chore(deps-dev): bump the dev-dependencies group across 1 directory with 8 updates #917

dependabot · 2024-12-16T19:37:08Z

Bumps the dev-dependencies group with 8 updates in the / directory:

Package	From	To
@docusaurus/module-type-aliases	`3.5.2`	`3.6.3`
@types/prismjs	`1.26.4`	`1.26.5`
@typescript-eslint/eslint-plugin	`8.4.0`	`8.18.1`
@typescript-eslint/parser	`8.4.0`	`8.18.1`
eslint-plugin-react	`7.35.1`	`7.37.2`
husky	`9.1.5`	`9.1.7`
prettier	`3.3.3`	`3.4.2`
typescript	`5.5.4`	`5.7.2`

Updates @docusaurus/module-type-aliases from 3.5.2 to 3.6.3

Release notes

Sourced from @docusaurus/module-type-aliases's releases.

3.6.3 (2024-11-22)

🐛 Bug Fix

docusaurus

#10712 fix(core): disable Rspack incremental in dev (@slorber)

3.6.2 (2024-11-19)

🐛 Bug Fix

docusaurus-module-type-aliases

#10693 fix(types): add missing ambiant TS declarations for .md / .mdx partials (@slorber)

docusaurus-theme-translations

#10688 fix(theme-translation): add and update Japanese translations (@Ryoga-exe)

docusaurus

#10685 fix(cli): docusaurus --help should print plugin commands using extendCli() (@slorber)

docusaurus-bundler

#10680 fix(bundler): allow CSS nesting by default, restore postcss-preset-env (@slorber)

create-docusaurus

#10676 fix(create-docusaurus): add ts exclude to TS init template (@slorber)

docusaurus-bundler, docusaurus-faster, docusaurus

#10648 fix(faster): Upgrade to Rspack 1.1.1, fix build progress bar display (@slorber)

🔧 Maintenance

#10691 chore(ci): retry yarn install to ignore temporary network errors (@slorber)

Committers: 5

Junior_Gx (@goffxnca)

Kyle Tsang (@kyletsang)

Ryoga (@Ryoga-exe)

Sébastien Lorber (@slorber)

Zwyx (@Zwyx)

3.6.1 (2024-11-08)

🐛 Bug Fix

docusaurus

#10658 fix(core): bundler should not minimize static assets (@slorber)

docusaurus-bundler, docusaurus-faster, docusaurus-utils-common, docusaurus-utils

#10649 fix(faster,utils): fix faster/types peerDependencies (@slorber)

💅 Polish

docusaurus-bundler, docusaurus-types, docusaurus

#10655 refactor(faster,bundler,core): improve js loader DX (@slorber)

... (truncated)

Changelog

Sourced from @docusaurus/module-type-aliases's changelog.

3.6.3 (2024-11-22)

🐛 Bug Fix

docusaurus

#10712 fix(core): disable Rspack incremental in dev (@slorber)

Committers: 1

Sébastien Lorber (@slorber)

3.6.2 (2024-11-19)

🐛 Bug Fix

docusaurus-module-type-aliases

#10693 fix(types): add missing ambiant TS declarations for .md / .mdx partials (@slorber)

docusaurus-theme-translations

#10688 fix(theme-translation): add and update Japanese translations (@Ryoga-exe)

docusaurus

#10685 fix(cli): docusaurus --help should print plugin commands using extendCli() (@slorber)

docusaurus-bundler

#10680 fix(bundler): allow CSS nesting by default, restore postcss-preset-env (@slorber)

create-docusaurus

#10676 fix(create-docusaurus): add ts exclude to TS init template (@slorber)

docusaurus-bundler, docusaurus-faster, docusaurus

#10648 fix(faster): Upgrade to Rspack 1.1.1, fix build progress bar display (@slorber)

🔧 Maintenance

#10691 chore(ci): retry yarn install to ignore temporary network errors (@slorber)

Committers: 5

Junior_Gx (@goffxnca)

Kyle Tsang (@kyletsang)

Ryoga (@Ryoga-exe)

Sébastien Lorber (@slorber)

Zwyx (@Zwyx)

3.6.1 (2024-11-08)

🐛 Bug Fix

docusaurus

#10658 fix(core): bundler should not minimize static assets (@slorber)

docusaurus-bundler, docusaurus-faster, docusaurus-utils-common, docusaurus-utils

#10649 fix(faster,utils): fix faster/types peerDependencies (@slorber)

💅 Polish

... (truncated)

Commits

9c0e19c v3.6.3
90e85e8 chore: release Docusaurus 3.6.2 (#10698)
be7bace fix(types): add missing ambiant TS declarations for .md / .mdx partials (#10693)
f127278 chore: release Docusaurus 3.6.1 (#10659)
ed2cdf3 chore: release Docusaurus v3.6 (#10633)
655ce94 chore: release 3.5.2 (#10400)
See full diff in compare view

Updates @types/prismjs from 1.26.4 to 1.26.5

Commits

See full diff in compare view

Updates @typescript-eslint/eslint-plugin from 8.4.0 to 8.18.1

Release notes

Sourced from @typescript-eslint/eslint-plugin's releases.

v8.18.1

8.18.1 (2024-12-16)

🩹 Fixes

eslint-plugin: [no-unnecessary-template-expression] don't report when an expression includes comment (#10444)

eslint-plugin: handle string like index type (#10460)

eslint-plugin: [no-unnecessary-boolean-literal-compare] flag values of a type parameter with boolean type constraints (#10474)

eslint-plugin: use consistent naming for asserting types and casting values (#10472)

eslint-plugin: [no-unnecessary-condition] better message when comparing between literal types (#10454)

scope-manager: visit params decorator before nest scope (#10475)

❤️ Thank You

Kirk Waiblinger @kirkwaiblinger

Ronen Amiel

YeonJuan @yeonjuan

You can read about our versioning strategy and releases on our website.

v8.18.0

8.18.0 (2024-12-09)

🚀 Features

eslint-plugin: [no-deprecated] report on super call of deprecated constructor (#10397)

eslint-plugin: [switch-exhaustiveness-check] add support for "no default" comment (#10218)

🩹 Fixes

typescript peer dependency (#10373)

deps: update dependency eslint to v9.16.0 (#10471)

eslint-plugin: [no-deprecated] check if a JSX attribute is deprecated (#10374)

eslint-plugin: [no-base-to-string] handle more robustly when multiple toString() declarations are present for a type (#10432)

eslint-plugin: [use-unknown-in-catch-callback-variable] only flag function literals (#10436)

❤️ Thank You

Kim Sang Du @developer-bandi

Kirk Waiblinger @kirkwaiblinger

mdm317

rtritto

You can read about our versioning strategy and releases on our website.

v8.17.0

8.17.0 (2024-12-02)

🚀 Features

... (truncated)

Changelog

Sourced from @typescript-eslint/eslint-plugin's changelog.

8.18.1 (2024-12-16)

🩹 Fixes

scope-manager: visit params decorator before nest scope (#10475)

eslint-plugin: [no-unnecessary-condition] better message when comparing between literal types (#10454)

eslint-plugin: use consistent naming for asserting types and casting values (#10472)

eslint-plugin: [no-unnecessary-boolean-literal-compare] flag values of a type parameter with boolean type constraints (#10474)

eslint-plugin: handle string like index type (#10460)

eslint-plugin: [no-unnecessary-template-expression] don't report when an expression includes comment (#10444)

❤️ Thank You

Kirk Waiblinger @kirkwaiblinger

Ronen Amiel

YeonJuan @yeonjuan

You can read about our versioning strategy and releases on our website.

8.18.0 (2024-12-09)

🚀 Features

eslint-plugin: [switch-exhaustiveness-check] add support for "no default" comment (#10218)

eslint-plugin: [no-deprecated] report on super call of deprecated constructor (#10397)

🩹 Fixes

eslint-plugin: [use-unknown-in-catch-callback-variable] only flag function literals (#10436)

eslint-plugin: [no-base-to-string] handle more robustly when multiple toString() declarations are present for a type (#10432)

eslint-plugin: [no-deprecated] check if a JSX attribute is deprecated (#10374)

typescript peer dependency (#10373)

❤️ Thank You

Kim Sang Du @developer-bandi

Kirk Waiblinger @kirkwaiblinger

mdm317

rtritto

You can read about our versioning strategy and releases on our website.

