Bump the minor-updates group across 1 directory with 5 updates

[dependabot[bot]]

Bumps the minor-updates group with 5 updates in the / directory:

Package	From	To
typescript	5.4.5	5.5.3
graphql	16.8.1	16.9.0
pg	8.11.5	8.12.0
@tanstack/react-query	5.40.0	5.50.1
eslint-plugin-react	7.34.2	7.34.3

Updates typescript from 5.4.5 to 5.5.3

Release notes

Sourced from typescript's releases.

TypeScript 5.5.3

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

• fixed issues query for TypeScript v5.5.3 (Stable).
• fixed issues query for TypeScript v5.5.2 (Stable).
• fixed issues query for TypeScript v5.5.1 (RC).
• fixed issues query for TypeScript v5.5.0 (Beta).

Downloads are available on:

• npm
• NuGet package

TypeScript 5.5

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

• fixed issues query for TypeScript v5.5.2 (Stable).
• fixed issues query for TypeScript v5.5.1 (RC).
• fixed issues query for TypeScript v5.5.0 (Beta).

Downloads are available on:

• npm

TypeScript 5.5 RC

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

• fixed issues query for Typescript 5.5.0 (Beta).
• fixed issues query for Typescript 5.5.1 (RC).

Downloads are available on:

• NuGet package

TypeScript 5.5 Beta

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

• fixed issues query for Typescript 5.5.0 (Beta).

Downloads are available on:

• npm

... (truncated)

Commits

• f0e9921 Bump version to 5.5.3 and LKG
• 738bd60 Cherry-pick #58966 to release-5.5 (#59002)
• ce2e60e Update LKG
• f3b21a2 🤖 Pick PR #58931 (Defer creation of barebonesLibSourc...) into release-5.5 (#...
• 7b1620b 🤖 Pick PR #58811 (fix(58801): "Move to file" on globa...) into release-5.5 (#...
• 5367ae1 Bump version to 5.5.2 and LKG
• 02132e5 🤖 Pick PR #58895 (Fix global when typescript.js loade...) into release-5.5 (#...
• 45b1e3c 🤖 Pick PR #58872 (Fix declaration emit crash) into release-5.5 (#58874)
• 17933ee 🤖 Pick PR #58810 (Fixed declaration emit issue relate...) into release-5.5 (#...
• 552b07e 🤖 Pick PR #58786 (Fixed declaration emit crash relate...) into release-5.5 (#...
• Additional commits viewable in compare view

Updates graphql from 16.8.1 to 16.9.0

Release notes

Sourced from graphql's releases.

v16.9.0 (2024-06-21)

New Feature 🚀

• #4119 backport[v16]: Introduce "recommended" validation rules (@​benjie)
• #4122 backport[v16]: Enable passing values configuration to GraphQLEnumType as a thunk (@​benjie)
• #4124 backport[v16]: Implement OneOf Input Objects via @oneOf directive (@​benjie)

Committers: 1

• Benjie(@​benjie)

v16.8.2 (2024-06-12)

Bug Fix 🐞

• #4022 fix: remove globalThis check and align with what bundlers can accept (@​JoviDeCroock)

Internal 🏠

• #4104 Fix publish scripts (@​benjie)

Committers: 2

• Benjie(@​benjie)
• Jovi De Croock(@​JoviDeCroock)

Commits

• 556a01e 16.9.0
• 6a1614c backport[v16]: Enable passing values configuration to GraphQLEnumType as a th...
• 29144f7 backport[v16]: Implement OneOf Input Objects via @oneOf directive (#4124)
• c35130e Revert error extension symbol (#4123)
• 29c1bff feat: allow defining symbol error extensions (#3730)
• c985c27 backport[v16]: Introduce "recommended" validation rules (#4119)
• 08779a0 16.8.2
• c82609e Fix publish scripts (#4104)
• 0d12b06 fix: remove globalThis check and align with what bundlers can accept (#4022)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by benjie, a new releaser for graphql since your current version.

