Bump the eslint group in /frontend-react with 7 updates

[dependabot]

Bumps the eslint group in /frontend-react with 7 updates:

Package	From	To
eslint	8.57.0	9.13.0
eslint-import-resolver-typescript	3.6.1	3.6.3
eslint-plugin-import	2.29.1	2.31.0
eslint-plugin-jsx-a11y	6.9.0	6.10.1
eslint-plugin-react	7.34.3	7.37.2
eslint-plugin-react-hooks	4.6.2	5.0.0
eslint-plugin-react-refresh	0.4.7	0.4.13

Updates eslint from 8.57.0 to 9.13.0

Release notes

Sourced from eslint's releases.

v9.13.0

Features

• 381c32b feat: Allow languages to provide defaultLanguageOptions (#19003) (Milos Djermanovic)
• bf723bd feat: Improve eslintrc warning message (#19023) (Milos Djermanovic)
• 1def4cd feat: drop support for jiti v1.21 (#18996) (Francesco Trotta)
• f879be2 feat: export ESLint.defaultConfig (#18983) (Nitin Kumar)

Bug Fixes

• 78836d4 fix: update the complexity rule type (#19027) (Nitin Kumar)
• 064c8b6 fix: update rule types (#18925) (Nitin Kumar)

Documentation

• abdbfa8 docs: mark LintMessage#nodeType as deprecated (#19019) (Nitin Kumar)
• 19e68d3 docs: update deprecated rules type definitions (#19018) (Nitin Kumar)
• 7dd402d docs: Update examples of passing multiple values to a CLI option (#19006) (Milos Djermanovic)
• 5dcbc51 docs: Add example with side-effect imports to no-restricted-imports (#18997) (Milos Djermanovic)
• 1ee87ca docs: Update README (GitHub Actions Bot)
• 2c3dbdc docs: Use prerendered sponsors for README (#18988) (Milos Djermanovic)

Chores

• 68d2d9d chore: upgrade to @eslint/js@9.13.0 and @eslint/core@^0.7.0 (#19034) (Francesco Trotta)
• 2211f0a chore: package.json update for @​eslint/js release (Jenkins)
• c7abaef perf: using Node.js compile cache (#19012) (唯然)
• 1d7c077 chore: add pkg.type "commonjs" (#19011) (唯然)
• 468e3bd test: fix ESLint tests (#19021) (Francesco Trotta)
• ed4635f ci: upgrade knip@5.32.0 (#18992) (Milos Djermanovic)
• efad767 chore: remove unused ignore dependency (#18993) (Amaresh S M)

v9.12.0

Features

• 5a6a053 feat: update to jiti v2 (#18954) (Arya Emami)
• 17a07fb feat: Hooks for test cases (RuleTester) (#18771) (Anna Bocharova)
• 2ff0e51 feat: Implement alternate config lookup (#18742) (Nicholas C. Zakas)
• 2d17453 feat: Implement modified cyclomatic complexity (#18896) (Dmitry Pashkevich)

Bug Fixes

• ea380ca fix: Upgrade retry to avoid EMFILE errors (#18986) (Nicholas C. Zakas)
• fdd6319 fix: Issues with type definitions (#18940) (Arya Emami)

Documentation

• ecbd522 docs: Mention code explorer (#18978) (Nicholas C. Zakas)
• 7ea4ecc docs: Clarifying the Use of Meta Objects (#18697) (Amaresh S M)
• d3e4b2e docs: Clarify how to exclude .js files (#18976) (Milos Djermanovic)
• 57232ff docs: Mention plugin-kit in language docs (#18973) (Nicholas C. Zakas)
• b80ed00 docs: Update README (GitHub Actions Bot)
• cb69ab3 docs: Update README (GitHub Actions Bot)
• 7fb0d95 docs: Update README (GitHub Actions Bot)
• 493348a docs: Update README (GitHub Actions Bot)
• 87a582c docs: fix typo in id-match rule (#18944) (Jay)

... (truncated)

Changelog

Sourced from eslint's changelog.