8.17.0 (2024-12-02)

🚀 Features

eslint-plugin: [prefer-promise-reject-errors] options to allow any and unknown (#10392)

🩹 Fixes

... (truncated)

Commits

b2ce158 chore(release): publish 8.18.1
5a9788c fix(scope-manager): visit params decorator before nest scope (#10475)
334d025 fix(eslint-plugin): [no-unnecessary-condition] better message when comparing ...
984f177 fix(eslint-plugin): use consistent naming for asserting types and casting val...
eaae68c fix(eslint-plugin): [no-unnecessary-boolean-literal-compare] flag values of a...
bddb35b fix(eslint-plugin): handle string like index type (#10460)
d5415e2 fix(eslint-plugin): [no-unnecessary-template-expression] don't report when an...
c60dbab chore(release): publish 8.18.0
0d65f17 chore: enforce repo nullish check style (#10419)
a54a8e1 fix(eslint-plugin): [use-unknown-in-catch-callback-variable] only flag functi...
Additional commits viewable in compare view

Updates @typescript-eslint/parser from 8.4.0 to 8.18.1

Release notes

Sourced from @typescript-eslint/parser's releases.

v8.18.1

8.18.1 (2024-12-16)

🩹 Fixes

eslint-plugin: [no-unnecessary-template-expression] don't report when an expression includes comment (#10444)

eslint-plugin: handle string like index type (#10460)

eslint-plugin: [no-unnecessary-boolean-literal-compare] flag values of a type parameter with boolean type constraints (#10474)

eslint-plugin: use consistent naming for asserting types and casting values (#10472)

eslint-plugin: [no-unnecessary-condition] better message when comparing between literal types (#10454)

scope-manager: visit params decorator before nest scope (#10475)

❤️ Thank You

Kirk Waiblinger @kirkwaiblinger

Ronen Amiel

YeonJuan @yeonjuan

You can read about our versioning strategy and releases on our website.

v8.18.0

8.18.0 (2024-12-09)

🚀 Features

eslint-plugin: [no-deprecated] report on super call of deprecated constructor (#10397)

eslint-plugin: [switch-exhaustiveness-check] add support for "no default" comment (#10218)

🩹 Fixes

typescript peer dependency (#10373)

deps: update dependency eslint to v9.16.0 (#10471)

eslint-plugin: [no-deprecated] check if a JSX attribute is deprecated (#10374)

eslint-plugin: [no-base-to-string] handle more robustly when multiple toString() declarations are present for a type (#10432)

eslint-plugin: [use-unknown-in-catch-callback-variable] only flag function literals (#10436)

❤️ Thank You

Kim Sang Du @developer-bandi

Kirk Waiblinger @kirkwaiblinger

mdm317

rtritto

You can read about our versioning strategy and releases on our website.

v8.17.0

8.17.0 (2024-12-02)

🚀 Features

... (truncated)

Changelog

Sourced from @typescript-eslint/parser's changelog.

8.18.1 (2024-12-16)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.18.0 (2024-12-09)

🩹 Fixes

typescript peer dependency (#10373)

❤️ Thank You

rtritto

You can read about our versioning strategy and releases on our website.

8.17.0 (2024-12-02)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.16.0 (2024-11-25)

🚀 Features

support TypeScript 5.7 (#10372)

❤️ Thank You

Josh Goldberg ✨

You can read about our versioning strategy and releases on our website.

8.15.0 (2024-11-18)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.14.0 (2024-11-11)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.13.0 (2024-11-04)

... (truncated)

Commits

b2ce158 chore(release): publish 8.18.1
d03270f chore: fix incorrect licenses (#10481)
c60dbab chore(release): publish 8.18.0
0d65f17 chore: enforce repo nullish check style (#10419)
c92c29d chore: standardise licenses on MIT (#10387)
4cb2cf8 fix: typescript peer dependency (#10373)
2c8a75e chore(release): publish 8.17.0
f74a8fa chore(release): publish 8.16.0
fe6b47f feat: support TypeScript 5.7 (#10372)
2444351 chore(release): publish 8.15.0
Additional commits viewable in compare view

Updates eslint-plugin-react from 7.35.1 to 7.37.2

Release notes

Sourced from eslint-plugin-react's releases.

v7.37.2

Fixed

[destructuring-assignment]: fix false negative when using typeof props.a (#3835[] @golopot)

Changed

[Refactor] [destructuring-assignment]: use getParentStatelessComponent (#3835[] @golopot)

#3835: jsx-eslint/eslint-plugin-react#3835 [destructuring-assignment]: docs/rules/destructuring-assignment.md

v7.37.1

Fixed

[meta] do not npmignore d.ts files (#3836[] @ljharb)

Changed

[readme] Fix shared settings link (#3834[] @MgenGlder)

#3834: jsx-eslint/eslint-plugin-react#3834 #3836: jsx-eslint/eslint-plugin-react#3836

v7.37.0

Added

add type generation (#3830[] @voxpelli)

[no-unescaped-entities]: add suggestions (#3831[] @StyleShit)

[forbid-component-props]: add allowedForPatterns/disallowedForPatterns options (#3805[] @Efimenko)

[no-unstable-nested-components]: add propNamePattern to support custom render prop naming conventions (#3826[] @danreeves)

Changed

[readme] flat config example for react 17+ (#3824[] @GabenGar)

#3805: jsx-eslint/eslint-plugin-react#3805 #3824: jsx-eslint/eslint-plugin-react#3824 #3826: jsx-eslint/eslint-plugin-react#3826 #3830: jsx-eslint/eslint-plugin-react#3830 #3831: jsx-eslint/eslint-plugin-react#3831 [forbid-component-props]: docs/rules/forbid-component-props.md [no-unescaped-entities]: docs/rules/no-unescaped-entities.md [no-unstable-nested-components]: docs/rules/no-unstable-nested-components.md

v7.36.1

Fixed

no-is-mounted: fix logic in method name check (#3821[] @Mathias-S)

jsx-no-literals: Avoid crashing on valueless boolean props (#3823[] @reosarevok)

#3823: jsx-eslint/eslint-plugin-react#3823 #3821: jsx-eslint/eslint-plugin-react#3821

... (truncated)

Changelog

Sourced from eslint-plugin-react's changelog.

7.37.2 - 2024.10.22

Fixed

[destructuring-assignment]: fix false negative when using typeof props.a (#3835[] @golopot)

Changed

[Refactor] [destructuring-assignment]: use getParentStatelessComponent (#3835[] @golopot)

#3835: jsx-eslint/eslint-plugin-react#3835

7.37.1 - 2024.10.01

Fixed

[meta] do not npmignore d.ts files (#3836[] @ljharb)

Changed

[readme] Fix shared settings link (#3834[] @MgenGlder)

#3836: jsx-eslint/eslint-plugin-react#3836 #3834: jsx-eslint/eslint-plugin-react#3834

7.37.0 - 2024.09.26

Added

add type generation (#3830[] @voxpelli)

[no-unescaped-entities]: add suggestions (#3831[] @StyleShit)

[forbid-component-props]: add allowedForPatterns/disallowedForPatterns options (#3805[] @Efimenko)

[no-unstable-nested-components]: add propNamePattern to support custom render prop naming conventions (#3826[] @danreeves)

Changed

[readme] flat config example for react 17+ (#3824[] @GabenGar)

#3831: jsx-eslint/eslint-plugin-react#3831 #3830: jsx-eslint/eslint-plugin-react#3830 #3826: jsx-eslint/eslint-plugin-react#3826 #3824: jsx-eslint/eslint-plugin-react#3824 #3805: jsx-eslint/eslint-plugin-react#3805

7.36.1 - 2024.09.12

Fixed

[no-is-mounted]: fix logic in method name check (#3821[] @Mathias-S)

[jsx-no-literals]: Avoid crashing on valueless boolean props (#3823[] @reosarevok)

#3823: jsx-eslint/eslint-plugin-react#3823 #3821: jsx-eslint/eslint-plugin-react#3821

... (truncated)

Commits

256cf74 Update CHANGELOG and bump version
33db656 [Deps] update es-iterator-helpers
5696f99 [Dev Deps] update @babel/core, @babel/eslint-parser, `@babel/plugin-synta...
5c23573 [Dev Deps] update @babel/core, @babel/eslint-parser, @babel/plugin-syntax...
c47fa56 [types] [Fix] ensure the index types are generated
63aceff [Fix] destructuring-assignment: fix false negative when using typeof props.a
96d46d5 [Refactor] destructuring-assignment: use getParentStatelessComponent
ae6fb8d Update CHANGELOG and bump version
63e0b49 [meta] do not npmignore d.ts files
1f95a24 [readme] Fix shared settings link
Additional commits viewable in compare view

Updates husky from 9.1.5 to 9.1.7

Release notes

Sourced from husky's releases.

v9.1.7

What's Changed

fix: add husky label to deprecated warning by @smackfu in typicode/husky#1538

New Contributors

@smackfu made their first contribution in typicode/husky#1538

Full Changelog: typicode/husky@v9.1.6...v9.1.7

v9.1.6

What's Changed

Fix issue where example pre-commit file is generated incorrectly by @dexmlee in typicode/husky#1519

New Contributors

@OlegKipchatov made their first contribution in typicode/husky#1495

@Byron2016 made their first contribution in typicode/husky#1499

@dexmlee made their first contribution in typicode/husky#1519

Full Changelog: typicode/husky@v9.1.5...v9.1.6

Commits

799e84b 9.1.7
30f2049 fix: add husky label to deprecated warning (#1538)
a2d942a 9.1.6
b4465ed fix: add parens around the null coalescing operator to fix issues when npm_co...
3b3e7f1 docs(spanish): improve spanish translation (#1504)
dcf3aed dosc: repair support Spanish sponsors links (#1500)
c3afd5f docs: support Spanish documentation (#1499)
c5f4f48 docs: support Russian documentation (#1495)
See full diff in compare view

Updates prettier from 3.3.3 to 3.4.2

Release notes

Sourced from prettier's releases.

3.4.2

🔗 Changelog

3.4.1

🔗 Changelog

3.4.0

diff

🔗 Release note

Changelog

Sourced from prettier's changelog.

3.4.2

diff

Treat U+30A0 & U+30FB in Katakana Block as CJK (#16796 by @tats-u)

Prettier doesn't treat U+30A0 & U+30FB as Japanese. U+30FB is commonly used in Japanese to represent the delimitation of first and last names of non-Japanese people or “and”. The following “C言語・C++・Go・Rust” means “C language & C++ & Go & Rust” in Japanese.

