search

sjinks / wp-two-factor-provider-webauthn

WebAuthn Provider for Two Factor plugin
https://wordpress.org/plugins/two-factor-provider-webauthn/
MIT License
15 stars 7 forks source link

chore(deps): update devdependencies (non-major) #931

Closed renovate[bot] closed 1 week ago

renovate[bot] commented 2 weeks ago

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
@babel/preset-env (source) 7.25.7 -> 7.26.0 age adoption passing confidence
@wordpress/babel-plugin-makepot (source) 6.11.0 -> 6.12.0 age adoption passing confidence
@wordpress/eslint-plugin (source) 21.4.0 -> 21.5.0 age adoption passing confidence
@wordpress/i18n (source) 5.11.0 -> 5.12.0 age adoption passing confidence
johnpbloch/wordpress-core (source) 6.6.2 -> 6.7.0 age adoption passing confidence
rollup (source) 4.25.0 -> 4.27.2 age adoption passing confidence
wp-phpunit/wp-phpunit (source) 6.6.2 -> 6.7.0 age adoption passing confidence

Release Notes

babel/babel (@​babel/preset-env) ### [`v7.26.0`](https://redirect.github.com/babel/babel/blob/HEAD/CHANGELOG.md#v7260-2024-10-25) [Compare Source](https://redirect.github.com/babel/babel/compare/v7.25.9...v7.26.0) ##### :rocket: New Feature - `babel-core`, `babel-generator`, `babel-parser`, `babel-plugin-syntax-import-assertions`, `babel-plugin-syntax-import-attributes`, `babel-preset-env`, `babel-standalone`, `babel-types` - [#​16850](https://redirect.github.com/babel/babel/pull/16850) Enable import attributes parsing by default ([@​nicolo-ribaudo](https://redirect.github.com/nicolo-ribaudo)) - `babel-core` - [#​16862](https://redirect.github.com/babel/babel/pull/16862) feat: support async plugin's pre/post ([@​timofei-iatsenko](https://redirect.github.com/timofei-iatsenko)) - `babel-compat-data`, `babel-plugin-proposal-regexp-modifiers`, `babel-plugin-transform-regexp-modifiers`, `babel-preset-env`, `babel-standalone` - [#​16692](https://redirect.github.com/babel/babel/pull/16692) Add `transform-regexp-modifiers` to `preset-env` ([@​JLHwung](https://redirect.github.com/JLHwung)) - `babel-parser` - [#​16849](https://redirect.github.com/babel/babel/pull/16849) feat: add `startIndex` parser option ([@​DylanPiercey](https://redirect.github.com/DylanPiercey)) - `babel-generator`, `babel-parser`, `babel-plugin-syntax-flow` - [#​16841](https://redirect.github.com/babel/babel/pull/16841) Always enable parsing of Flow enums ([@​nicolo-ribaudo](https://redirect.github.com/nicolo-ribaudo)) - `babel-helpers`, `babel-preset-typescript`, `babel-runtime-corejs3` - [#​16794](https://redirect.github.com/babel/babel/pull/16794) Support `import()` in `rewriteImportExtensions` ([@​liuxingbaoyu](https://redirect.github.com/liuxingbaoyu)) - `babel-generator`, `babel-parser` - [#​16708](https://redirect.github.com/babel/babel/pull/16708) Add experimental format-preserving mode to `@babel/generator` ([@​nicolo-ribaudo](https://redirect.github.com/nicolo-ribaudo)) ##### :bug: Bug Fix - `babel-core` - [#​16928](https://redirect.github.com/babel/babel/pull/16928) Workaround Node.js bug for parallel loading of TLA modules ([@​nicolo-ribaudo](https://redirect.github.com/nicolo-ribaudo)) - [#​16926](https://redirect.github.com/babel/babel/pull/16926) Fix loading of modules with TLA in Node.js 23 ([@​nicolo-ribaudo](https://redirect.github.com/nicolo-ribaudo)) ##### :nail_care: Polish - `babel-plugin-proposal-json-modules`, `babel-plugin-transform-json-modules`, `babel-standalone` - [#​16924](https://redirect.github.com/babel/babel/pull/16924) Rename `proposal-json-modules` to `transform-json-modules` ([@​nicolo-ribaudo](https://redirect.github.com/nicolo-ribaudo)) ##### :house: Internal - `babel-code-frame`, `babel-highlight` - [#​16896](https://redirect.github.com/babel/babel/pull/16896) Inline `@babel/highlight` in `@babel/code-frame` ([@​nicolo-ribaudo](https://redirect.github.com/nicolo-ribaudo)) - `babel-generator`, `babel-parser`, `babel-types` - [#​16732](https://redirect.github.com/babel/babel/pull/16732) Add `kind` to `TSModuleDeclaration` ([@​liuxingbaoyu](https://redirect.github.com/liuxingbaoyu)) ##### :running_woman: Performance - `babel-helper-module-transforms`, `babel-plugin-transform-modules-commonjs` - [#​16882](https://redirect.github.com/babel/babel/pull/16882) perf: Improve module transforms ([@​liuxingbaoyu](https://redirect.github.com/liuxingbaoyu)) ### [`v7.25.9`](https://redirect.github.com/babel/babel/blob/HEAD/CHANGELOG.md#v7259-2024-10-22) [Compare Source](https://redirect.github.com/babel/babel/compare/v7.25.8...v7.25.9) ##### :bug: Bug Fix - `babel-parser`, `babel-template`, `babel-types` - [#​16905](https://redirect.github.com/babel/babel/pull/16905) fix: Keep type annotations in `syntacticPlaceholders` mode ([@​liuxingbaoyu](https://redirect.github.com/liuxingbaoyu)) - `babel-helper-compilation-targets`, `babel-preset-env` - [#​16907](https://redirect.github.com/babel/babel/pull/16907) fix: support BROWSERSLIST{,\_CONFIG} env ([@​JLHwung](https://redirect.github.com/JLHwung)) - Other - [#​16884](https://redirect.github.com/babel/babel/pull/16884) Analyze `ClassAccessorProperty` to prevent the `no-undef` rule ([@​victorenator](https://redirect.github.com/victorenator)) ##### :house: Internal - `babel-helper-transform-fixture-test-runner` - [#​16914](https://redirect.github.com/babel/babel/pull/16914) remove test options flaky ([@​JLHwung](https://redirect.github.com/JLHwung)) ##### :running_woman: Performance - `babel-parser`, `babel-types` - [#​16918](https://redirect.github.com/babel/babel/pull/16918) perf: Make `VISITOR_KEYS` etc. faster to access ([@​liuxingbaoyu](https://redirect.github.com/liuxingbaoyu)) ### [`v7.25.8`](https://redirect.github.com/babel/babel/blob/HEAD/CHANGELOG.md#v7258-2024-10-10) [Compare