v9.13.0 - October 18, 2024

• 68d2d9d chore: upgrade to @eslint/js@9.13.0 and @eslint/core@^0.7.0 (#19034) (Francesco Trotta)
• 2211f0a chore: package.json update for @​eslint/js release (Jenkins)
• 381c32b feat: Allow languages to provide defaultLanguageOptions (#19003) (Milos Djermanovic)
• 78836d4 fix: update the complexity rule type (#19027) (Nitin Kumar)
• c7abaef perf: using Node.js compile cache (#19012) (唯然)
• bf723bd feat: Improve eslintrc warning message (#19023) (Milos Djermanovic)
• 1d7c077 chore: add pkg.type "commonjs" (#19011) (唯然)
• abdbfa8 docs: mark LintMessage#nodeType as deprecated (#19019) (Nitin Kumar)
• 468e3bd test: fix ESLint tests (#19021) (Francesco Trotta)
• 19e68d3 docs: update deprecated rules type definitions (#19018) (Nitin Kumar)
• 1def4cd feat: drop support for jiti v1.21 (#18996) (Francesco Trotta)
• 7dd402d docs: Update examples of passing multiple values to a CLI option (#19006) (Milos Djermanovic)
• 064c8b6 fix: update rule types (#18925) (Nitin Kumar)
• f879be2 feat: export ESLint.defaultConfig (#18983) (Nitin Kumar)
• 5dcbc51 docs: Add example with side-effect imports to no-restricted-imports (#18997) (Milos Djermanovic)
• ed4635f ci: upgrade knip@5.32.0 (#18992) (Milos Djermanovic)
• efad767 chore: remove unused ignore dependency (#18993) (Amaresh S M)
• 1ee87ca docs: Update README (GitHub Actions Bot)
• 2c3dbdc docs: Use prerendered sponsors for README (#18988) (Milos Djermanovic)

v9.12.0 - October 4, 2024

• 555aafd chore: upgrade to @eslint/js@9.12.0 (#18987) (Francesco Trotta)
• 873ae60 chore: package.json update for @​eslint/js release (Jenkins)
• ea380ca fix: Upgrade retry to avoid EMFILE errors (#18986) (Nicholas C. Zakas)
• d0a5414 refactor: replace strip-ansi with native module (#18982) (Cristopher)
• b827029 chore: Enable JSON5 linting (#18979) (Milos Djermanovic)
• ecbd522 docs: Mention code explorer (#18978) (Nicholas C. Zakas)
• 7ea4ecc docs: Clarifying the Use of Meta Objects (#18697) (Amaresh S M)
• d3e4b2e docs: Clarify how to exclude .js files (#18976) (Milos Djermanovic)
• 5a6a053 feat: update to jiti v2 (#18954) (Arya Emami)
• 57232ff docs: Mention plugin-kit in language docs (#18973) (Nicholas C. Zakas)
• b80ed00 docs: Update README (GitHub Actions Bot)
• cb69ab3 docs: Update README (GitHub Actions Bot)
• 7fb0d95 docs: Update README (GitHub Actions Bot)
• fdd6319 fix: Issues with type definitions (#18940) (Arya Emami)
• 8f55ca2 chore: Upgrade espree, eslint-visitor-keys, eslint-scope (#18962) (Nicholas C. Zakas)
• 17a07fb feat: Hooks for test cases (RuleTester) (#18771) (Anna Bocharova)
• 493348a docs: Update README (GitHub Actions Bot)
• 87a582c docs: fix typo in id-match rule (#18944) (Jay)
• 2ff0e51 feat: Implement alternate config lookup (#18742) (Nicholas C. Zakas)
• 2d17453 feat: Implement modified cyclomatic complexity (#18896) (Dmitry Pashkevich)
• c1a2725 chore: update dependency mocha to ^10.7.3 (#18945) (Milos Djermanovic)

v9.11.1 - September 23, 2024

• df4a859 chore: upgrade @​eslint/js@​9.11.1 (#18943) (Milos Djermanovic)
• 36d8095 chore: package.json update for @​eslint/js release (Jenkins)

... (truncated)

Commits

• 1a7cdbf 9.13.0
• 627d5bf Build: changelog update for 9.13.0
• 68d2d9d chore: upgrade to @eslint/js@9.13.0 and @eslint/core@^0.7.0 (#19034)
• 2211f0a chore: package.json update for @​eslint/js release
• 381c32b feat: Allow languages to provide defaultLanguageOptions (#19003)
• 78836d4 fix: update the complexity rule type (#19027)
• c7abaef perf: using Node.js compile cache (#19012)
• bf723bd feat: Improve eslintrc warning message (#19023)
• 1d7c077 chore: add pkg.type "commonjs" (#19011)
• abdbfa8 docs: mark LintMessage#nodeType as deprecated (#19019)
• Additional commits viewable in compare view

Updates eslint-import-resolver-typescript from 3.6.1 to 3.6.3

Release notes

Sourced from eslint-import-resolver-typescript's releases.

v3.6.3

Patch Changes

• #305 f8d7b82 Thanks @​SukkaW! - Fix resolve for node:test, node:sea, and node:sqlite without sacrificing installation size

• #288 a4c6c78 Thanks @​SunsetTechuila! - fix: ignore bun built-in modules

Changelog

Sourced from eslint-import-resolver-typescript's changelog.