Updates pg from 8.11.5 to 8.12.0

Changelog

Sourced from pg's changelog.

pg@8.12.0

• Add queryMode config option to force use of the extended query protocol on queries without any parameters.

pg-pool@8.10.0

• Emit release event when client is returned to the pool.

pg@8.9.0

• Add support for stream factory.
• Better errors for SASL authentication.
• Use native crypto module for SASL authentication.

pg@8.8.0

• Bump minimum required version of native bindings.
• Catch previously uncatchable errors thrown in pool.query.
• Prevent the pool from blocking the event loop if all clients are idle (and allowExitOnIdle is enabled).
• Support lock_timeout in client config.
• Fix errors thrown in callbacks from interfering with cleanup.

pg-pool@3.5.0

• Add connection lifetime limit config option.

pg@8.7.0

• Add optional config to pool to allow process to exit if pool is idle.

pg-cursor@2.7.0

• Convert to es6 class
• Add support for promises to cursor methods

pg@8.6.0

• Better SASL error messages & more validation on bad configuration.
• Export DatabaseError.
• Add ParameterDescription support to protocol parsing.
• Fix typescript typedefs with --isolatedModules.

pg-query-stream@4.0.0

• Library has been converted to Typescript. The behavior is identical, but there could be subtle breaking changes due to class names changing or other small inconsistencies introduced by the conversion.

pg@8.5.0

• Fix bug forwarding ssl key.
• Convert pg-query-stream internals to typescript.

... (truncated)

Commits

• 0f42880 Publish
• ff47a97 Add option to force use of Extended Queries (#3214)
• fe88e82 Add pg-native to monorepo (#3225)
• 0096856 reorder user-password-host-port-database appearences (#3207)
• See full diff in compare view

Updates @tanstack/react-query from 5.40.0 to 5.50.1

Release notes

Sourced from @​tanstack/react-query's releases.

v5.50.1

Version 5.50.1 - 7/5/24, 3:00 AM

Changes

Fix

• Update package.json fields (#7674) (f2741d1) by Lachlan Collins

Docs

• react-query: Correct links in usePrefetchQuery (#7658) (70c40e7) by @​87xie

Packages

• @​tanstack/eslint-plugin-query@​5.50.1
• @​tanstack/query-async-storage-persister@​5.50.1
• @​tanstack/query-broadcast-client-experimental@​5.50.1
• @​tanstack/query-core@​5.50.1
• @​tanstack/query-devtools@​5.50.1
• @​tanstack/query-persist-client-core@​5.50.1
• @​tanstack/query-sync-storage-persister@​5.50.1
• @​tanstack/react-query@​5.50.1
• @​tanstack/react-query-devtools@​5.50.1
• @​tanstack/react-query-persist-client@​5.50.1
• @​tanstack/react-query-next-experimental@​5.50.1
• @​tanstack/solid-query@​5.50.1
• @​tanstack/solid-query-devtools@​5.50.1
• @​tanstack/solid-query-persist-client@​5.50.1
• @​tanstack/svelte-query@​5.50.1
• @​tanstack/svelte-query-devtools@​5.50.1
• @​tanstack/svelte-query-persist-client@​5.50.1
• @​tanstack/vue-query@​5.50.1
• @​tanstack/vue-query-devtools@​5.50.1
• @​tanstack/angular-query-devtools-experimental@​5.50.1
• @​tanstack/angular-query-experimental@​5.50.1

v5.50.0

Version 5.50.0 - 7/3/24, 12:20 AM

Changes

Feat

• eslint-plugin-query: Add compatibility with flat config (#7663) (98547b6) by Lachlan Collins

Tests

• svelte-query: Increase test coverage (#7659) (941ba88) by Lachlan Collins
• svelte-query: Reorganise for multiple components per test (#7654) (f1cdea9) by Lachlan Collins

... (truncated)

Commits

• e792751 release: v5.50.1
• f2741d1 fix: Update package.json fields (#7674)
• 46bed74 release: v5.49.2
• 56fad10 fix(react-query): experimental before/after query options (#7652)
• 4be599f fix(react-query): experimental before/after query options (#7651)
• 3ee5bd8 release: v5.49.1
• 8927e4c fix(react-query): add experimental beforeQuery/afterQuery client options (#7650)
• a80cea3 ci: Optimise Nx workflow (#7648)
• b5272df release: v5.49.0
• febbde6 chore: Update ESLint config (#7637)
• Additional commits viewable in compare view

Updates eslint-plugin-react from 7.34.2 to 7.34.3

Release notes

Sourced from eslint-plugin-react's releases.

