.com/nicolo-ribaudo)) ##### :house: Internal - `babel-code-frame`, `babel-highlight` - [#​16896](https://redirect.github.com/babel/babel/pull/16896) Inline `@babel/highlight` in `@babel/code-frame` ([@​nicolo-ribaudo](https://redirect.github.com/nicolo-ribaudo)) - `babel-generator`, `babel-parser`, `babel-types` - [#​16732](https://redirect.github.com/babel/babel/pull/16732) Add `kind` to `TSModuleDeclaration` ([@​liuxingbaoyu](https://redirect.github.com/liuxingbaoyu)) ##### :running_woman: Performance - `babel-helper-module-transforms`, `babel-plugin-transform-modules-commonjs` - [#​16882](https://redirect.github.com/babel/babel/pull/16882) perf: Improve module transforms ([@​liuxingbaoyu](https://redirect.github.com/liuxingbaoyu)) ### [`v7.25.9`](https://redirect.github.com/babel/babel/blob/HEAD/CHANGELOG.md#v7259-2024-10-22) [Compare Source](https://redirect.github.com/babel/babel/compare/v7.25.8...v7.25.9) ##### :bug: Bug Fix - `babel-parser`, `babel-template`, `babel-types` - [#​16905](https://redirect.github.com/babel/babel/pull/16905) fix: Keep type annotations in `syntacticPlaceholders` mode ([@​liuxingbaoyu](https://redirect.github.com/liuxingbaoyu)) - `babel-helper-compilation-targets`, `babel-preset-env` - [#​16907](https://redirect.github.com/babel/babel/pull/16907) fix: support BROWSERSLIST{,\_CONFIG} env ([@​JLHwung](https://redirect.github.com/JLHwung)) - Other - [#​16884](https://redirect.github.com/babel/babel/pull/16884) Analyze `ClassAccessorProperty` to prevent the `no-undef` rule ([@​victorenator](https://redirect.github.com/victorenator)) ##### :house: Internal - `babel-helper-transform-fixture-test-runner` - [#​16914](https://redirect.github.com/babel/babel/pull/16914) remove test options flaky ([@​JLHwung](https://redirect.github.com/JLHwung)) ##### :running_woman: Performance - `babel-parser`, `babel-types` - [#​16918](https://redirect.github.com/babel/babel/pull/16918) perf: Make `VISITOR_KEYS` etc. faster to access ([@​liuxingbaoyu](https://redirect.github.com/liuxingbaoyu)) ### [`v7.25.8`](https://redirect.github.com/babel/babel/blob/HEAD/CHANGELOG.md#v7258-2024-10-10) [Compare Source](https://redirect.github.com/babel/babel/compare/v7.25.7...v7.25.8) ##### :bug: Bug Fix - `babel-core` - [#​16888](https://redirect.github.com/babel/babel/pull/16888) Restore public API of `resolvePlugin`/`resolvePreset` ([@​nicolo-ribaudo](https://redirect.github.com/nicolo-ribaudo)) ##### :house: Internal - `babel-parser`, `babel-plugin-proposal-async-do-expressions`, `babel-plugin-proposal-destructuring-private`, `babel-plugin-proposal-do-expressions`, `babel-plugin-proposal-explicit-resource-management`, `babel-plugin-proposal-export-default-from`, `babel-plugin-proposal-function-bind`, `babel-plugin-proposal-function-sent`, `babel-plugin-proposal-import-defer`, `babel-plugin-proposal-partial-application`, `babel-plugin-proposal-throw-expressions`, `babel-plugin-transform-async-generator-functions`, `babel-plugin-transform-class-static-block`, `babel-plugin-transform-dynamic-import`, `babel-plugin-transform-export-namespace-from`, `babel-plugin-transform-json-strings`, `babel-plugin-transform-logical-assignment-operators`, `babel-plugin-transform-nullish-coalescing-operator`, `babel-plugin-transform-numeric-separator`, `babel-plugin-transform-object-rest-spread`, `babel-plugin-transform-optional-catch-binding`, `babel-plugin-transform-optional-chaining`, `babel-plugin-transform-private-property-in-object`, `babel-preset-env` - [#​16824](https://redirect.github.com/babel/babel/pull/16824) Inline one-line syntax plugins ([@​nicolo-ribaudo](https://redirect.github.com/nicolo-ribaudo))
WordPress/gutenberg (@​wordpress/babel-plugin-makepot) ### [`v6.11.0`](https://redirect.github.com/WordPress/gutenberg/blob/HEAD/packages/babel-plugin-makepot/CHANGELOG.md#6110-2024-10-30) [Compare Source](https://redirect.github.com/WordPress/gutenberg/compare/@wordpress/babel-plugin-makepot@6.10.0...@wordpress/babel-plugin-makepot@6.11.0)
WordPress/gutenberg (@​wordpress/eslint-plugin) ### [`v21.4.0`](https://redirect.github.com/WordPress/gutenberg/blob/HEAD/packages/eslint-plugin/CHANGELOG.md#2140-2024-10-30) [Compare Source](https://redirect.github.com/WordPress/gutenberg/compare/@wordpress/eslint-plugin@21.3.0...@wordpress/eslint-plugin@21.4.0)
WordPress/gutenberg (@​wordpress/i18n) ### [`v5.11.0`](https://redirect.github.com/WordPress/gutenberg/blob/HEAD/packages/i18n/CHANGELOG.md#5110-2024-10-30) [Compare Source](https://redirect.github.com/WordPress/gutenberg/compare/@wordpress/i18n@5.10.0...@wordpress/i18n@5.11.0)