C言
語
・
C++
・
Go
・
Rust

C言語・ C++ ・ Go ・ Rust

C言語・C++・Go・Rust
U+30A0 can be used as the replacement of the - in non-Japanese names (e.g. “Saint-Saëns” (Charles Camille Saint-Saëns) can be represented as “サン゠サーンス” in Japanese), but substituted by ASCII hyphen (U+002D) or U+FF1D (full width hyphen) in many cases (e.g. “サン=サーンス” or “サン＝サーンス”).

Fix comments print on class methods with decorators (#16891 by @fisker)
// Input
class A {
  @decorator
  /** 
   * The method description
   *
  */
  async method(foo: Foo, bar: Bar) {
    console.log(foo);
  }
}
// Prettier 3.4.1
class A {
@decorator
async /**
</tr></table>

... (truncated)

Commits

cca9461 Release 3.4.2
572bebe Fix comments on class methods with decorators (#16891)
359c4f0 chore(deps): update dependency @angular/compiler to v19.0.1 (#16903)
6470996 chore(deps): update dependency @glimmer/syntax to v0.93.1 (#16904)
e13614f Correct fit() for fill() (#16899)
10db357 Remove check on TSImportType.isTypeOf (#16892)
ac46a4f Treat U+30A0 & U+30FB in Katakana Block as CJK (#16796)
d52e905 Add test for #16207 (#16890)
a1e354d Clean changelog_unreleased
99875da Bump Prettier dependency to 3.4.1
Additional commits viewable in compare view

Updates typescript from 5.5.4 to 5.7.2

Release notes

Sourced from typescript's releases.

TypeScript 5.7

For release notes, check out the release announcement.

fixed issues query for Typescript 5.7.0 (Beta).

fixed issues query for Typescript 5.7.1 (RC).

fixed issues query for Typescript 5.7.2 (Stable).

Downloads are available on:

npm

TypeScript 5.7 RC

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

fixed issues query for Typescript 5.7.0 (Beta).

fixed issues query for Typescript 5.7.1 (RC).

Downloads are available on:

npm

TypeScript 5.7 Beta

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

fixed issues query for Typescript 5.7.0 (Beta).

Downloads are available on:

npm

TypeScript 5.6.3

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

fixed issues query for Typescript 5.6.0 (Beta).

fixed issues query for Typescript 5.6.1 (RC).

fixed issues query for Typescript 5.6.2 (Stable).

fixed issues query for Typescript 5.6.3 (Stable).

Downloads are available on:

npm

NuGet package

... (truncated)

Commits

d701d90 Bump version to 5.7.2 and LKG
0503a63 🤖 Pick PR #60450 (Move to file: fix detection of refe...) into release-5.7 (#...
3140dbb 🤖 Pick PR #60488 (Stub out copilotRelated command) into release-5.7 (#60495)
c1216de Update LKG
3ee2b95 🤖 Pick PR #60415 (Fix false positive rewriteRelativeI...) into release-5.7 (#...
44bd3f2 Bump version to 5.7.1-rc and LKG
5925c81 Update LKG
84d58cf Merge remote-tracking branch 'origin/main' into release-5.7
0ec4d30 Fixing exception on unsaved file (#60362)
11b2930 Add compatible overloads that accept ArrayBuffer to BigInt64Array/BigUint64Ar...
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

stacklok-cloud · 2024-12-16T19:37:37Z

Minder Vulnerability Report ✅

Minder analyzed this PR and found it does not add any new vulnerable dependencies.

Vulnerability scan of 5f0bbe06:

🐞 vulnerable packages: 0

🛠 fixes available for: 0

stacklok-cloud · 2024-12-16T19:37:55Z

Dependency Information

Minder analyzed the dependencies introduced in this pull request and detected that some dependencies do not meet your security profile.

📦 Dependency: @docusaurus/module-type-aliases

Trusty Score: 0

Scoring details

Component	Score
Package activity	9.1
Repository activity	9.3
User activity	8.9
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	1792
Number of git tags or releases	175
Versions matched to tags or releases	72

📦 Dependency: @docusaurus/types

Trusty Score: 0

Scoring details

Component	Score
Package activity	9.1
Repository activity	9.3
User activity	8.9
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	1820
Number of git tags or releases	175
Versions matched to tags or releases	92

Alternatives

Package	Score	Description
@docusaurus/core	0

📦 Dependency: @types/prismjs

Trusty Score: 0

Scoring details

Component	Score
Package activity	9.5
Repository activity	10
User activity	8.9
Provenance	unknown

📦 Dependency: @typescript-eslint/eslint-plugin

Trusty Score: 0

Alternatives

Package	Score	Description
@typescript-eslint/parser	0
@typescript-eslint/eslint-plugin-tslint	0

📦 Dependency: @typescript-eslint/parser

Trusty Score: 0

Alternatives

Package	Score	Description
@babel/eslint-parser	0

📦 Dependency: @typescript-eslint/scope-manager

Trusty Score: 0

Scoring details

Component	Score
Package activity	8.4
Repository activity	8.2
User activity	8.7
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	3205
Number of git tags or releases	169
Versions matched to tags or releases	159

Alternatives

Package	Score	Description
eslint-plugin-react	0
typescript	0

📦 Dependency: @typescript-eslint/type-utils

Trusty Score: 0

Alternatives

Package	Score	Description
@typescript-eslint/typescript-estree	0

📦 Dependency: @typescript-eslint/types

Trusty Score: 0

📦 Dependency: @typescript-eslint/typescript-estree

Trusty Score: 0

Scoring details

Component	Score
Package activity	8.4
Repository activity	8.2
User activity	8.7
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	3975
Number of git tags or releases	169
Versions matched to tags or releases	160

Alternatives

Package	Score	Description
@babel/parser	0

📦 Dependency: @typescript-eslint/utils

Trusty Score: 0

📦 Dependency: @typescript-eslint/visitor-keys

Trusty Score: 0

Scoring details

Component	Score
Package activity	8.4
Repository activity	8.2
User activity	8.7
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	3241
Number of git tags or releases	169
Versions matched to tags or releases	158

Alternatives

Package	Score	Description
@babel/eslint-parser	0
typescript-eslint	0
eslint-plugin-import	0
eslint	0
eslint-config-airbnb	0

📦 Dependency: arraybuffer.prototype.slice

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.2
Repository activity	0.8
User activity	7.5
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	5
Number of git tags or releases	5
Versions matched to tags or releases	5

Alternatives

Package	Score	Description
@babel/preset-env	0
array-slice	0

📦 Dependency: call-bind

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.6
Repository activity	1.9
User activity	7.3
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	9
Number of git tags or releases	9
Versions matched to tags or releases	9

Alternatives

Package	Score	Description
axios	0
superagent	0
node-fetch	0
got	0

📦 Dependency: call-bind-apply-helpers

Trusty Score: 0

Scoring details

Component	Score
Package activity	4
Repository activity	0.6
User activity	7.3
Provenance	unknown

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	2
Number of git tags or releases	2
Versions matched to tags or releases	2

Alternatives

Package	Score	Description
function-bind	0

📦 Dependency: call-bound

Trusty Score: 0

📦 Dependency: dependencies

Trusty Score: 0

Alternatives

Package	Score	Description
depcheck	0
auto-install	0

📦 Dependency: dunder-proto

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.2
Repository activity	0.8
User activity	7.5
Provenance	unknown

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	1
Number of git tags or releases	1
Versions matched to tags or releases	1

Alternatives

Package	Score	Description
set-prototype-of	0

📦 Dependency: es-abstract

Trusty Score: 0

Alternatives

Package	Score	Description
es5-shim	0
es6-shim	0
es6-iterator	0

📦 Dependency: es-define-property

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.2
Repository activity	1
User activity	7.3
Provenance	unknown

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	2
Number of git tags or releases	2
Versions matched to tags or releases	2

📦 Dependency: es-iterator-helpers

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.7
Repository activity	1.8
User activity	7.6
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	22
Number of git tags or releases	22
Versions matched to tags or releases	22

Alternatives

Package	Score	Description
lodash	0
ramda	0
underscore	0
lazy.js	0

📦 Dependency: es-to-primitive

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.9
Repository activity	2.1
User activity	7.6
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	7
Number of git tags or releases	7
Versions matched to tags or releases	7

📦 Dependency: eslint-plugin-react

Trusty Score: 0

Scoring details

Component	Score
Package activity	8.2
Repository activity	7.9
User activity	8.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	213
Number of git tags or releases	113
Versions matched to tags or releases	66

Alternatives

Package	Score	Description
eslint-plugin-react-hooks	0
eslint-config-airbnb	0
eslint-plugin-react-native	0

📦 Dependency: eslint-visitor-keys

Trusty Score: 0

Scoring details

Component	Score
Package activity	7.2
Repository activity	5.4
User activity	9
Provenance	verified_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	18
Number of git tags or releases	108
Versions matched to tags or releases	2

This package has been digitally signed using sigtore.