Source](https://redirect.github.com/babel/babel/compare/v7.25.7...v7.25.8) ##### :bug: Bug Fix - `babel-core` - [#​16888](https://redirect.github.com/babel/babel/pull/16888) Restore public API of `resolvePlugin`/`resolvePreset` ([@​nicolo-ribaudo](https://redirect.github.com/nicolo-ribaudo)) ##### :house: Internal - `babel-parser`, `babel-plugin-proposal-async-do-expressions`, `babel-plugin-proposal-destructuring-private`, `babel-plugin-proposal-do-expressions`, `babel-plugin-proposal-explicit-resource-management`, `babel-plugin-proposal-export-default-from`, `babel-plugin-proposal-function-bind`, `babel-plugin-proposal-function-sent`, `babel-plugin-proposal-import-defer`, `babel-plugin-proposal-partial-application`, `babel-plugin-proposal-throw-expressions`, `babel-plugin-transform-async-generator-functions`, `babel-plugin-transform-class-static-block`, `babel-plugin-transform-dynamic-import`, `babel-plugin-transform-export-namespace-from`, `babel-plugin-transform-json-strings`, `babel-plugin-transform-logical-assignment-operators`, `babel-plugin-transform-nullish-coalescing-operator`, `babel-plugin-transform-numeric-separator`, `babel-plugin-transform-object-rest-spread`, `babel-plugin-transform-optional-catch-binding`, `babel-plugin-transform-optional-chaining`, `babel-plugin-transform-private-property-in-object`, `babel-preset-env` - [#​16824](https://redirect.github.com/babel/babel/pull/16824) Inline one-line syntax plugins ([@​nicolo-ribaudo](https://redirect.github.com/nicolo-ribaudo))
WordPress/gutenberg (@​wordpress/babel-plugin-makepot) ### [`v6.12.0`](https://redirect.github.com/WordPress/gutenberg/compare/@wordpress/babel-plugin-makepot@6.11.0...@wordpress/babel-plugin-makepot@6.12.0) [Compare Source](https://redirect.github.com/WordPress/gutenberg/compare/@wordpress/babel-plugin-makepot@6.11.0...@wordpress/babel-plugin-makepot@6.12.0)
WordPress/gutenberg (@​wordpress/eslint-plugin) ### [`v21.5.0`](https://redirect.github.com/WordPress/gutenberg/compare/@wordpress/eslint-plugin@21.4.0...@wordpress/eslint-plugin@21.5.0) [Compare Source](https://redirect.github.com/WordPress/gutenberg/compare/@wordpress/eslint-plugin@21.4.0...@wordpress/eslint-plugin@21.5.0)
WordPress/gutenberg (@​wordpress/i18n) ### [`v5.12.0`](https://redirect.github.com/WordPress/gutenberg/compare/@wordpress/i18n@5.11.0...@wordpress/i18n@5.12.0) [Compare Source](https://redirect.github.com/WordPress/gutenberg/compare/@wordpress/i18n@5.11.0...@wordpress/i18n@5.12.0)
johnpbloch/wordpress-core (johnpbloch/wordpress-core) ### [`v6.7.0`](https://redirect.github.com/johnpbloch/wordpress-core/compare/6.6.2...6.7.0) [Compare Source](https://redirect.github.com/johnpbloch/wordpress-core/compare/6.6.2...6.7.0)