rollup/rollup (rollup) ### [`v4.24.3`](https://redirect.github.com/rollup/rollup/blob/HEAD/CHANGELOG.md#4243) [Compare Source](https://redirect.github.com/rollup/rollup/compare/v4.24.2...v4.24.3) *2024-10-29* ##### Bug Fixes - Slightly reduce memory consumption by specifying fixed array sizes where possible ([#​5703](https://redirect.github.com/rollup/rollup/issues/5703)) ##### Pull Requests - [#​5703](https://redirect.github.com/rollup/rollup/pull/5703): perf: use pre-allocated arrays for known result sizes ([@​GalacticHypernova](https://redirect.github.com/GalacticHypernova))

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

This PR was generated by Mend Renovate. View the repository job log.

github-actions[bot] commented 3 weeks ago

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Scorecard details
PackageVersionScoreDetails
npm/@babel/plugin-transform-regexp-modifiers 7.26.0 :green_circle: 6.2
Details
CheckScoreReason
Code-Review:green_circle: 7Found 23/29 approved changesets -- score normalized to 7
Maintained:green_circle: 1030 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10
License:green_circle: 10license file detected
CII-Best-Practices:warning: 2badge detected: InProgress
Signed-Releases:warning: -1no releases found
Branch-Protection:warning: -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging:warning: -1packaging workflow not detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Security-Policy:green_circle: 10security policy file detected
Token-Permissions:green_circle: 9detected GitHub workflow tokens with excessive permissions
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 0dependency not pinned by hash detected -- score normalized to 0
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:warning: 022 existing vulnerabilities detected
npm/@babel/preset-env 7.26.0 :green_circle: 6.2
Details
CheckScoreReason
Code-Review:green_circle: 7Found 23/29 approved changesets -- score normalized to 7
Maintained:green_circle: 1030 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10
License:green_circle: 10license file detected
CII-Best-Practices:warning: 2badge detected: InProgress
Signed-Releases:warning: -1no releases found
Branch-Protection:warning: -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging:warning: -1packaging workflow not detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Security-Policy:green_circle: 10security policy file detected
Token-Permissions:green_circle: 9detected GitHub workflow tokens with excessive permissions
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 0dependency not pinned by hash detected -- score normalized to 0
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:warning: 022 existing vulnerabilities detected
npm/@rollup/rollup-android-arm-eabi 4.24.3 :green_circle: 5.9
Details
CheckScoreReason
Code-Review:warning: 1Found 3/17 approved changesets -- score normalized to 1
Maintained:green_circle: 1030 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Packaging:warning: -1packaging workflow not detected
Security-Policy:green_circle: 10security policy file detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-android-arm64 4.24.3 :green_circle: 5.9
Details
CheckScoreReason
Code-Review:warning: 1Found 3/17 approved changesets -- score normalized to 1
Maintained:green_circle: 1030 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Packaging:warning: -1packaging workflow not detected
Security-Policy:green_circle: 10security policy file detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-darwin-arm64 4.24.3 :green_circle: 5.9
Details
CheckScoreReason
Code-Review:warning: 1Found 3/17 approved changesets -- score normalized to 1
Maintained:green_circle: 1030 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Packaging:warning: -1packaging workflow not detected
Security-Policy:green_circle: 10security policy file detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-darwin-x64 4.24.3 :green_circle: 5.9
Details
CheckScoreReason
Code-Review:warning: 1Found 3/17 approved changesets -- score normalized to 1
Maintained:green_circle: 1030 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Packaging:warning: -1packaging workflow not detected
Security-Policy:green_circle: 10security policy file detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-freebsd-arm64 4.24.3 :green_circle: 5.9