Source repository	https://github.com/eslint/js
Cerificate Issuer	CN=sigstore-intermediate,O=sigstore.dev
GitHub action workflow	.github/workflows/release-please.yml
Rekor (public ledger) entry	https://search.sigstore.dev/?logIndex=144865437

Alternatives

Package	Score	Description
eslint-plugin-import	0
eslint-plugin-react	0

📦 Dependency: function.prototype.name

Trusty Score: 0

Alternatives

Package	Score	Description
function-name	0

📦 Dependency: get-intrinsic

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.8
Repository activity	2
User activity	7.6
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	14
Number of git tags or releases	14
Versions matched to tags or releases	14

Alternatives

Package	Score	Description
lodash	0
underscore	0
ramda	0
lazy	0

📦 Dependency: has-proto

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.5
Repository activity	1.5
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	6
Number of git tags or releases	6
Versions matched to tags or releases	6

Alternatives

Package	Score	Description
protobufjs	0
google-protobuf	0

📦 Dependency: has-symbols

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.6
Repository activity	1.7
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	5
Number of git tags or releases	5
Versions matched to tags or releases	5

Alternatives

Package	Score	Description
has-unicode	0

📦 Dependency: husky

Trusty Score: 0

Scoring details

Component	Score
Package activity	8.3
Repository activity	7.3
User activity	9.3
Provenance	verified_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	228
Number of git tags or releases	120
Versions matched to tags or releases	114

This package has been digitally signed using sigtore.


Source repository	https://github.com/typicode/husky
Cerificate Issuer	CN=sigstore-intermediate,O=sigstore.dev
GitHub action workflow	.github/workflows/npm_publish.yml
Rekor (public ledger) entry	https://search.sigstore.dev/?logIndex=149537746

Alternatives

Package	Score	Description
lint-staged	0
pre-commit	0
git-hooks	0

📦 Dependency: internal-slot

Trusty Score: 0

📦 Dependency: is-array-buffer

Trusty Score: 0

Alternatives

Package	Score	Description
is-typedarray	0

📦 Dependency: is-bigint

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.6
Repository activity	1.7
User activity	7.5
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	6
Number of git tags or releases	6
Versions matched to tags or releases	6

Alternatives

Package	Score	Description
bn.js	0
big-integer	0

📦 Dependency: is-boolean-object

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.5
Repository activity	1.6
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	7
Number of git tags or releases	7
Versions matched to tags or releases	7

Alternatives

Package	Score	Description
validate-npm-package-name	0
is-obj	0
registry-auth-token	0
npm-registry	0
is-date-object	0
is-number-object	0

📦 Dependency: is-data-view

Trusty Score: 0

Alternatives

Package	Score	Description
ag-grid-react	0
react-data-grid	0

📦 Dependency: is-date-object

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.6
Repository activity	1.8
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	7
Number of git tags or releases	7
Versions matched to tags or releases	7

Alternatives

Package	Score	Description
isobject	0
is-object	0
is-thirteen	0

📦 Dependency: is-finalizationregistry

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.3
Repository activity	1.3
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	4
Number of git tags or releases	4
Versions matched to tags or releases	4

📦 Dependency: is-number-object

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.5
Repository activity	1.7
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	10
Number of git tags or releases	10
Versions matched to tags or releases	10

Alternatives

Package	Score	Description
is-plain-object	0
is-number	0
isobject	0
is-date-object	0
is-boolean-object	0

📦 Dependency: is-regex

Trusty Score: 0

Scoring details

Component	Score
Package activity	5.2
Repository activity	2.3
User activity	8
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	14
Number of git tags or releases	14
Versions matched to tags or releases	14

Alternatives

Package	Score	Description
xregexp	0
regexp	0

📦 Dependency: is-string

Trusty Score: 0

Alternatives

Package	Score	Description
lodash	0
underscore	0

📦 Dependency: is-symbol

Trusty Score: 0

📦 Dependency: is-weakref

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.4
Repository activity	1.4
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	4
Number of git tags or releases	4
Versions matched to tags or releases	4

📦 Dependency: iterator.prototype

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.2
Repository activity	0.9
User activity	7.5
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	7
Number of git tags or releases	7
Versions matched to tags or releases	7

Alternatives

Package	Score	Description
iterall	0
itertools	0
iterare	0

📦 Dependency: math-intrinsics

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.1
Repository activity	0.8
User activity	7.5
Provenance	unknown

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	1
Number of git tags or releases	1
Versions matched to tags or releases	1

Alternatives

Package	Score	Description
mathjs	0
big.js	0
numeric	0

📦 Dependency: object-inspect

Trusty Score: 0

Scoring details

Component	Score
Package activity	6
Repository activity	3.4
User activity	8.7
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	38
Number of git tags or releases	37
Versions matched to tags or releases	25

Alternatives

Package	Score	Description
inspectpack	0

📦 Dependency: prettier

Trusty Score: 0

Scoring details

Component	Score
Package activity	9.1
Repository activity	9.4
User activity	8.8
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	168
Number of git tags or releases	124
Versions matched to tags or releases	101

Alternatives

Package	Score	Description
eslint-plugin-prettier	0

📦 Dependency: reflect.getprototypeof

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.4
Repository activity	1.4
User activity	7.5
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	9
Number of git tags or releases	9
Versions matched to tags or releases	9

Alternatives

Package	Score	Description
core-js	0
es5-shim	0

📦 Dependency: regexp.prototype.flags

Trusty Score: 0

Scoring details

Component	Score
Package activity	5.2
Repository activity	2.1
User activity	8.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	16
Number of git tags or releases	15
Versions matched to tags or releases	15

📦 Dependency: safe-array-concat

Trusty Score: 0

📦 Dependency: safe-regex-test

Trusty Score: 0

Alternatives

Package	Score	Description
regexpp	0
safe-regex	0

📦 Dependency: side-channel

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.9
Repository activity	1.9
User activity	7.9
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	8
Number of git tags or releases	8
Versions matched to tags or releases	8

📦 Dependency: side-channel-list

Trusty Score: 0

Scoring details

Component	Score
Package activity	4
Repository activity	0.6
User activity	7.3
Provenance	unknown

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	1
Number of git tags or releases	1
Versions matched to tags or releases	1

📦 Dependency: side-channel-map

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.3
Repository activity	0.6
User activity	8.1
Provenance	unknown

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	2
Number of git tags or releases	1
Versions matched to tags or releases	1

📦 Dependency: side-channel-weakmap

Trusty Score: 0

📦 Dependency: string.prototype.trim

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.9
Repository activity	1.9
User activity	7.9
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	15
Number of git tags or releases	15
Versions matched to tags or releases	15

Alternatives

Package	Score	Description
es6-shim	0

📦 Dependency: string.prototype.trimend

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.7
Repository activity	1.8
User activity	7.7
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	12
Number of git tags or releases	12
Versions matched to tags or releases	12

📦 Dependency: typed-array-byte-offset

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.2
Repository activity	0.9
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	4
Number of git tags or releases	4
Versions matched to tags or releases	4

Alternatives

Package	Score	Description
typedarray-pool	0
arraybuffer.slice	0

📦 Dependency: typed-array-length

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.5
Repository activity	1.5
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	8
Number of git tags or releases	8
Versions matched to tags or releases	8

📦 Dependency: typescript

Trusty Score: 0

Scoring details

Component	Score
Package activity	9.9
Repository activity	10
User activity	9.9
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	3260
Number of git tags or releases	234
Versions matched to tags or releases	73

Alternatives

Package	Score	Description
ts-node	0
tslib	0
ts-loader	0
tsc	0

📦 Dependency: which-boxed-primitive

Trusty Score: 0

Alternatives

Package	Score	Description
boxen	0
boxen-cli	0

📦 Dependency: which-builtin-type

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.8
Repository activity	1.4
User activity	8.1
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	9
Number of git tags or releases	8
Versions matched to tags or releases	8

Alternatives

Package	Score	Description
string	0
array	0

📦 Dependency: which-typed-array

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.7
Repository activity	1.8
User activity	7.6
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	19
Number of git tags or releases	19
Versions matched to tags or releases	19

Alternatives

Package	Score	Description
bytewise	0
typedarray	0

…ith 8 updates Bumps the dev-dependencies group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@docusaurus/module-type-aliases](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-module-type-aliases) | `3.5.2` | `3.6.3` | | [@types/prismjs](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/prismjs) | `1.26.4` | `1.26.5` | | [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.4.0` | `8.18.1` | | [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.4.0` | `8.18.1` | | [eslint-plugin-react](https://github.com/jsx-eslint/eslint-plugin-react) | `7.35.1` | `7.37.2` | | [husky](https://github.com/typicode/husky) | `9.1.5` | `9.1.7` | | [prettier](https://github.com/prettier/prettier) | `3.3.3` | `3.4.2` | | [typescript](https://github.com/microsoft/TypeScript) | `5.5.4` | `5.7.2` | Updates `@docusaurus/module-type-aliases` from 3.5.2 to 3.6.3 - [Release notes](https://github.com/facebook/docusaurus/releases) - [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/docusaurus/commits/v3.6.3/packages/docusaurus-module-type-aliases) Updates `@types/prismjs` from 1.26.4 to 1.26.5 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/prismjs) Updates `@typescript-eslint/eslint-plugin` from 8.4.0 to 8.18.1 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.18.1/packages/eslint-plugin) Updates `@typescript-eslint/parser` from 8.4.0 to 8.18.1 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.18.1/packages/parser) Updates `eslint-plugin-react` from 7.35.1 to 7.37.2 - [Release notes](https://github.com/jsx-eslint/eslint-plugin-react/releases) - [Changelog](https://github.com/jsx-eslint/eslint-plugin-react/blob/master/CHANGELOG.md) - [Commits](jsx-eslint/eslint-plugin-react@v7.35.1...v7.37.2) Updates `husky` from 9.1.5 to 9.1.7 - [Release notes](https://github.com/typicode/husky/releases) - [Commits](typicode/husky@v9.1.5...v9.1.7) Updates `prettier` from 3.3.3 to 3.4.2 - [Release notes](https://github.com/prettier/prettier/releases) - [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md) - [Commits](prettier/prettier@3.3.3...3.4.2) Updates `typescript` from 5.5.4 to 5.7.2 - [Release notes](https://github.com/microsoft/TypeScript/releases) - [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml) - [Commits](microsoft/TypeScript@v5.5.4...v5.7.2) --- updated-dependencies: - dependency-name: "@docusaurus/module-type-aliases" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: "@types/prismjs" dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: "@typescript-eslint/eslint-plugin" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: "@typescript-eslint/parser" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: eslint-plugin-react dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: husky dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: prettier dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: typescript dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

stacklok-cloud · 2024-12-16T19:46:25Z

Dependency Information

Minder analyzed the dependencies introduced in this pull request and detected that some dependencies do not meet your security profile.