3.6.3

Patch Changes

• #305 f8d7b82 Thanks @​SukkaW! - Fix resolve for node:test, node:sea, and node:sqlite without sacrificing installation size

• #288 a4c6c78 Thanks @​SunsetTechuila! - fix: ignore bun built-in modules

3.6.2

Patch Changes

• #294 10f9b17 Thanks @​RobinTail! - Allow either eslint-plugin-import-x or eslint-plugin-import plugin as a peer dependency.

• #295 ff3d3c6 Thanks @​wojtekmaj! - chore(deps): remove is-core-module dependency

Commits

• 3dfad60 chore(deps): update dependency node to v18.20.4 (#309)
• 47561fb chore(deps): update dependency @​changesets/cli to ^2.27.7 (#308)
• c9b5626 chore: release eslint-import-resolver-typescript (#302)
• f8d7b82 fix(#303): use @nolyfill/is-core-module (#305)
• a4c6c78 fix: ignore bun built-in modules (#288)
• 79148f4 chore: release eslint-import-resolver-typescript (#301)
• ff3d3c6 chore(deps): remove is-core-module dependency (#295)
• 10f9b17 Allow either import or import-x plugin as a peer dependency (#294)
• b777b44 ci(workflows/ci): setup node before enabling corepack (#300)
• 4f9db59 chore(deps): update dependency node to v18.20.3 (#297)
• Additional commits viewable in compare view

Updates eslint-plugin-import from 2.29.1 to 2.31.0

Release notes

Sourced from eslint-plugin-import's releases.

v2.31.0

Added

• support eslint v9 (#2996, thanks [@​G-Rath] [@​michaelfaith])
• order: allow validating named imports (#3043, thanks [@​manuth])
• extensions: add the checkTypeImports option (#2817, thanks [@​phryneas])

Fixed

• ExportMap / flat config: include languageOptions in context (#3052, thanks [@​michaelfaith])
• no-named-as-default: Allow using an identifier if the export is both a named and a default export (#3032, thanks [@​akwodkiewicz])
• export: False positive for exported overloaded functions in TS (#3065, thanks [@​liuxingbaoyu])
• exportMap: export map cache is tainted by unreliable parse results (#3062, thanks [@​michaelfaith])
• exportMap: improve cacheKey when using flat config (#3072, thanks [@​michaelfaith])
• adjust "is source type module" checks for flat config (#2996, thanks [@​G-Rath])

Changed

• [Docs] no-relative-packages: fix typo (#3066, thanks [@​joshuaobrien])
• [Performance] no-cycle: dont scc for each linted file (#3068, thanks [@​soryy708])
• [Docs] no-cycle: add disableScc to docs (#3070, thanks [@​soryy708])
• [Tests] use re-exported RuleTester (#3071, thanks [@​G-Rath])
• [Docs] no-restricted-paths: fix grammar (#3073, thanks [@​unbeauvoyage])
• [Tests] no-default-export, no-named-export: add test case (thanks [@​G-Rath])

#3073: import-js/eslint-plugin-import#3073 #3072: import-js/eslint-plugin-import#3072 #3071: import-js/eslint-plugin-import#3071 #3070: import-js/eslint-plugin-import#3070 #3068: import-js/eslint-plugin-import#3068 #3066: import-js/eslint-plugin-import#3066 #3065: import-js/eslint-plugin-import#3065 #3062: import-js/eslint-plugin-import#3062 #3052: import-js/eslint-plugin-import#3052 #3043: import-js/eslint-plugin-import#3043 #3032: import-js/eslint-plugin-import#3032 #2996: import-js/eslint-plugin-import#2996 #2817: import-js/eslint-plugin-import#2817 [@​akwodkiewicz]: https://github.com/akwodkiewicz [@​joshuaobrien]: https://github.com/joshuaobrien [@​liuxingbaoyu]: https://github.com/liuxingbaoyu [@​manuth]: https://github.com/manuth [@​michaelfaith]: https://github.com/michaelfaith [@​phryneas]: https://github.com/phryneas

... (truncated)

Changelog

Sourced from eslint-plugin-import's changelog.