Details
CheckScoreReason
Code-Review:warning: 1Found 3/17 approved changesets -- score normalized to 1
Maintained:green_circle: 1030 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Packaging:warning: -1packaging workflow not detected
Security-Policy:green_circle: 10security policy file detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-freebsd-x64 4.24.3 :green_circle: 5.9
Details
CheckScoreReason
Code-Review:warning: 1Found 3/17 approved changesets -- score normalized to 1
Maintained:green_circle: 1030 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Packaging:warning: -1packaging workflow not detected
Security-Policy:green_circle: 10security policy file detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-linux-arm-gnueabihf 4.24.3 :green_circle: 5.9
Details
CheckScoreReason
Code-Review:warning: 1Found 3/17 approved changesets -- score normalized to 1
Maintained:green_circle: 1030 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Packaging:warning: -1packaging workflow not detected
Security-Policy:green_circle: 10security policy file detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-linux-arm-musleabihf 4.24.3 :green_circle: 5.9
Details
CheckScoreReason
Code-Review:warning: 1Found 3/17 approved changesets -- score normalized to 1
Maintained:green_circle: 1030 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Packaging:warning: -1packaging workflow not detected
Security-Policy:green_circle: 10security policy file detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-linux-arm64-gnu 4.24.3 :green_circle: 5.9
Details
CheckScoreReason
Code-Review:warning: 1Found 3/17 approved changesets -- score normalized to 1
Maintained:green_circle: 1030 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Packaging:warning: -1packaging workflow not detected
Security-Policy:green_circle: 10security policy file detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-linux-arm64-musl 4.24.3 :green_circle: 5.9
Details
CheckScoreReason
Code-Review:warning: 1Found 3/17 approved changesets -- score normalized to 1
Maintained:green_circle: 1030 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Packaging:warning: -1packaging workflow not detected
Security-Policy:green_circle: 10security policy file detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-linux-powerpc64le-gnu 4.24.3 :green_circle: 5.9
Details
CheckScoreReason
Code-Review:warning: 1Found 3/17 approved changesets -- score normalized to 1
Maintained:green_circle: 1030 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Packaging:warning: -1packaging workflow not detected
Security-Policy:green_circle: 10security policy file detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-linux-riscv64-gnu 4.24.3 :green_circle: 5.9
Details
CheckScoreReason
Code-Review:warning: 1Found 3/17 approved changesets -- score normalized to 1
Maintained:green_circle: 1030 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Packaging:warning: -1packaging workflow not detected
Security-Policy:green_circle: 10security policy file detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-linux-s390x-gnu 4.24.3 :green_circle: 5.9
Details
CheckScoreReason
Code-Review:warning: 1Found 3/17 approved changesets -- score normalized to 1
Maintained:green_circle: 1030 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Packaging:warning: -1packaging workflow not detected
Security-Policy:green_circle: 10security policy file detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-linux-x64-gnu 4.24.3 :green_circle: 5.9
Details
CheckScoreReason
Code-Review:warning: 1Found 3/17 approved changesets -- score normalized to 1
Maintained:green_circle: 1030 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Packaging:warning: -1packaging workflow not detected
Security-Policy:green_circle: 10security policy file detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-linux-x64-musl 4.24.3 :green_circle: 5.9
Details
CheckScoreReason
Code-Review:warning: 1Found 3/17 approved changesets -- score normalized to 1
Maintained:green_circle: 1030 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Packaging:warning: -1packaging workflow not detected
Security-Policy:green_circle: 10security policy file detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-win32-arm64-msvc 4.24.3 :green_circle: 5.9
Details
CheckScoreReason
Code-Review:warning: 1Found 3/17 approved changesets -- score normalized to 1