📦 Dependency: @docusaurus/module-type-aliases

Trusty Score: 0

Scoring details

Component	Score
Package activity	9.1
Repository activity	9.3
User activity	8.9
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	1792
Number of git tags or releases	175
Versions matched to tags or releases	72

📦 Dependency: @docusaurus/types

Trusty Score: 0

Scoring details

Component	Score
Package activity	9.1
Repository activity	9.3
User activity	8.9
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	1820
Number of git tags or releases	175
Versions matched to tags or releases	92

Alternatives

Package	Score	Description
@docusaurus/core	0

📦 Dependency: @types/prismjs

Trusty Score: 0

Scoring details

Component	Score
Package activity	9.4
Repository activity	10
User activity	8.9
Provenance	unknown

📦 Dependency: @typescript-eslint/eslint-plugin

Trusty Score: 0

Scoring details

Component	Score
Package activity	8.4
Repository activity	8.2
User activity	8.7
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	3883
Number of git tags or releases	169
Versions matched to tags or releases	159

Alternatives

Package	Score	Description
@typescript-eslint/parser	0
@typescript-eslint/eslint-plugin-tslint	0

📦 Dependency: @typescript-eslint/parser

Trusty Score: 0

Scoring details

Component	Score
Package activity	8.4
Repository activity	8.2
User activity	8.7
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	3969
Number of git tags or releases	169
Versions matched to tags or releases	159

Alternatives

Package	Score	Description
@babel/eslint-parser	0

📦 Dependency: @typescript-eslint/scope-manager

Trusty Score: 0

Scoring details

Component	Score
Package activity	8.4
Repository activity	8.2
User activity	8.7
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	3205
Number of git tags or releases	169
Versions matched to tags or releases	159

Alternatives

Package	Score	Description
eslint-plugin-react	0
typescript	0
@typescript-eslint/parser	0
@typescript-eslint/eslint-plugin	0

📦 Dependency: @typescript-eslint/type-utils

Trusty Score: 0

Alternatives

Package	Score	Description
@typescript-eslint/typescript-estree	0

📦 Dependency: @typescript-eslint/types

Trusty Score: 0

Scoring details

Component	Score
Package activity	8.4
Repository activity	8.2
User activity	8.7
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	3243
Number of git tags or releases	169
Versions matched to tags or releases	160

Alternatives

Package	Score	Description
@typescript-eslint/parser	0

📦 Dependency: @typescript-eslint/typescript-estree

Trusty Score: 0

Scoring details

Component	Score
Package activity	8.4
Repository activity	8.2
User activity	8.7
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	3975
Number of git tags or releases	169
Versions matched to tags or releases	160

Alternatives

Package	Score	Description
@typescript-eslint/parser	0
@babel/parser	0
@typescript-eslint/eslint-plugin	0

📦 Dependency: @typescript-eslint/utils

Trusty Score: 0

Scoring details

Component	Score
Package activity	8.4
Repository activity	8.2
User activity	8.7
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	2260
Number of git tags or releases	169
Versions matched to tags or releases	159

Alternatives

Package	Score	Description
@typescript-eslint/parser	0
@typescript-eslint/eslint-plugin	0

📦 Dependency: @typescript-eslint/visitor-keys

Trusty Score: 0

Scoring details

Component	Score
Package activity	8.4
Repository activity	8.2
User activity	8.7
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	3241
Number of git tags or releases	169
Versions matched to tags or releases	158

Alternatives

Package	Score	Description
@babel/eslint-parser	0
typescript-eslint	0
eslint-plugin-import	0
eslint	0
eslint-config-airbnb	0

📦 Dependency: arraybuffer.prototype.slice

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.2
Repository activity	0.8
User activity	7.5
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	5
Number of git tags or releases	5
Versions matched to tags or releases	5

Alternatives

Package	Score	Description
@babel/preset-env	0
array-slice	0

📦 Dependency: call-bind

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.6
Repository activity	1.9
User activity	7.3
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	9
Number of git tags or releases	9
Versions matched to tags or releases	9

Alternatives

Package	Score	Description
axios	0
superagent	0
node-fetch	0
got	0

📦 Dependency: call-bind-apply-helpers

Trusty Score: 0

Scoring details

Component	Score
Package activity	4
Repository activity	0.6
User activity	7.3
Provenance	unknown

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	2
Number of git tags or releases	2
Versions matched to tags or releases	2

Alternatives

Package	Score	Description
function-bind	0

📦 Dependency: call-bound

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.1
Repository activity	0.8
User activity	7.3
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	3
Number of git tags or releases	3
Versions matched to tags or releases	3

Alternatives

Package	Score	Description
get-intrinsic	0

📦 Dependency: dependencies

Trusty Score: 0

Alternatives

Package	Score	Description
depcheck	0
auto-install	0

📦 Dependency: dunder-proto

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.1
Repository activity	0.8
User activity	7.5
Provenance	unknown

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	1
Number of git tags or releases	1
Versions matched to tags or releases	1

Alternatives

Package	Score	Description
set-prototype-of	0

📦 Dependency: es-abstract

Trusty Score: 0

Scoring details

Component	Score
Package activity	5.9
Repository activity	3.4
User activity	8.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	87
Number of git tags or releases	91
Versions matched to tags or releases	86

Alternatives

Package	Score	Description
es5-shim	0
es6-shim	0
es6-iterator	0

📦 Dependency: es-define-property

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.2
Repository activity	1
User activity	7.3
Provenance	unknown

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	2
Number of git tags or releases	2
Versions matched to tags or releases	2

📦 Dependency: es-iterator-helpers

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.7
Repository activity	1.8
User activity	7.6
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	22
Number of git tags or releases	22
Versions matched to tags or releases	22

Alternatives

Package	Score	Description
lodash	0
ramda	0
underscore	0
lazy.js	0

📦 Dependency: es-to-primitive

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.9
Repository activity	2.1
User activity	7.6
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	7
Number of git tags or releases	7
Versions matched to tags or releases	7

📦 Dependency: eslint-plugin-react

Trusty Score: 0

Scoring details

Component	Score
Package activity	8.2
Repository activity	7.9
User activity	8.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	213
Number of git tags or releases	113
Versions matched to tags or releases	66

Alternatives

Package	Score	Description
eslint-plugin-react-hooks	0
eslint-config-airbnb	0
eslint-plugin-react-native	0

📦 Dependency: eslint-visitor-keys

Trusty Score: 0

Scoring details

Component	Score
Package activity	7.2
Repository activity	5.4
User activity	9
Provenance	verified_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	18
Number of git tags or releases	108
Versions matched to tags or releases	2

This package has been digitally signed using sigtore.


Source repository	https://github.com/eslint/js
Cerificate Issuer	CN=sigstore-intermediate,O=sigstore.dev
GitHub action workflow	.github/workflows/release-please.yml
Rekor (public ledger) entry	https://search.sigstore.dev/?logIndex=144865437

Alternatives

Package	Score	Description
eslint-plugin-import	0
eslint-plugin-react	0

📦 Dependency: function.prototype.name

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.8
Repository activity	1.9
User activity	7.6
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	12
Number of git tags or releases	12
Versions matched to tags or releases	12

Alternatives

Package	Score	Description
function-name	0

📦 Dependency: get-intrinsic

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.8
Repository activity	2
User activity	7.6
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	14
Number of git tags or releases	14
Versions matched to tags or releases	14

Alternatives

Package	Score	Description
lodash	0
underscore	0
ramda	0
lazy	0

📦 Dependency: has-proto

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.4
Repository activity	1.4
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	6
Number of git tags or releases	6
Versions matched to tags or releases	6

Alternatives

Package	Score	Description
protobufjs	0
google-protobuf	0

📦 Dependency: has-symbols

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.6
Repository activity	1.7
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	5
Number of git tags or releases	5
Versions matched to tags or releases	5

Alternatives

Package	Score	Description
has-unicode	0

📦 Dependency: husky

Trusty Score: 0

Scoring details

Component	Score
Package activity	8.3
Repository activity	7.3
User activity	9.3
Provenance	verified_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	228
Number of git tags or releases	120
Versions matched to tags or releases	114

This package has been digitally signed using sigtore.