[2.31.0] - 2024-10-03

Added

• support eslint v9 (#2996, thanks [@​G-Rath] [@​michaelfaith])
• [order]: allow validating named imports (#3043, thanks [@​manuth])
• [extensions]: add the checkTypeImports option (#2817, thanks [@​phryneas])

Fixed

• ExportMap / flat config: include languageOptions in context (#3052, thanks [@​michaelfaith])
• [no-named-as-default]: Allow using an identifier if the export is both a named and a default export (#3032, thanks [@​akwodkiewicz])
• [export]: False positive for exported overloaded functions in TS (#3065, thanks [@​liuxingbaoyu])
• exportMap: export map cache is tainted by unreliable parse results (#3062, thanks [@​michaelfaith])
• exportMap: improve cacheKey when using flat config (#3072, thanks [@​michaelfaith])
• adjust "is source type module" checks for flat config (#2996, thanks [@​G-Rath])

Changed

• [Docs] [no-relative-packages]: fix typo (#3066, thanks [@​joshuaobrien])
• [Performance] [no-cycle]: dont scc for each linted file (#3068, thanks [@​soryy708])
• [Docs] [no-cycle]: add disableScc to docs (#3070, thanks [@​soryy708])
• [Tests] use re-exported RuleTester (#3071, thanks [@​G-Rath])
• [Docs] [no-restricted-paths]: fix grammar (#3073, thanks [@​unbeauvoyage])
• [Tests] [no-default-export], [no-named-export]: add test case (thanks [@​G-Rath])

[2.30.0] - 2024-09-02

Added

• [dynamic-import-chunkname]: add allowEmpty option to allow empty leading comments (#2942, thanks [@​JiangWeixian])
• [dynamic-import-chunkname]: Allow empty chunk name when webpackMode: 'eager' is set; add suggestions to remove name in eager mode (#3004, thanks [@​amsardesai])
• [no-unused-modules]: Add ignoreUnusedTypeExports option (#3011, thanks [@​silverwind])
• add support for Flat Config (#3018, thanks [@​michaelfaith])

Fixed

• [no-extraneous-dependencies]: allow wrong path (#3012, thanks [@​chabb])
• [no-cycle]: use scc algorithm to optimize (#2998, thanks [@​soryy708])
• [no-duplicates]: Removing duplicates breaks in TypeScript (#3033, thanks [@​yesl-kim])
• [newline-after-import]: fix considerComments option when require (#2952, thanks [@​developer-bandi])
• [order]: do not compare first path segment for relative paths (#2682) (#2885, thanks [@​mihkeleidast])

Changed

• [Docs] [no-extraneous-dependencies]: Make glob pattern description more explicit (#2944, thanks [@​mulztob])
• [no-unused-modules]: add console message to help debug #2866
• [Refactor] ExportMap: make procedures static instead of monkeypatching exportmap (#2982, thanks [@​soryy708])
• [Refactor] ExportMap: separate ExportMap instance from its builder logic (#2985, thanks [@​soryy708])
• [Docs] [order]: Add a quick note on how unbound imports and --fix (#2640, thanks [@​minervabot])
• [Tests] appveyor -> GHA (run tests on Windows in both pwsh and WSL + Ubuntu) (#2987, thanks [@​joeyguerra])
• [actions] migrate OSX tests to GHA ([ljharb#37], thanks [@​aks-])
• [Refactor] exportMapBuilder: avoid hoisting (#2989, thanks [@​soryy708])
• [Refactor] ExportMap: extract "builder" logic to separate files (#2991, thanks [@​soryy708])
• [Docs] [order]: update the description of the pathGroupsExcludedImportTypes option (#3036, thanks [@​liby])
• [readme] Clarify how to install the plugin (#2993, thanks [@​jwbth])

Commits

• 91f809b v2.31.0
• 3f1ac24 [utils] [refactor] parse: avoid using a regex here
• d225176 [New] extensions: add the checkTypeImports option
• 5a51b9a [Tests] rule-tester: try this babel class workaround
• d66cde0 [New] support eslint v9
• d27a639 [Fix] adjust "is source type module" checks for flat config
• 1fa8a07 [Refactor] create sourceType helper
• 0bc1355 [Tests] no-default-export, no-named-export: add test cases with non-modu...
• 55fa203 [Tests] no-default-export, no-named-export: add test case
• 6be20df [Docs] no-restricted-paths: fix grammar
• Additional commits viewable in compare view

Updates eslint-plugin-jsx-a11y from 6.9.0 to 6.10.1

Release notes

Sourced from eslint-plugin-jsx-a11y's releases.

v6.10.0

Added

• [New] add eslint 9 support by @​michaelfaith in jsx-eslint/eslint-plugin-jsx-a11y#1009
• [New] label-has-associated-control: add additional error message by @​BillyLevin in jsx-eslint/eslint-plugin-jsx-a11y#1007
• Support for attribute by @​edoardocavazza in jsx-eslint/eslint-plugin-jsx-a11y#977
• [New] Add attributes setting by @​edoardocavazza in jsx-eslint/eslint-plugin-jsx-a11y#979
• [New] allow polymorphic linting to be restricted to specified components by @​khiga8 in jsx-eslint/eslint-plugin-jsx-a11y#984