Maintained:green_circle: 1030 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Packaging:warning: -1packaging workflow not detected
Security-Policy:green_circle: 10security policy file detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-win32-ia32-msvc 4.24.3 :green_circle: 5.9
Details
CheckScoreReason
Code-Review:warning: 1Found 3/17 approved changesets -- score normalized to 1
Maintained:green_circle: 1030 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Packaging:warning: -1packaging workflow not detected
Security-Policy:green_circle: 10security policy file detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-win32-x64-msvc 4.24.3 :green_circle: 5.9
Details
CheckScoreReason
Code-Review:warning: 1Found 3/17 approved changesets -- score normalized to 1
Maintained:green_circle: 1030 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Packaging:warning: -1packaging workflow not detected
Security-Policy:green_circle: 10security policy file detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@types/node 22.8.4 :green_circle: 6.9
Details
CheckScoreReason
Maintained:green_circle: 1030 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
Code-Review:green_circle: 8Found 25/30 approved changesets -- score normalized to 8
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Branch-Protection:warning: -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases:warning: -1no releases found
Packaging:warning: -1packaging workflow not detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Security-Policy:green_circle: 10security policy file detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Binary-Artifacts:green_circle: 10no binaries found in the repo
Pinned-Dependencies:green_circle: 8dependency not pinned by hash detected -- score normalized to 8
Fuzzing:warning: 0project is not fuzzed
npm/@wordpress/babel-plugin-makepot 6.11.0 :green_circle: 5.7
Details
CheckScoreReason
Code-Review:green_circle: 10all changesets reviewed
Maintained:green_circle: 1030 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Branch-Protection:warning: -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases:warning: 0Project has not signed or included provenance with any releases.
Security-Policy:green_circle: 9security policy file detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Packaging:green_circle: 10packaging workflow detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:green_circle: 8dependency not pinned by hash detected -- score normalized to 8
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:warning: 027 existing vulnerabilities detected
npm/@wordpress/eslint-plugin 21.4.0 :green_circle: 5.7
Details
CheckScoreReason
Code-Review:green_circle: 10all changesets reviewed
Maintained:green_circle: 1030 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Branch-Protection:warning: -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases:warning: 0Project has not signed or included provenance with any releases.
Security-Policy:green_circle: 9security policy file detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Packaging:green_circle: 10packaging workflow detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:green_circle: 8dependency not pinned by hash detected -- score normalized to 8
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:warning: 027 existing vulnerabilities detected
npm/@wordpress/i18n 5.11.0 :green_circle: 5.7
Details
CheckScoreReason
Code-Review:green_circle: 10all changesets reviewed
Maintained:green_circle: 1030 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Branch-Protection:warning: -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases:warning: 0Project has not signed or included provenance with any releases.
Security-Policy:green_circle: 9security policy file detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Packaging:green_circle: 10packaging workflow detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:green_circle: 8dependency not pinned by hash detected -- score normalized to 8
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:warning: 027 existing vulnerabilities detected
npm/rollup 4.24.3 :green_circle: 5.9
Details
CheckScoreReason
Code-Review:warning: 1Found 3/17 approved changesets -- score normalized to 1
Maintained:green_circle: 1030 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Packaging:warning: -1packaging workflow not detected
Security-Policy:green_circle: 10security policy file detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected

Scanned Files