Source repository	https://github.com/typicode/husky
Cerificate Issuer	CN=sigstore-intermediate,O=sigstore.dev
GitHub action workflow	.github/workflows/npm_publish.yml
Rekor (public ledger) entry	https://search.sigstore.dev/?logIndex=149537746

Alternatives

Package	Score	Description
lint-staged	0
pre-commit	0
git-hooks	0

📦 Dependency: internal-slot

Trusty Score: 0

Alternatives

Package	Score	Description
es-abstract	0

📦 Dependency: is-array-buffer

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.6
Repository activity	1.6
User activity	7.6
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	11
Number of git tags or releases	11
Versions matched to tags or releases	11

Alternatives

Package	Score	Description
is-typedarray	0

📦 Dependency: is-bigint

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.6
Repository activity	1.7
User activity	7.5
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	6
Number of git tags or releases	6
Versions matched to tags or releases	6

Alternatives

Package	Score	Description
bn.js	0
big-integer	0

📦 Dependency: is-boolean-object

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.5
Repository activity	1.6
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	7
Number of git tags or releases	7
Versions matched to tags or releases	7

Alternatives

Package	Score	Description
validate-npm-package-name	0
is-obj	0
registry-auth-token	0
npm-registry	0
is-date-object	0
is-number-object	0

📦 Dependency: is-data-view

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.1
Repository activity	0.8
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	3
Number of git tags or releases	3
Versions matched to tags or releases	3

Alternatives

Package	Score	Description
ag-grid-react	0
react-data-grid	0

📦 Dependency: is-date-object

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.6
Repository activity	1.8
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	7
Number of git tags or releases	7
Versions matched to tags or releases	7

Alternatives

Package	Score	Description
isobject	0
is-object	0
is-thirteen	0

📦 Dependency: is-finalizationregistry

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.3
Repository activity	1.3
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	4
Number of git tags or releases	4
Versions matched to tags or releases	4

📦 Dependency: is-number-object

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.5
Repository activity	1.7
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	10
Number of git tags or releases	10
Versions matched to tags or releases	10

Alternatives

Package	Score	Description
is-plain-object	0
is-number	0
isobject	0
is-date-object	0
is-boolean-object	0

📦 Dependency: is-regex

Trusty Score: 0

Scoring details

Component	Score
Package activity	5.2
Repository activity	2.3
User activity	8
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	14
Number of git tags or releases	14
Versions matched to tags or releases	14

Alternatives

Package	Score	Description
xregexp	0
regexp	0

📦 Dependency: is-string

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.7
Repository activity	1.9
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	9
Number of git tags or releases	10
Versions matched to tags or releases	9

Alternatives

Package	Score	Description
lodash	0
underscore	0

📦 Dependency: is-symbol

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.6
Repository activity	1.9
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	7
Number of git tags or releases	7
Versions matched to tags or releases	7

📦 Dependency: is-weakref

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.4
Repository activity	1.4
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	4
Number of git tags or releases	4
Versions matched to tags or releases	4

📦 Dependency: iterator.prototype

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.2
Repository activity	0.9
User activity	7.5
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	7
Number of git tags or releases	7
Versions matched to tags or releases	7

Alternatives

Package	Score	Description
iterall	0
itertools	0
iterare	0

📦 Dependency: math-intrinsics

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.2
Repository activity	0.8
User activity	7.5
Provenance	unknown

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	1
Number of git tags or releases	1
Versions matched to tags or releases	1

Alternatives

Package	Score	Description
mathjs	0
big.js	0
numeric	0

📦 Dependency: object-inspect

Trusty Score: 0

Scoring details

Component	Score
Package activity	6
Repository activity	3.4
User activity	8.7
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	38
Number of git tags or releases	37
Versions matched to tags or releases	25

Alternatives

Package	Score	Description
inspectpack	0

📦 Dependency: prettier

Trusty Score: 0

Scoring details

Component	Score
Package activity	9.1
Repository activity	9.4
User activity	8.8
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	168
Number of git tags or releases	124
Versions matched to tags or releases	101

Alternatives

Package	Score	Description
eslint-plugin-prettier	0

📦 Dependency: reflect.getprototypeof

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.4
Repository activity	1.4
User activity	7.5
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	9
Number of git tags or releases	9
Versions matched to tags or releases	9

Alternatives

Package	Score	Description
core-js	0
es5-shim	0

📦 Dependency: regexp.prototype.flags

Trusty Score: 0

Scoring details

Component	Score
Package activity	5.2
Repository activity	2.1
User activity	8.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	16
Number of git tags or releases	15
Versions matched to tags or releases	15

Alternatives

Package	Score	Description
regexpu	0

📦 Dependency: safe-array-concat

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.3
Repository activity	1.3
User activity	7.3
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	6
Number of git tags or releases	6
Versions matched to tags or releases	6

📦 Dependency: safe-regex-test

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.4
Repository activity	1.4
User activity	7.5
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	5
Number of git tags or releases	5
Versions matched to tags or releases	5

Alternatives

Package	Score	Description
regexpp	0
safe-regex	0

📦 Dependency: side-channel

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.9
Repository activity	1.9
User activity	7.9
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	8
Number of git tags or releases	8
Versions matched to tags or releases	8

📦 Dependency: side-channel-list

Trusty Score: 0

Scoring details

Component	Score
Package activity	4
Repository activity	0.6
User activity	7.3
Provenance	unknown

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	1
Number of git tags or releases	1
Versions matched to tags or releases	1

📦 Dependency: side-channel-map

Trusty Score: 0

Scoring details

Component	Score
Package activity	4
Repository activity	0.6
User activity	7.3
Provenance	unknown

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	2
Number of git tags or releases	2
Versions matched to tags or releases	2

📦 Dependency: side-channel-weakmap

Trusty Score: 0

Scoring details

Component	Score
Package activity	4
Repository activity	0.6
User activity	7.3
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	3
Number of git tags or releases	3
Versions matched to tags or releases	3

📦 Dependency: string.prototype.trim

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.9
Repository activity	1.9
User activity	7.9
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	15
Number of git tags or releases	15
Versions matched to tags or releases	15

Alternatives

Package	Score	Description
es6-shim	0

📦 Dependency: string.prototype.trimend

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.7
Repository activity	1.8
User activity	7.7
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	12
Number of git tags or releases	12
Versions matched to tags or releases	12

📦 Dependency: typed-array-byte-offset

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.2
Repository activity	0.9
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	4
Number of git tags or releases	4
Versions matched to tags or releases	4

Alternatives

Package	Score	Description
typedarray-pool	0
arraybuffer.slice	0

📦 Dependency: typed-array-length

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.5
Repository activity	1.5
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	8
Number of git tags or releases	8
Versions matched to tags or releases	8

📦 Dependency: typescript

Trusty Score: 0

Scoring details

Component	Score
Package activity	9.9
Repository activity	10
User activity	9.9
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	3260
Number of git tags or releases	234
Versions matched to tags or releases	73

Alternatives

Package	Score	Description
ts-node	0
tslib	0
ts-loader	0
tsc	0

📦 Dependency: which-boxed-primitive

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.6
Repository activity	1.6
User activity	7.5
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	5
Number of git tags or releases	5
Versions matched to tags or releases	5

Alternatives

Package	Score	Description
boxen	0
boxen-cli	0

📦 Dependency: which-builtin-type

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.4
Repository activity	1.4
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	9
Number of git tags or releases	9
Versions matched to tags or releases	9

Alternatives

Package	Score	Description
string	0
array	0

📦 Dependency: which-typed-array

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.7
Repository activity	1.8
User activity	7.6
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	19
Number of git tags or releases	19
Versions matched to tags or releases	19

Alternatives

Package	Score	Description
bytewise	0
typedarray	0

stacklok-cloud · 2024-12-17T05:58:07Z

Dependency Information

Minder analyzed the dependencies introduced in this pull request and detected that some dependencies do not meet your security profile.

📦 Dependency: @docusaurus/module-type-aliases

Trusty Score: 0

Scoring details

Component	Score
Package activity	9.1
Repository activity	9.3
User activity	8.9
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	1792
Number of git tags or releases	175
Versions matched to tags or releases	72

📦 Dependency: @docusaurus/types

Trusty Score: 0

Scoring details

Component	Score
Package activity	9.1
Repository activity	9.3
User activity	8.9
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	1820
Number of git tags or releases	175
Versions matched to tags or releases	92

Alternatives

Package	Score	Description
@docusaurus/core	0

📦 Dependency: @types/prismjs

Trusty Score: 0

Scoring details

Component	Score
Package activity	9.4
Repository activity	10
User activity	8.9
Provenance	unknown

📦 Dependency: @typescript-eslint/eslint-plugin

Trusty Score: 0

Scoring details

Component	Score
Package activity	8.4
Repository activity	8.2
User activity	8.7
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	3883
Number of git tags or releases	169
Versions matched to tags or releases	159

Alternatives

Package	Score	Description
@typescript-eslint/parser	0
@typescript-eslint/eslint-plugin-tslint	0

📦 Dependency: @typescript-eslint/parser

Trusty Score: 0

Scoring details

Component	Score
Package activity	8.4
Repository activity	8.2
User activity	8.7
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	3969
Number of git tags or releases	169
Versions matched to tags or releases	159

Alternatives

Package	Score	Description
@babel/eslint-parser	0

📦 Dependency: @typescript-eslint/scope-manager

Trusty Score: 0

Scoring details

Component	Score
Package activity	8.4
Repository activity	8.2
User activity	8.7
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	3205
Number of git tags or releases	169
Versions matched to tags or releases	159