Fixed

• [readme] remove deprecated travis ci badge by @​trajan0x in jsx-eslint/eslint-plugin-jsx-a11y#995
• fix typo in shareable config section in readme by @​plbstl in jsx-eslint/eslint-plugin-jsx-a11y#997
• [readme] fix jsxA11y import name by @​k35o in jsx-eslint/eslint-plugin-jsx-a11y#1003
• [Fix]: label-has-associated-control: ignore undetermined label text by @​BillyLevin in jsx-eslint/eslint-plugin-jsx-a11y#1004

New Contributors

• @​trajan0x made their first contribution in jsx-eslint/eslint-plugin-jsx-a11y#995
• @​plbstl made their first contribution in jsx-eslint/eslint-plugin-jsx-a11y#997
• @​k35o made their first contribution in jsx-eslint/eslint-plugin-jsx-a11y#1003
• @​BillyLevin made their first contribution in jsx-eslint/eslint-plugin-jsx-a11y#1004
• @​edoardocavazza made their first contribution in jsx-eslint/eslint-plugin-jsx-a11y#977

Full Changelog: jsx-eslint/eslint-plugin-jsx-a11y@v6.9.0...v6.10.0

Changelog

Sourced from eslint-plugin-jsx-a11y's changelog.

v6.10.1 - 2024-10-20

Commits

• [Fix] handle interactive/noninteractive changes from aria-query 4925ba8
• [Docs] Use consistent spelling of 'screen reader' cb6788c
• [Dev Deps] update @babel/cli, @babel/core, @babel/eslint-parser, @babel/plugin-transform-flow-strip-types, @babel/register, auto-changelog, eslint-plugin-import, tape 518a77e
• [Deps] update es-iterator-helpers, string.prototype.includes eed03a3
• [meta] package.json - Update jscodeshift & remove babel-jest 2ee940c
• [Docs] Remove accidental whitespace in CONTRIBUTING.md a262131
• [Deps] unpin aria-query e517937

v6.10.0 - 2024-09-03

Fixed

• [New] label-has-associated-control: add additional error message [#1005](https://github.com/jsx-eslint/eslint-plugin-jsx-a11y/issues/1005)
• [Fix] label-has-associated-control: ignore undetermined label text [#966](https://github.com/jsx-eslint/eslint-plugin-jsx-a11y/issues/966)

Commits

• [Tests] switch from jest to tape a284cbf
• [New] add eslint 9 support deac4fd
• [New] add attributes setting a1ee7f8
• [New] allow polymorphic linting to be restricted 6cd1a70
• [Tests] remove duplicate tests 74d5dec
• [Dev Deps] update @babel/cli, @babel/core, @babel/eslint-parser, @babel/plugin-transform-flow-strip-types 6eca235
• [readme] remove deprecated travis ci badge; add github actions badge 0be7ea9
• [Tests] use npm audit instead of aud 05a5e49
• [Deps] update axobject-query 912e98c
• [Deps] unpin axobject-query 75147aa
• [Deps] update axe-core 27ff7cb
• [readme] fix jsxA11y import name ce846e0
• [readme] fix typo in shareable config section in readme cca288b

Commits

• e5dda96 v6.10.1
• eed03a3 [Deps] update es-iterator-helpers, string.prototype.includes
• 518a77e [Dev Deps] update @babel/cli, @babel/core, @babel/eslint-parser, `@babe...
• 2ee940c [meta] package.json - Update jscodeshift & remove babel-jest
• a262131 [Docs] Remove accidental whitespace in CONTRIBUTING.md
• cb6788c [Docs] Use consistent spelling of 'screen reader'
• 4925ba8 [Fix] handle interactive/noninteractive changes from aria-query
• e517937 [Deps] unpin aria-query
• 65c9338 v6.10.0
• 912e98c [Deps] update axobject-query
• Additional commits viewable in compare view

Updates eslint-plugin-react from 7.34.3 to 7.37.2

Release notes

Sourced from eslint-plugin-react's releases.

v7.37.2

Fixed

• [destructuring-assignment]: fix false negative when using typeof props.a (#3835[] @​golopot)

Changed

• [Refactor] [destructuring-assignment]: use getParentStatelessComponent (#3835[] @​golopot)

#3835: jsx-eslint/eslint-plugin-react#3835 [destructuring-assignment]: docs/rules/destructuring-assignment.md

v7.37.1

Fixed

• [meta] do not npmignore d.ts files (#3836[] @​ljharb)

Changed

• [readme] Fix shared settings link (#3834[] @​MgenGlder)