v7.34.3

Fixed

• [prop-types]: null-check rootNode before calling getScope (#3762[] @​crnhrv)
• [boolean-prop-naming]: avoid a crash with a spread prop (#3733[] @​ljharb)
• [jsx-boolean-value]: assumeUndefinedIsFalse with never must not allow explicit true value (#3757[] @​6uliver)
• [no-object-type-as-default-prop]: enable rule for components with many parameters (#3768[] @​JulienR1)
• [jsx-key]: incorrect behavior for checkKeyMustBeforeSpread with map callbacks (#3769[] @​akulsr0)

#1000: jsx-eslint/eslint-plugin-react#1000 #1002: jsx-eslint/eslint-plugin-react#1002 #1005: jsx-eslint/eslint-plugin-react#1005 #100: jsx-eslint/eslint-plugin-react#100 #1010: jsx-eslint/eslint-plugin-react#1010 #1013: jsx-eslint/eslint-plugin-react#1013 #1022: jsx-eslint/eslint-plugin-react#1022 #1029: jsx-eslint/eslint-plugin-react#1029 #102: jsx-eslint/eslint-plugin-react#102 #1034: jsx-eslint/eslint-plugin-react#1034 #1038: jsx-eslint/eslint-plugin-react#1038 #1041: jsx-eslint/eslint-plugin-react#1041 #1043: jsx-eslint/eslint-plugin-react#1043 #1046: jsx-eslint/eslint-plugin-react#1046 #1047: jsx-eslint/eslint-plugin-react#1047 #1050: jsx-eslint/eslint-plugin-react#1050 #1053: jsx-eslint/eslint-plugin-react#1053 #1057: jsx-eslint/eslint-plugin-react#1057 #105: jsx-eslint/eslint-plugin-react#105 #1061: jsx-eslint/eslint-plugin-react#1061 #1062: jsx-eslint/eslint-plugin-react#1062 #1070: jsx-eslint/eslint-plugin-react#1070 #1071: jsx-eslint/eslint-plugin-react#1071 #1073: jsx-eslint/eslint-plugin-react#1073 #1076: jsx-eslint/eslint-plugin-react#1076 #1079: jsx-eslint/eslint-plugin-react#1079 #1088: jsx-eslint/eslint-plugin-react#1088 #1098: jsx-eslint/eslint-plugin-react#1098 #1101: jsx-eslint/eslint-plugin-react#1101 #1103: jsx-eslint/eslint-plugin-react#1103 #110: jsx-eslint/eslint-plugin-react#110 #1116: jsx-eslint/eslint-plugin-react#1116 #1117: jsx-eslint/eslint-plugin-react#1117 #1119: jsx-eslint/eslint-plugin-react#1119 #1121: jsx-eslint/eslint-plugin-react#1121 #1122: jsx-eslint/eslint-plugin-react#1122 #1123: jsx-eslint/eslint-plugin-react#1123 #1130: jsx-eslint/eslint-plugin-react#1130 #1131: jsx-eslint/eslint-plugin-react#1131 #1132: jsx-eslint/eslint-plugin-react#1132 #1134: jsx-eslint/eslint-plugin-react#1134

... (truncated)

Changelog

Sourced from eslint-plugin-react's changelog.

7.34.3 - 2024.06.18

Fixed

• [prop-types]: null-check rootNode before calling getScope (#3762[] @​crnhrv)
• [boolean-prop-naming]: avoid a crash with a spread prop (#3733[] @​ljharb)
• [jsx-boolean-value]: assumeUndefinedIsFalse with never must not allow explicit true value (#3757[] @​6uliver)
• [no-object-type-as-default-prop]: enable rule for components with many parameters (#3768[] @​JulienR1)
• [jsx-key]: incorrect behavior for checkKeyMustBeforeSpread with map callbacks (#3769[] @​akulsr0)

#3769: jsx-eslint/eslint-plugin-react#3769 #3768: jsx-eslint/eslint-plugin-react#3768 #3762: jsx-eslint/eslint-plugin-react#3762 #3757: jsx-eslint/eslint-plugin-react#3757 #3733: jsx-eslint/eslint-plugin-react#3733

Commits

• cef8123 Update CHANGELOG and bump version
• eb56061 [Deps] update array.prototype.tosorted
• 7d16666 [Dev Deps] update @babel/core, @babel/eslint-parser, `@babel/plugin-synta...
• 6dc7803 [Fix] jsx-key: incorrect behavior for checkKeyMustBeforeSpread with map cal...
• 393bfa2 [Fix] no-object-type-as-default-prop: enable rule for components with many ...
• a944aa5 [Fix] jsx-boolean-value: assumeUndefinedIsFalse with never must not all...
• a79beb3 [Fix] boolean-prop-naming: avoid a crash with a spread prop
• e27ef81 [Fix] prop-types: null-check rootNode before calling getScope
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

[github-actions[bot]]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ✅ 0 package(s) with unknown licenses.
• ⚠️ 2 packages with OpenSSF Scorecard issues.