Alternatives

Package	Score	Description
eslint-plugin-react	0
typescript	0
@typescript-eslint/parser	0
@typescript-eslint/eslint-plugin	0

📦 Dependency: @typescript-eslint/type-utils

Trusty Score: 0

Scoring details

Component	Score
Package activity	8.4
Repository activity	8.2
User activity	8.7
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	2277
Number of git tags or releases	169
Versions matched to tags or releases	159

Alternatives

Package	Score	Description
@typescript-eslint/typescript-estree	0

📦 Dependency: @typescript-eslint/types

Trusty Score: 0

Scoring details

Component	Score
Package activity	8.4
Repository activity	8.2
User activity	8.7
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	3243
Number of git tags or releases	169
Versions matched to tags or releases	160

Alternatives

Package	Score	Description
@typescript-eslint/parser	0

📦 Dependency: @typescript-eslint/typescript-estree

Trusty Score: 0

Scoring details

Component	Score
Package activity	8.4
Repository activity	8.2
User activity	8.7
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	3975
Number of git tags or releases	169
Versions matched to tags or releases	160

Alternatives

Package	Score	Description
@typescript-eslint/parser	0
@babel/parser	0
@typescript-eslint/eslint-plugin	0

📦 Dependency: @typescript-eslint/utils

Trusty Score: 0

Scoring details

Component	Score
Package activity	8.4
Repository activity	8.2
User activity	8.7
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	2260
Number of git tags or releases	169
Versions matched to tags or releases	159

Alternatives

Package	Score	Description
@typescript-eslint/parser	0
@typescript-eslint/eslint-plugin	0

📦 Dependency: @typescript-eslint/visitor-keys

Trusty Score: 0

Scoring details

Component	Score
Package activity	8.4
Repository activity	8.2
User activity	8.7
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	3241
Number of git tags or releases	169
Versions matched to tags or releases	158

Alternatives

Package	Score	Description
@babel/eslint-parser	0
typescript-eslint	0
eslint-plugin-import	0
eslint	0
eslint-config-airbnb	0

📦 Dependency: arraybuffer.prototype.slice

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.2
Repository activity	0.8
User activity	7.5
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	5
Number of git tags or releases	5
Versions matched to tags or releases	5

Alternatives

Package	Score	Description
@babel/preset-env	0
array-slice	0

📦 Dependency: call-bind

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.6
Repository activity	1.9
User activity	7.3
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	9
Number of git tags or releases	9
Versions matched to tags or releases	9

Alternatives

Package	Score	Description
axios	0
superagent	0
node-fetch	0
got	0

📦 Dependency: call-bind-apply-helpers

Trusty Score: 0

Scoring details

Component	Score
Package activity	4
Repository activity	0.6
User activity	7.3
Provenance	unknown

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	2
Number of git tags or releases	2
Versions matched to tags or releases	2

Alternatives

Package	Score	Description
function-bind	0

📦 Dependency: call-bound

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.1
Repository activity	0.8
User activity	7.3
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	3
Number of git tags or releases	3
Versions matched to tags or releases	3

Alternatives

Package	Score	Description
get-intrinsic	0

📦 Dependency: dependencies

Trusty Score: 0

Alternatives

Package	Score	Description
depcheck	0
auto-install	0

📦 Dependency: dunder-proto

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.1
Repository activity	0.8
User activity	7.5
Provenance	unknown

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	1
Number of git tags or releases	1
Versions matched to tags or releases	1

Alternatives

Package	Score	Description
set-prototype-of	0

📦 Dependency: es-abstract

Trusty Score: 0

Scoring details

Component	Score
Package activity	5.9
Repository activity	3.4
User activity	8.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	87
Number of git tags or releases	91
Versions matched to tags or releases	86

Alternatives

Package	Score	Description
es5-shim	0
es6-shim	0
es6-iterator	0

📦 Dependency: es-define-property

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.2
Repository activity	1
User activity	7.3
Provenance	unknown

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	2
Number of git tags or releases	2
Versions matched to tags or releases	2

📦 Dependency: es-iterator-helpers

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.7
Repository activity	1.8
User activity	7.6
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	22
Number of git tags or releases	22
Versions matched to tags or releases	22

Alternatives

Package	Score	Description
lodash	0
ramda	0
underscore	0
lazy.js	0

📦 Dependency: es-to-primitive

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.9
Repository activity	2.1
User activity	7.6
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	7
Number of git tags or releases	7
Versions matched to tags or releases	7

📦 Dependency: eslint-plugin-react

Trusty Score: 0

Scoring details

Component	Score
Package activity	8.2
Repository activity	7.9
User activity	8.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	213
Number of git tags or releases	113
Versions matched to tags or releases	66

Alternatives

Package	Score	Description
eslint-plugin-react-hooks	0
eslint-config-airbnb	0
eslint-plugin-react-native	0

📦 Dependency: eslint-visitor-keys

Trusty Score: 0

Scoring details

Component	Score
Package activity	7.2
Repository activity	5.4
User activity	9
Provenance	verified_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	18
Number of git tags or releases	108
Versions matched to tags or releases	2

This package has been digitally signed using sigtore.


Source repository	https://github.com/eslint/js
Cerificate Issuer	CN=sigstore-intermediate,O=sigstore.dev
GitHub action workflow	.github/workflows/release-please.yml
Rekor (public ledger) entry	https://search.sigstore.dev/?logIndex=144865437

Alternatives

Package	Score	Description
eslint-plugin-import	0
eslint-plugin-react	0

📦 Dependency: function.prototype.name

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.8
Repository activity	1.9
User activity	7.6
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	12
Number of git tags or releases	12
Versions matched to tags or releases	12

Alternatives

Package	Score	Description
function-name	0

📦 Dependency: get-intrinsic

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.8
Repository activity	2
User activity	7.6
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	14
Number of git tags or releases	14
Versions matched to tags or releases	14

Alternatives

Package	Score	Description
lodash	0
underscore	0
ramda	0
lazy	0

📦 Dependency: has-proto

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.4
Repository activity	1.4
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	6
Number of git tags or releases	6
Versions matched to tags or releases	6

Alternatives

Package	Score	Description
protobufjs	0
google-protobuf	0

📦 Dependency: has-symbols

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.6
Repository activity	1.7
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	5
Number of git tags or releases	5
Versions matched to tags or releases	5

Alternatives

Package	Score	Description
has-unicode	0

📦 Dependency: husky

Trusty Score: 0

Scoring details

Component	Score
Package activity	8.3
Repository activity	7.3
User activity	9.3
Provenance	verified_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	228
Number of git tags or releases	120
Versions matched to tags or releases	114

This package has been digitally signed using sigtore.


Source repository	https://github.com/typicode/husky
Cerificate Issuer	CN=sigstore-intermediate,O=sigstore.dev
GitHub action workflow	.github/workflows/npm_publish.yml
Rekor (public ledger) entry	https://search.sigstore.dev/?logIndex=149537746

Alternatives

Package	Score	Description
lint-staged	0
pre-commit	0
git-hooks	0

📦 Dependency: internal-slot

Trusty Score: 0

Alternatives

Package	Score	Description
es-abstract	0

📦 Dependency: is-array-buffer

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.6
Repository activity	1.6
User activity	7.6
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	11
Number of git tags or releases	11
Versions matched to tags or releases	11

Alternatives

Package	Score	Description
is-typedarray	0

📦 Dependency: is-bigint

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.6
Repository activity	1.7
User activity	7.5
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	6
Number of git tags or releases	6
Versions matched to tags or releases	6

Alternatives

Package	Score	Description
bn.js	0
big-integer	0

📦 Dependency: is-boolean-object

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.5
Repository activity	1.6
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	7
Number of git tags or releases	7
Versions matched to tags or releases	7

Alternatives

Package	Score	Description
validate-npm-package-name	0
is-obj	0
registry-auth-token	0
npm-registry	0
is-date-object	0
is-number-object	0

📦 Dependency: is-data-view

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.1
Repository activity	0.8
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	3
Number of git tags or releases	3
Versions matched to tags or releases	3

Alternatives

Package	Score	Description
react-data-grid	0
ag-grid-react	0

📦 Dependency: is-date-object

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.6
Repository activity	1.8
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	7
Number of git tags or releases	7
Versions matched to tags or releases	7

Alternatives

Package	Score	Description
isobject	0
is-object	0
is-thirteen	0

📦 Dependency: is-finalizationregistry

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.3
Repository activity	1.3
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	4
Number of git tags or releases	4
Versions matched to tags or releases	4

📦 Dependency: is-number-object

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.5
Repository activity	1.7
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	10
Number of git tags or releases	10
Versions matched to tags or releases	10

Alternatives

Package	Score	Description
is-plain-object	0
is-number	0
isobject	0
is-date-object	0
is-boolean-object	0

📦 Dependency: is-regex

Trusty Score: 0

Scoring details

Component	Score
Package activity	5.2
Repository activity	2.3
User activity	8
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	14
Number of git tags or releases	14
Versions matched to tags or releases	14

Alternatives

Package	Score	Description
xregexp	0
regexp	0

📦 Dependency: is-string

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.7
Repository activity	1.9
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	9
Number of git tags or releases	10
Versions matched to tags or releases	9