#3834: jsx-eslint/eslint-plugin-react#3834 #3836: jsx-eslint/eslint-plugin-react#3836

v7.37.0

Added

• add type generation (#3830[] @​voxpelli)
• [no-unescaped-entities]: add suggestions (#3831[] @​StyleShit)
• [forbid-component-props]: add allowedForPatterns/disallowedForPatterns options (#3805[] @​Efimenko)
• [no-unstable-nested-components]: add propNamePattern to support custom render prop naming conventions (#3826[] @​danreeves)

Changed

• [readme] flat config example for react 17+ (#3824[] @​GabenGar)

#3805: jsx-eslint/eslint-plugin-react#3805 #3824: jsx-eslint/eslint-plugin-react#3824 #3826: jsx-eslint/eslint-plugin-react#3826 #3830: jsx-eslint/eslint-plugin-react#3830 #3831: jsx-eslint/eslint-plugin-react#3831 [forbid-component-props]: docs/rules/forbid-component-props.md [no-unescaped-entities]: docs/rules/no-unescaped-entities.md [no-unstable-nested-components]: docs/rules/no-unstable-nested-componen...

Description has been truncated

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
npm/eslint	9.13	🟢 6.9	Details Check Score Reason Code-Review 🟢 7 Found 21/30 approved changesets -- score normalized to 7 Maintained 🟢 10 30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Vulnerabilities 🟢 10 0 existing vulnerabilities detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits
npm/eslint-import-resolver-typescript	^3.6.3	🟢 5.2	Details Check Score Reason Code-Review ⚠️ 1 Found 4/28 approved changesets -- score normalized to 1 Maintained 🟢 10 10 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 9 security policy file detected SAST 🟢 9 SAST tool detected but not run on all commits Vulnerabilities ⚠️ 1 9 existing vulnerabilities detected
npm/eslint-plugin-import	^2.31.0	🟢 6	Details Check Score Reason Maintained 🟢 10 26 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 5 Found 14/24 approved changesets -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/eslint-plugin-jsx-a11y	^6.10.1	🟢 5.8	Details Check Score Reason Code-Review 🟢 3 Found 10/29 approved changesets -- score normalized to 3 Maintained 🟢 10 13 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 9 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/eslint-plugin-react	^7.37.2	🟢 6	Details Check Score Reason Code-Review 🟢 5 Found 14/28 approved changesets -- score normalized to 5 Maintained 🟢 10 27 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/eslint-plugin-react-hooks	^5.0.0	🟢 5.2	Details Check Score Reason Code-Review 🟢 7 Found 21/28 approved changesets -- score normalized to 7 Maintained 🟢 10 30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 License 🟢 10 license file detected CII-Best-Practices ⚠️ 2 badge detected: InProgress Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts 🟢 9 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 193 existing vulnerabilities detected
npm/eslint-plugin-react-refresh	^0.4.13	Unknown	Unknown
npm/@eslint-community/regexpp	4.11.1	Unknown	Unknown
npm/@eslint/config-array	0.18.0	Unknown	Unknown
npm/@eslint/core	0.7.0	Unknown	Unknown
npm/@eslint/eslintrc	3.1.0	🟢 5.8	Details Check Score Reason Code-Review 🟢 9 Found 19/21 approved changesets -- score normalized to 9 Maintained ⚠️ 1 0 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 1 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 10 security policy file detected Packaging 🟢 10 packaging workflow detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/@eslint/js	9.13.0	🟢 6.9	Details Check Score Reason Code-Review 🟢 7 Found 21/30 approved changesets -- score normalized to 7 Maintained 🟢 10 30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Vulnerabilities 🟢 10 0 existing vulnerabilities detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits
npm/@eslint/object-schema	2.1.4	Unknown	Unknown
npm/@eslint/plugin-kit	0.2.1	Unknown	Unknown
npm/@humanfs/core	0.19.0	Unknown	Unknown
npm/@humanfs/node	0.16.5	Unknown	Unknown
npm/@humanwhocodes/retry	0.3.1	Unknown	Unknown
npm/@nolyfill/is-core-module	1.0.39	Unknown	Unknown
npm/@rtsao/scc	1.1.0	🟢 3.3	Details Check Score Reason Code-Review ⚠️ 2 Found 1/4 approved changesets -- score normalized to 2 Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow ⚠️ -1 no workflows found Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ -1 No tokens found Pinned-Dependencies ⚠️ -1 no dependencies found Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Security-Policy ⚠️ 0 security policy file not detected Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected
npm/acorn	8.13.0	🟢 5.3	Details Check Score Reason Maintained 🟢 10 7 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 3 Found 8/26 approved changesets -- score normalized to 3 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege License ⚠️ 0 license file not detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Security-Policy ⚠️ 0 security policy file not detected Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/aria-query	5.3.2	🟢 6.3	Details Check Score Reason Code-Review 🟢 3 Found 9/23 approved changesets -- score normalized to 3 Maintained 🟢 10 12 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 9 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/array.prototype.findlastindex	1.2.5	🟢 4.4	Details Check Score Reason Code-Review ⚠️ 0 Found 0/30 approved changesets -- score normalized to 0 Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST ⚠️ 0 no SAST tool detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Security-Policy 🟢 9 security policy file detected
npm/axe-core	4.10.1	🟢 6	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 26 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 5 dependency not pinned by hash detected -- score normalized to 5 Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 1 9 existing vulnerabilities detected