See the Details below.

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
npm/@tanstack/query-core	5.50.1	Unknown	Unknown
npm/@tanstack/react-query	5.50.1	Unknown	Unknown
npm/array.prototype.tosorted	1.1.4	Unknown	Unknown
npm/encoding	0.1.13	:warning: 1.8	Details Check Score Reason Code-Review :warning: 1 Found 5/29 approved changesets -- score normalized to 1 Maintained :warning: 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Token-Permissions :warning: -1 No tokens found Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: -1 no dependencies found Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :warning: -1 no workflows found Branch-Protection :warning: 0 branch protection not enabled on development/release branches Signed-Releases :warning: -1 no releases found Fuzzing :warning: 0 project is not fuzzed Security-Policy :warning: 0 security policy file not detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :warning: 0 18 existing vulnerabilities detected
npm/eslint-plugin-react	7.34.3	:green_circle: 5.7	Details Check Score Reason Code-Review :warning: 2 Found 6/30 approved changesets -- score normalized to 2 Maintained :green_circle: 10 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases :warning: -1 no releases found Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
npm/graphql	16.9.0	:green_circle: 5.1	Details Check Score Reason Maintained :green_circle: 10 11 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 3 Found 9/30 approved changesets -- score normalized to 3 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during GetBranch(main): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies :green_circle: 5 dependency not pinned by hash detected -- score normalized to 5 Packaging :warning: -1 packaging workflow not detected Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Security-Policy :green_circle: 10 security policy file detected Vulnerabilities :warning: 0 30 existing vulnerabilities detected
npm/pg	8.12.0	:green_circle: 5	Details Check Score Reason Code-Review :green_circle: 7 Found 20/28 approved changesets -- score normalized to 7 Maintained :green_circle: 10 30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected Token-Permissions :green_circle: 10 GitHub workflow tokens follow principle of least privilege Branch-Protection :warning: 0 branch protection not enabled on development/release branches Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Security-Policy :warning: 0 security policy file not detected Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :warning: 0 42 existing vulnerabilities detected
npm/typescript	5.5.3	:green_circle: 8.7	Details Check Score Reason Binary-Artifacts :green_circle: 10 no binaries found in the repo Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration CI-Tests :green_circle: 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected Code-Review :green_circle: 10 all changesets reviewed Contributors :green_circle: 10 project has 35 contributing companies or organizations Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Dependency-Update-Tool :green_circle: 10 update tool detected Fuzzing :green_circle: 10 project is fuzzed License :green_circle: 10 license file detected Maintained :green_circle: 10 30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10 Packaging :warning: -1 packaging workflow not detected Pinned-Dependencies :green_circle: 6 dependency not pinned by hash detected -- score normalized to 6 SAST :green_circle: 10 SAST tool is run on all commits Security-Policy :green_circle: 10 security policy file detected Signed-Releases :warning: 0 Project has not signed or included provenance with any releases. Token-Permissions :green_circle: 10 GitHub workflow tokens follow principle of least privilege Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected
npm/@tanstack/query-core	5.40.0	Unknown	Unknown
npm/@tanstack/react-query	5.40.0	Unknown	Unknown
npm/array.prototype.tosorted	1.1.3	Unknown	Unknown
npm/encoding	0.1.13	:warning: 1.8	Details Check Score Reason Code-Review :warning: 1 Found 5/29 approved changesets -- score normalized to 1 Maintained :warning: 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Token-Permissions :warning: -1 No tokens found Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: -1 no dependencies found Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :warning: -1 no workflows found Branch-Protection :warning: 0 branch protection not enabled on development/release branches Signed-Releases :warning: -1 no releases found Fuzzing :warning: 0 project is not fuzzed Security-Policy :warning: 0 security policy file not detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :warning: 0 18 existing vulnerabilities detected
npm/eslint-plugin-react	7.34.2	:green_circle: 5.7	Details Check Score Reason Code-Review :warning: 2 Found 6/30 approved changesets -- score normalized to 2 Maintained :green_circle: 10 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases :warning: -1 no releases found Security-Policy :green_circle: 10 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