rollup/rollup (rollup) ### [`v4.27.2`](https://redirect.github.com/rollup/rollup/blob/HEAD/CHANGELOG.md#4272) [Compare Source](https://redirect.github.com/rollup/rollup/compare/v4.27.1...v4.27.2) *2024-11-15* ##### Bug Fixes - Ensure unused variables in patterns are always deconflicted if rendered ([#​5728](https://redirect.github.com/rollup/rollup/issues/5728)) ##### Pull Requests - [#​5728](https://redirect.github.com/rollup/rollup/pull/5728): Fix more variable deconflicting issues ([@​lukastaegert](https://redirect.github.com/lukastaegert)) ### [`v4.27.1`](https://redirect.github.com/rollup/rollup/blob/HEAD/CHANGELOG.md#4271) [Compare Source](https://redirect.github.com/rollup/rollup/compare/v4.27.0...v4.27.1) *2024-11-15* ##### Bug Fixes - Fix some situations where parameter declarations could put Rollup into an infinite loop ([#​5727](https://redirect.github.com/rollup/rollup/issues/5727)) ##### Pull Requests - [#​5727](https://redirect.github.com/rollup/rollup/pull/5727): Debug out-of-memory issues with Rollup v4.27.0 ([@​lukastaegert](https://redirect.github.com/lukastaegert)) ### [`v4.27.0`](https://redirect.github.com/rollup/rollup/blob/HEAD/CHANGELOG.md#4270) [Compare Source](https://redirect.github.com/rollup/rollup/compare/v4.26.0...v4.27.0) *2024-11-15* ##### Features - Tree-shake unused properties in object literals ([#​5420](https://redirect.github.com/rollup/rollup/issues/5420)) ##### Bug Fixes - Change hash length limit to 21 to avoid inconsistent hash length ([#​5423](https://redirect.github.com/rollup/rollup/issues/5423)) ##### Pull Requests - [#​5420](https://redirect.github.com/rollup/rollup/pull/5420): feat: implement object tree-shaking ([@​TrickyPi](https://redirect.github.com/TrickyPi), [@​lukastaegert](https://redirect.github.com/lukastaegert)) - [#​5723](https://redirect.github.com/rollup/rollup/pull/5723): Reduce max hash size to 21 ([@​lukastaegert](https://redirect.github.com/lukastaegert)) - [#​5724](https://redirect.github.com/rollup/rollup/pull/5724): fix(deps): update swc monorepo (major) ([@​renovate](https://redirect.github.com/renovate)\[bot]) - [#​5725](https://redirect.github.com/rollup/rollup/pull/5725): chore(deps): lock file maintenance minor/patch updates ([@​renovate](https://redirect.github.com/renovate)\[bot]) ### [`v4.26.0`](https://redirect.github.com/rollup/rollup/blob/HEAD/CHANGELOG.md#4260) [Compare Source](https://redirect.github.com/rollup/rollup/compare/v4.25.0...v4.26.0) *2024-11-13* ##### Features - Allow to avoid `await bundle.close()` via explicit resource management in TypeScript ([#​5721](https://redirect.github.com/rollup/rollup/issues/5721)) ##### Pull Requests - [#​5721](https://redirect.github.com/rollup/rollup/pull/5721): feat: support `using` for `RollupBuild` ([@​shulaoda](https://redirect.github.com/shulaoda))
wp-phpunit/wp-phpunit (wp-phpunit/wp-phpunit) ### [`v6.7.0`](https://redirect.github.com/wp-phpunit/wp-phpunit/compare/6.6.2...6.7.0) [Compare Source](https://redirect.github.com/wp-phpunit/wp-phpunit/compare/6.6.2...6.7.0)