npm/axobject-query	4.1.0	🟢 5.6	Details Check Score Reason Code-Review ⚠️ 1 Found 3/16 approved changesets -- score normalized to 1 Maintained 🟢 5 5 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 9 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/enhanced-resolve	5.17.1	🟢 6	Details Check Score Reason Code-Review ⚠️ 1 Found 2/11 approved changesets -- score normalized to 1 Maintained 🟢 10 6 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected
npm/es-iterator-helpers	1.1.0	🟢 4.9	Details Check Score Reason Code-Review ⚠️ 0 Found 1/30 approved changesets -- score normalized to 0 Maintained 🟢 5 6 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Signed-Releases ⚠️ -1 no releases found License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 9 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/eslint	9.13.0	🟢 6.9	Details Check Score Reason Code-Review 🟢 7 Found 21/30 approved changesets -- score normalized to 7 Maintained 🟢 10 30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Vulnerabilities 🟢 10 0 existing vulnerabilities detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits
npm/eslint-import-resolver-typescript	3.6.3	🟢 5.2	Details Check Score Reason Code-Review ⚠️ 1 Found 4/28 approved changesets -- score normalized to 1 Maintained 🟢 10 10 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 9 security policy file detected SAST 🟢 9 SAST tool detected but not run on all commits Vulnerabilities ⚠️ 1 9 existing vulnerabilities detected
npm/eslint-module-utils	2.12.0	🟢 6	Details Check Score Reason Maintained 🟢 10 26 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 5 Found 14/24 approved changesets -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/eslint-plugin-import	2.31.0	🟢 6	Details Check Score Reason Maintained 🟢 10 26 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 5 Found 14/24 approved changesets -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/eslint-plugin-jsx-a11y	6.10.1	🟢 5.8	Details Check Score Reason Code-Review 🟢 3 Found 10/29 approved changesets -- score normalized to 3 Maintained 🟢 10 13 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 9 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/eslint-plugin-react	7.37.2	🟢 6	Details Check Score Reason Code-Review 🟢 5 Found 14/28 approved changesets -- score normalized to 5 Maintained 🟢 10 27 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/eslint-plugin-react-hooks	5.0.0	🟢 5.2	Details Check Score Reason Code-Review 🟢 7 Found 21/28 approved changesets -- score normalized to 7 Maintained 🟢 10 30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 License 🟢 10 license file detected CII-Best-Practices ⚠️ 2 badge detected: InProgress Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts 🟢 9 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 193 existing vulnerabilities detected
npm/eslint-plugin-react-refresh	0.4.13	Unknown	Unknown
npm/eslint-scope	8.1.0	Unknown	Unknown
npm/eslint-visitor-keys	4.1.0	Unknown	Unknown
npm/espree	10.2.0	Unknown	Unknown
npm/esquery	1.6.0	🟢 4.3	Details Check Score Reason Code-Review 🟢 5 Found 8/14 approved changesets -- score normalized to 5 Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 9 license file detected Signed-Releases ⚠️ -1 no releases found Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Security-Policy ⚠️ 0 security policy file not detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/file-entry-cache	8.0.0	🟢 4.2	Details Check Score Reason Code-Review ⚠️ 0 Found 0/14 approved changesets -- score normalized to 0 Maintained 🟢 8 10 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 8 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/flat-cache	4.0.1	🟢 4	Details Check Score Reason Code-Review ⚠️ 1 Found 2/14 approved changesets -- score normalized to 1 Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Security-Policy ⚠️ 0 security policy file not detected Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST 🟢 8 SAST tool is not run on all commits -- score normalized to 8
npm/globals	14.0.0	🟢 5.4	Details Check Score Reason Code-Review 🟢 4 Found 10/23 approved changesets -- score normalized to 4 Maintained 🟢 10 9 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/globalthis	1.0.4	Unknown	Unknown
npm/is-bun-module	1.2.1	Unknown	Unknown
npm/is-core-module	2.15.1	🟢 4.9	Details Check Score Reason Code-Review ⚠️ 0 Found 0/30 approved changesets -- score normalized to 0 Maintained 🟢 5 6 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST ⚠️ 0 no SAST tool detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Security-Policy 🟢 9 security policy file detected
npm/iterator.prototype	1.1.3	🟢 5.9	Details Check Score Reason Code-Review ⚠️ 0 Found 0/24 approved changesets -- score normalized to 0 Maintained 🟢 4 5 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 4 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Binary-Artifacts 🟢 10 no binaries found in the repo SAST ⚠️ 0 no SAST tool detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Security-Policy 🟢 9 security policy file detected
npm/object.groupby	1.0.3	Unknown	Unknown
npm/string.prototype.includes	2.0.1	🟢 4.4	Details Check Score Reason Code-Review ⚠️ 1 Found 2/15 approved changesets -- score normalized to 1 Maintained 🟢 9 11 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 9 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/string.prototype.repeat	1.0.0	🟢 3	Details Check Score Reason Code-Review ⚠️ 0 Found 1/17 approved changesets -- score normalized to 0 Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow ⚠️ -1 no workflows found Token-Permissions ⚠️ -1 No tokens found Pinned-Dependencies ⚠️ -1 no dependencies found Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Security-Policy ⚠️ 0 security policy file not detected Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0