npm/graphql	16.8.1	:green_circle: 5.1	Details Check Score Reason Maintained :green_circle: 10 11 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 3 Found 9/30 approved changesets -- score normalized to 3 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during GetBranch(main): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies :green_circle: 5 dependency not pinned by hash detected -- score normalized to 5 Packaging :warning: -1 packaging workflow not detected Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Security-Policy :green_circle: 10 security policy file detected Vulnerabilities :warning: 0 30 existing vulnerabilities detected
npm/iconv-lite	0.6.3	:green_circle: 3.2	Details Check Score Reason Maintained :warning: 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 Code-Review :warning: 1 Found 5/30 approved changesets -- score normalized to 1 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :warning: -1 no workflows found Token-Permissions :warning: -1 No tokens found Branch-Protection :warning: 0 branch protection not enabled on development/release branches Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: -1 no dependencies found Signed-Releases :warning: -1 no releases found Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Security-Policy :warning: 0 security policy file not detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
npm/pg	8.11.5	:green_circle: 5	Details Check Score Reason Code-Review :green_circle: 7 Found 20/28 approved changesets -- score normalized to 7 Maintained :green_circle: 10 30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected Token-Permissions :green_circle: 10 GitHub workflow tokens follow principle of least privilege Branch-Protection :warning: 0 branch protection not enabled on development/release branches Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Security-Policy :warning: 0 security policy file not detected Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :warning: 0 42 existing vulnerabilities detected
npm/typescript	5.4.5	:green_circle: 8.7	Details Check Score Reason Binary-Artifacts :green_circle: 10 no binaries found in the repo Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration CI-Tests :green_circle: 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected Code-Review :green_circle: 10 all changesets reviewed Contributors :green_circle: 10 project has 35 contributing companies or organizations Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Dependency-Update-Tool :green_circle: 10 update tool detected Fuzzing :green_circle: 10 project is fuzzed License :green_circle: 10 license file detected Maintained :green_circle: 10 30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10 Packaging :warning: -1 packaging workflow not detected Pinned-Dependencies :green_circle: 6 dependency not pinned by hash detected -- score normalized to 6 SAST :green_circle: 10 SAST tool is run on all commits Security-Policy :green_circle: 10 security policy file detected Signed-Releases :warning: 0 Project has not signed or included provenance with any releases. Token-Permissions :green_circle: 10 GitHub workflow tokens follow principle of least privilege Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected
npm/graphql	16.9.0	:green_circle: 5.1	Details Check Score Reason Maintained :green_circle: 10 11 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 3 Found 9/30 approved changesets -- score normalized to 3 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during GetBranch(main): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies :green_circle: 5 dependency not pinned by hash detected -- score normalized to 5 Packaging :warning: -1 packaging workflow not detected Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Security-Policy :green_circle: 10 security policy file detected Vulnerabilities :warning: 0 30 existing vulnerabilities detected
npm/graphql	16.8.1	:green_circle: 5.1	Details Check Score Reason Maintained :green_circle: 10 11 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 3 Found 9/30 approved changesets -- score normalized to 3 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during GetBranch(main): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies :green_circle: 5 dependency not pinned by hash detected -- score normalized to 5 Packaging :warning: -1 packaging workflow not detected Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Security-Policy :green_circle: 10 security policy file detected Vulnerabilities :warning: 0 30 existing vulnerabilities detected
npm/graphql	16.9.0	:green_circle: 5.1	Details Check Score Reason Maintained :green_circle: 10 11 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 3 Found 9/30 approved changesets -- score normalized to 3 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during GetBranch(main): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies :green_circle: 5 dependency not pinned by hash detected -- score normalized to 5 Packaging :warning: -1 packaging workflow not detected Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Security-Policy :green_circle: 10 security policy file detected Vulnerabilities :warning: 0 30 existing vulnerabilities detected