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

This PR was generated by Mend Renovate. View the repository job log.

github-actions[bot] commented 2 weeks ago

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Scorecard details
PackageVersionScoreDetails
composer/johnpbloch/wordpress-core 6.7.0 UnknownUnknown
composer/wp-phpunit/wp-phpunit 6.7.0 UnknownUnknown
npm/@babel/plugin-transform-regexp-modifiers 7.26.0 :green_circle: 6.2
Details
CheckScoreReason
Code-Review:green_circle: 7Found 22/30 approved changesets -- score normalized to 7
Maintained:green_circle: 1030 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 2badge detected: InProgress
License:green_circle: 10license file detected
Signed-Releases:warning: -1no releases found
Branch-Protection:warning: -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging:warning: -1packaging workflow not detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Security-Policy:green_circle: 10security policy file detected
Token-Permissions:green_circle: 9detected GitHub workflow tokens with excessive permissions
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Binary-Artifacts:green_circle: 10no binaries found in the repo
Pinned-Dependencies:warning: 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:warning: 022 existing vulnerabilities detected
npm/@babel/preset-env 7.26.0 :green_circle: 6.2
Details
CheckScoreReason
Code-Review:green_circle: 7Found 22/30 approved changesets -- score normalized to 7
Maintained:green_circle: 1030 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 2badge detected: InProgress
License:green_circle: 10license file detected
Signed-Releases:warning: -1no releases found
Branch-Protection:warning: -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging:warning: -1packaging workflow not detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Security-Policy:green_circle: 10security policy file detected
Token-Permissions:green_circle: 9detected GitHub workflow tokens with excessive permissions
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Binary-Artifacts:green_circle: 10no binaries found in the repo
Pinned-Dependencies:warning: 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:warning: 022 existing vulnerabilities detected
npm/@rollup/rollup-android-arm-eabi 4.27.2 :green_circle: 6.1
Details
CheckScoreReason
Code-Review:green_circle: 3Found 8/23 approved changesets -- score normalized to 3
Maintained:green_circle: 1030 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Security-Policy:green_circle: 10security policy file detected
Packaging:warning: -1packaging workflow not detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-android-arm64 4.27.2 :green_circle: 6.1
Details
CheckScoreReason
Code-Review:green_circle: 3Found 8/23 approved changesets -- score normalized to 3
Maintained:green_circle: 1030 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Security-Policy:green_circle: 10security policy file detected
Packaging:warning: -1packaging workflow not detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-darwin-arm64 4.27.2 :green_circle: 6.1
Details
CheckScoreReason
Code-Review:green_circle: 3Found 8/23 approved changesets -- score normalized to 3
Maintained:green_circle: 1030 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Security-Policy:green_circle: 10security policy file detected
Packaging:warning: -1packaging workflow not detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-darwin-x64 4.27.2 :green_circle: 6.1
Details
CheckScoreReason
Code-Review:green_circle: 3Found 8/23 approved changesets -- score normalized to 3
Maintained:green_circle: 1030 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Security-Policy:green_circle: 10security policy file detected
Packaging:warning: -1packaging workflow not detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-freebsd-arm64 4.27.2 :green_circle: 6.1
Details
CheckScoreReason
Code-Review:green_circle: 3Found 8/23 approved changesets -- score normalized to 3
Maintained:green_circle: 1030 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Security-Policy:green_circle: 10security policy file detected
Packaging:warning: -1packaging workflow not detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-freebsd-x64 4.27.2 :green_circle: 6.1
Details
CheckScoreReason
Code-Review:green_circle: 3Found 8/23 approved changesets -- score normalized to 3
Maintained:green_circle: 1030 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Security-Policy:green_circle: 10security policy file detected
Packaging:warning: -1packaging workflow not detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-linux-arm-gnueabihf 4.27.2 :green_circle: 6.1
Details
CheckScoreReason
Code-Review:green_circle: 3Found 8/23 approved changesets -- score normalized to 3
Maintained:green_circle: 1030 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Security-Policy:green_circle: 10security policy file detected
Packaging:warning: -1packaging workflow not detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-linux-arm-musleabihf 4.27.2 :green_circle: 6.1
Details
CheckScoreReason
Code-Review:green_circle: 3Found 8/23 approved changesets -- score normalized to 3
Maintained:green_circle: 1030 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Security-Policy:green_circle: 10security policy file detected
Packaging:warning: -1packaging workflow not detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-linux-arm64-gnu 4.27.2 :green_circle: 6.1
Details
CheckScoreReason
Code-Review:green_circle: 3Found 8/23 approved changesets -- score normalized to 3
Maintained:green_circle: 1030 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Security-Policy:green_circle: 10security policy file detected
Packaging:warning: -1packaging workflow not detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-linux-arm64-musl 4.27.2 :green_circle: 6.1
Details
CheckScoreReason
Code-Review:green_circle: 3Found 8/23 approved changesets -- score normalized to 3
Maintained:green_circle: 1030 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Security-Policy:green_circle: 10security policy file detected
Packaging:warning: -1packaging workflow not detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-linux-powerpc64le-gnu 4.27.2 :green_circle: 6.1