Scanned Manifest Files

frontend-react/package.json

• eslint@9.13
• eslint-import-resolver-typescript@^3.6.3
• eslint-plugin-import@^2.31.0
• eslint-plugin-jsx-a11y@^6.10.1
• eslint-plugin-react@^7.37.2
• eslint-plugin-react-hooks@^5.0.0
• eslint-plugin-react-refresh@^0.4.13
• eslint@8.57
• eslint-import-resolver-typescript@^3.6.1
• eslint-plugin-import@^2.29.1
• eslint-plugin-jsx-a11y@^6.9.0
• eslint-plugin-react@^7.34.3
• eslint-plugin-react-hooks@^4.6.2
• eslint-plugin-react-refresh@^0.4.7

frontend-react/yarn.lock

• @eslint-community/regexpp@4.11.1
• @eslint/config-array@0.18.0
• @eslint/core@0.7.0
• @eslint/eslintrc@3.1.0
• @eslint/js@9.13.0
• @eslint/object-schema@2.1.4
• @eslint/plugin-kit@0.2.1
• @humanfs/core@0.19.0
• @humanfs/node@0.16.5
• @humanwhocodes/retry@0.3.1
• @nolyfill/is-core-module@1.0.39
• @rtsao/scc@1.1.0
• acorn@8.13.0
• aria-query@5.3.2
• array.prototype.findlastindex@1.2.5
• axe-core@4.10.1
• axobject-query@4.1.0
• enhanced-resolve@5.17.1
• es-iterator-helpers@1.1.0
• eslint@9.13.0
• eslint-import-resolver-typescript@3.6.3
• eslint-module-utils@2.12.0
• eslint-plugin-import@2.31.0
• eslint-plugin-jsx-a11y@6.10.1
• eslint-plugin-react@7.37.2
• eslint-plugin-react-hooks@5.0.0
• eslint-plugin-react-refresh@0.4.13
• eslint-scope@8.1.0
• eslint-visitor-keys@4.1.0
• espree@10.2.0
• esquery@1.6.0
• file-entry-cache@8.0.0
• flat-cache@4.0.1
• globals@14.0.0
• globalthis@1.0.4
• is-bun-module@1.2.1
• is-core-module@2.15.1
• iterator.prototype@1.1.3
• object.groupby@1.0.3
• string.prototype.includes@2.0.1
• string.prototype.repeat@1.0.0
• @eslint/eslintrc@2.1.4
• @eslint/js@8.57.0
• @humanwhocodes/config-array@0.11.14
• @humanwhocodes/object-schema@2.0.3
• array.prototype.filter@1.0.3
• array.prototype.findlastindex@1.2.4
• array.prototype.toreversed@1.1.2
• axobject-query@3.1.1
• enhanced-resolve@5.15.0
• es-array-method-boxes-properly@1.0.0
• es-iterator-helpers@1.0.19
• eslint@8.57.0
• eslint-import-resolver-typescript@3.6.1
• eslint-module-utils@2.8.0
• eslint-plugin-import@2.29.1
• eslint-plugin-jsx-a11y@6.9.0
• eslint-plugin-react@7.34.3
• eslint-plugin-react-hooks@4.6.2
• eslint-plugin-react-refresh@0.4.7
• eslint-scope@7.2.2
• espree@9.6.1
• esquery@1.5.0
• file-entry-cache@6.0.1
• flat-cache@3.2.0
• is-path-inside@3.0.3
• iterator.prototype@1.1.2
• object.groupby@1.0.2
• object.hasown@1.1.4
• string.prototype.includes@2.0.0