npm/graphql	16.8.1	:green_circle: 5.1	Details Check Score Reason Maintained :green_circle: 10 11 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 3 Found 9/30 approved changesets -- score normalized to 3 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during GetBranch(main): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies :green_circle: 5 dependency not pinned by hash detected -- score normalized to 5 Packaging :warning: -1 packaging workflow not detected Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Security-Policy :green_circle: 10 security policy file detected Vulnerabilities :warning: 0 30 existing vulnerabilities detected
npm/graphql	16.9.0	:green_circle: 5.1	Details Check Score Reason Maintained :green_circle: 10 11 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 3 Found 9/30 approved changesets -- score normalized to 3 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during GetBranch(main): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies :green_circle: 5 dependency not pinned by hash detected -- score normalized to 5 Packaging :warning: -1 packaging workflow not detected Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Security-Policy :green_circle: 10 security policy file detected Vulnerabilities :warning: 0 30 existing vulnerabilities detected
npm/graphql	16.8.1	:green_circle: 5.1	Details Check Score Reason Maintained :green_circle: 10 11 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 3 Found 9/30 approved changesets -- score normalized to 3 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during GetBranch(main): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies :green_circle: 5 dependency not pinned by hash detected -- score normalized to 5 Packaging :warning: -1 packaging workflow not detected Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Security-Policy :green_circle: 10 security policy file detected Vulnerabilities :warning: 0 30 existing vulnerabilities detected
npm/graphql	16.9.0	:green_circle: 5.1	Details Check Score Reason Maintained :green_circle: 10 11 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 3 Found 9/30 approved changesets -- score normalized to 3 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during GetBranch(main): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies :green_circle: 5 dependency not pinned by hash detected -- score normalized to 5 Packaging :warning: -1 packaging workflow not detected Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Security-Policy :green_circle: 10 security policy file detected Vulnerabilities :warning: 0 30 existing vulnerabilities detected
npm/graphql	16.8.1	:green_circle: 5.1	Details Check Score Reason Maintained :green_circle: 10 11 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 3 Found 9/30 approved changesets -- score normalized to 3 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during GetBranch(main): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies :green_circle: 5 dependency not pinned by hash detected -- score normalized to 5 Packaging :warning: -1 packaging workflow not detected Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Security-Policy :green_circle: 10 security policy file detected Vulnerabilities :warning: 0 30 existing vulnerabilities detected
npm/graphql	16.9.0	:green_circle: 5.1	Details Check Score Reason Maintained :green_circle: 10 11 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 3 Found 9/30 approved changesets -- score normalized to 3 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during GetBranch(main): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies :green_circle: 5 dependency not pinned by hash detected -- score normalized to 5 Packaging :warning: -1 packaging workflow not detected Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Security-Policy :green_circle: 10 security policy file detected Vulnerabilities :warning: 0 30 existing vulnerabilities detected
npm/graphql	16.8.1	:green_circle: 5.1	Details Check Score Reason Maintained :green_circle: 10 11 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 3 Found 9/30 approved changesets -- score normalized to 3 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during GetBranch(main): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies :green_circle: 5 dependency not pinned by hash detected -- score normalized to 5 Packaging :warning: -1 packaging workflow not detected Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Security-Policy :green_circle: 10 security policy file detected Vulnerabilities :warning: 0 30 existing vulnerabilities detected

Scanned Manifest Files

package-lock.json

• @tanstack/query-core@5.50.1
• @tanstack/react-query@5.50.1
• array.prototype.tosorted@1.1.4
• encoding@0.1.13
• eslint-plugin-react@7.34.3
• graphql@16.9.0
• pg@8.12.0
• typescript@5.5.3
• @tanstack/query-core@5.40.0
• @tanstack/react-query@5.40.0
• array.prototype.tosorted@1.1.3
• encoding@0.1.13
• eslint-plugin-react@7.34.2
• graphql@16.8.1
• iconv-lite@0.6.3
• pg@8.11.5
• typescript@5.4.5

packages/authx/package.json

• graphql@16.9.0
• graphql@16.8.1

packages/strategy-email/package.json

• graphql@16.9.0
• graphql@16.8.1

packages/strategy-openid/package.json

• graphql@16.9.0
• graphql@16.8.1

packages/strategy-password/package.json

• graphql@16.9.0
• graphql@16.8.1

packages/strategy-saml/package.json

• graphql@16.9.0
• graphql@16.8.1

[sonarcloud[bot]]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

[dependabot[bot]]

Looks like these dependencies are updatable in another way, so this is no longer needed.