Details
CheckScoreReason
Code-Review:green_circle: 3Found 8/23 approved changesets -- score normalized to 3
Maintained:green_circle: 1030 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Security-Policy:green_circle: 10security policy file detected
Packaging:warning: -1packaging workflow not detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-linux-riscv64-gnu 4.27.2 :green_circle: 6.1
Details
CheckScoreReason
Code-Review:green_circle: 3Found 8/23 approved changesets -- score normalized to 3
Maintained:green_circle: 1030 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Security-Policy:green_circle: 10security policy file detected
Packaging:warning: -1packaging workflow not detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-linux-s390x-gnu 4.27.2 :green_circle: 6.1
Details
CheckScoreReason
Code-Review:green_circle: 3Found 8/23 approved changesets -- score normalized to 3
Maintained:green_circle: 1030 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Security-Policy:green_circle: 10security policy file detected
Packaging:warning: -1packaging workflow not detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-linux-x64-gnu 4.27.2 :green_circle: 6.1
Details
CheckScoreReason
Code-Review:green_circle: 3Found 8/23 approved changesets -- score normalized to 3
Maintained:green_circle: 1030 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Security-Policy:green_circle: 10security policy file detected
Packaging:warning: -1packaging workflow not detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-linux-x64-musl 4.27.2 :green_circle: 6.1
Details
CheckScoreReason
Code-Review:green_circle: 3Found 8/23 approved changesets -- score normalized to 3
Maintained:green_circle: 1030 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Security-Policy:green_circle: 10security policy file detected
Packaging:warning: -1packaging workflow not detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-win32-arm64-msvc 4.27.2 :green_circle: 6.1
Details
CheckScoreReason
Code-Review:green_circle: 3Found 8/23 approved changesets -- score normalized to 3
Maintained:green_circle: 1030 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Security-Policy:green_circle: 10security policy file detected
Packaging:warning: -1packaging workflow not detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-win32-ia32-msvc 4.27.2 :green_circle: 6.1
Details
CheckScoreReason
Code-Review:green_circle: 3Found 8/23 approved changesets -- score normalized to 3
Maintained:green_circle: 1030 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Security-Policy:green_circle: 10security policy file detected
Packaging:warning: -1packaging workflow not detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@rollup/rollup-win32-x64-msvc 4.27.2 :green_circle: 6.1
Details
CheckScoreReason
Code-Review:green_circle: 3Found 8/23 approved changesets -- score normalized to 3
Maintained:green_circle: 1030 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Security-Policy:green_circle: 10security policy file detected
Packaging:warning: -1packaging workflow not detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/@wordpress/babel-plugin-makepot 6.12.0 :green_circle: 5.6
Details
CheckScoreReason
Code-Review:green_circle: 9Found 28/30 approved changesets -- score normalized to 9
Maintained:green_circle: 1030 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: 0Project has not signed or included provenance with any releases.
Branch-Protection:warning: -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Security-Policy:green_circle: 9security policy file detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Packaging:green_circle: 10packaging workflow detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:green_circle: 8dependency not pinned by hash detected -- score normalized to 8
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:warning: 028 existing vulnerabilities detected
npm/@wordpress/eslint-plugin 21.5.0 :green_circle: 5.6
Details
CheckScoreReason
Code-Review:green_circle: 9Found 28/30 approved changesets -- score normalized to 9
Maintained:green_circle: 1030 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: 0Project has not signed or included provenance with any releases.
Branch-Protection:warning: -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Security-Policy:green_circle: 9security policy file detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Packaging:green_circle: 10packaging workflow detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:green_circle: 8dependency not pinned by hash detected -- score normalized to 8
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:warning: 028 existing vulnerabilities detected
npm/@wordpress/i18n 5.12.0 :green_circle: 5.6
Details
CheckScoreReason
Code-Review:green_circle: 9Found 28/30 approved changesets -- score normalized to 9
Maintained:green_circle: 1030 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: 0Project has not signed or included provenance with any releases.
Branch-Protection:warning: -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Security-Policy:green_circle: 9security policy file detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Packaging:green_circle: 10packaging workflow detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:green_circle: 8dependency not pinned by hash detected -- score normalized to 8
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:warning: 028 existing vulnerabilities detected
npm/rollup 4.27.2 :green_circle: 6.1
Details
CheckScoreReason
Code-Review:green_circle: 3Found 8/23 approved changesets -- score normalized to 3
Maintained:green_circle: 1030 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Signed-Releases:warning: -1no releases found
Security-Policy:green_circle: 10security policy file detected
Packaging:warning: -1packaging workflow not detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Branch-Protection:green_circle: 8branch protection is not maximal on development and all release branches
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Binary-Artifacts:green_circle: 10no binaries found in the repo
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected

Scanned Files