Alternatives

Package	Score	Description
lodash	0
underscore	0

📦 Dependency: is-symbol

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.6
Repository activity	1.9
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	7
Number of git tags or releases	7
Versions matched to tags or releases	7

📦 Dependency: is-weakref

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.4
Repository activity	1.4
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	4
Number of git tags or releases	4
Versions matched to tags or releases	4

📦 Dependency: iterator.prototype

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.2
Repository activity	0.9
User activity	7.5
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	7
Number of git tags or releases	7
Versions matched to tags or releases	7

Alternatives

Package	Score	Description
iterall	0
itertools	0
iterare	0

📦 Dependency: math-intrinsics

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.2
Repository activity	0.8
User activity	7.5
Provenance	unknown

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	1
Number of git tags or releases	1
Versions matched to tags or releases	1

Alternatives

Package	Score	Description
mathjs	0
big.js	0
numeric	0

📦 Dependency: object-inspect

Trusty Score: 0

Scoring details

Component	Score
Package activity	6
Repository activity	3.4
User activity	8.7
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	38
Number of git tags or releases	37
Versions matched to tags or releases	25

Alternatives

Package	Score	Description
inspectpack	0

📦 Dependency: prettier

Trusty Score: 0

Scoring details

Component	Score
Package activity	9.1
Repository activity	9.4
User activity	8.8
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	168
Number of git tags or releases	124
Versions matched to tags or releases	101

Alternatives

Package	Score	Description
eslint-plugin-prettier	0

📦 Dependency: reflect.getprototypeof

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.4
Repository activity	1.4
User activity	7.5
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	9
Number of git tags or releases	9
Versions matched to tags or releases	9

Alternatives

Package	Score	Description
core-js	0
es5-shim	0

📦 Dependency: regexp.prototype.flags

Trusty Score: 0

Scoring details

Component	Score
Package activity	5.2
Repository activity	2.1
User activity	8.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	16
Number of git tags or releases	15
Versions matched to tags or releases	15

Alternatives

Package	Score	Description
regexpu	0

📦 Dependency: safe-array-concat

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.3
Repository activity	1.3
User activity	7.3
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	6
Number of git tags or releases	6
Versions matched to tags or releases	6

📦 Dependency: safe-regex-test

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.4
Repository activity	1.4
User activity	7.5
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	5
Number of git tags or releases	5
Versions matched to tags or releases	5

Alternatives

Package	Score	Description
regexpp	0
safe-regex	0

📦 Dependency: side-channel

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.9
Repository activity	1.9
User activity	7.9
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	8
Number of git tags or releases	8
Versions matched to tags or releases	8

📦 Dependency: side-channel-list

Trusty Score: 0

Scoring details

Component	Score
Package activity	4
Repository activity	0.6
User activity	7.3
Provenance	unknown

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	1
Number of git tags or releases	1
Versions matched to tags or releases	1

📦 Dependency: side-channel-map

Trusty Score: 0

Scoring details

Component	Score
Package activity	4
Repository activity	0.6
User activity	7.3
Provenance	unknown

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	2
Number of git tags or releases	2
Versions matched to tags or releases	2

📦 Dependency: side-channel-weakmap

Trusty Score: 0

Scoring details

Component	Score
Package activity	4
Repository activity	0.6
User activity	7.3
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	3
Number of git tags or releases	3
Versions matched to tags or releases	3

📦 Dependency: string.prototype.trim

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.9
Repository activity	1.9
User activity	7.9
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	15
Number of git tags or releases	15
Versions matched to tags or releases	15

Alternatives

Package	Score	Description
es6-shim	0

📦 Dependency: string.prototype.trimend

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.7
Repository activity	1.8
User activity	7.7
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	12
Number of git tags or releases	12
Versions matched to tags or releases	12

📦 Dependency: typed-array-byte-offset

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.2
Repository activity	0.9
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	4
Number of git tags or releases	4
Versions matched to tags or releases	4

Alternatives

Package	Score	Description
typedarray-pool	0
arraybuffer.slice	0

📦 Dependency: typed-array-length

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.5
Repository activity	1.5
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	8
Number of git tags or releases	8
Versions matched to tags or releases	8

📦 Dependency: typescript

Trusty Score: 0

Scoring details

Component	Score
Package activity	9.9
Repository activity	10
User activity	9.9
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	3260
Number of git tags or releases	234
Versions matched to tags or releases	73

Alternatives

Package	Score	Description
ts-node	0
tslib	0
ts-loader	0
tsc	0

📦 Dependency: which-boxed-primitive

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.6
Repository activity	1.6
User activity	7.5
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	5
Number of git tags or releases	5
Versions matched to tags or releases	5

Alternatives

Package	Score	Description
boxen	0
boxen-cli	0

📦 Dependency: which-builtin-type

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.4
Repository activity	1.4
User activity	7.4
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	9
Number of git tags or releases	9
Versions matched to tags or releases	9

Alternatives

Package	Score	Description
string	0
array	0

📦 Dependency: which-typed-array

Trusty Score: 0

Scoring details

Component	Score
Package activity	4.7
Repository activity	1.8
User activity	7.6
Provenance	historical_provenance_match

Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.


Published package versions	19
Number of git tags or releases	19
Versions matched to tags or releases	19

Alternatives

Package	Score	Description
bytewise	0
typedarray	0

github-actions · 2024-12-17T05:59:26Z

PR Preview Action v1.4.8
🚀 Deployed preview to https://openfga.github.io/openfga.dev/pr-preview/pr-917/
on branch `gh-pages` at 2024-12-17 05:59 UTC

dependabot bot requested review from a team as code owners December 16, 2024 19:37

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Dec 16, 2024

dependabot bot mentioned this pull request Dec 16, 2024

chore(deps-dev): bump the dev-dependencies group across 1 directory with 8 updates #915

Closed

dependabot bot force-pushed the dependabot/npm_and_yarn/dev-dependencies-8708f64ee2 branch from 9bfc6b1 to 4f0bee6 Compare December 16, 2024 19:45

chore: fix types for product name

5f0bbe0

rhamzeh enabled auto-merge (squash) December 18, 2024 19:34

ttrzeng approved these changes Dec 18, 2024

View reviewed changes

rhamzeh merged commit b6ec5d0 into main Dec 18, 2024
12 checks passed

rhamzeh deleted the dependabot/npm_and_yarn/dev-dependencies-8708f64ee2 branch December 18, 2024 19:35

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps-dev): bump the dev-dependencies group across 1 directory with 8 updates #917

chore(deps-dev): bump the dev-dependencies group across 1 directory with 8 updates #917

dependabot bot commented on behalf of github Dec 16, 2024 •

edited

Loading

stacklok-cloud bot commented Dec 16, 2024 •

edited

Loading

Vulnerability scan of `5f0bbe06:`

stacklok-cloud bot commented Dec 16, 2024

stacklok-cloud bot commented Dec 16, 2024

stacklok-cloud bot commented Dec 17, 2024

github-actions bot commented Dec 17, 2024

chore(deps-dev): bump the dev-dependencies group across 1 directory with 8 updates #917

chore(deps-dev): bump the dev-dependencies group across 1 directory with 8 updates #917

Conversation

dependabot bot commented on behalf of github Dec 16, 2024 • edited Loading

3.6.3 (2024-11-22)

🐛 Bug Fix

3.6.2 (2024-11-19)

🐛 Bug Fix

🔧 Maintenance

Committers: 5

3.6.1 (2024-11-08)

🐛 Bug Fix

💅 Polish

3.6.3 (2024-11-22)

🐛 Bug Fix

Committers: 1

3.6.2 (2024-11-19)

🐛 Bug Fix

🔧 Maintenance

Committers: 5

3.6.1 (2024-11-08)

🐛 Bug Fix

💅 Polish

v8.18.1

8.18.1 (2024-12-16)

🩹 Fixes

❤️ Thank You

v8.18.0

8.18.0 (2024-12-09)

🚀 Features

🩹 Fixes

❤️ Thank You

v8.17.0

8.17.0 (2024-12-02)

🚀 Features

8.18.1 (2024-12-16)

🩹 Fixes

❤️ Thank You

8.18.0 (2024-12-09)

🚀 Features

🩹 Fixes

❤️ Thank You

8.17.0 (2024-12-02)

🚀 Features

🩹 Fixes

v8.18.1

8.18.1 (2024-12-16)

🩹 Fixes

❤️ Thank You

v8.18.0

8.18.0 (2024-12-09)

🚀 Features

🩹 Fixes

❤️ Thank You

v8.17.0

8.17.0 (2024-12-02)

🚀 Features

8.18.1 (2024-12-16)

8.18.0 (2024-12-09)

🩹 Fixes

❤️ Thank You

8.17.0 (2024-12-02)

8.16.0 (2024-11-25)

🚀 Features

❤️ Thank You

8.15.0 (2024-11-18)

8.14.0 (2024-11-11)

8.13.0 (2024-11-04)

v7.37.2

Fixed

Changed

v7.37.1

Fixed

Changed

v7.37.0

Added

Changed

v7.36.1

Fixed

7.37.2 - 2024.10.22

dependabot bot commented on behalf of github Dec 16, 2024 •

edited

Loading

Treat U+30A0 & U+30FB in Katakana Block as CJK (#16796 by `@tats-u`)

Fix comments print on class methods with decorators (#16891 by `@fisker`)

stacklok-cloud bot commented Dec 16, 2024 •

edited

Loading

Vulnerability scan of `5f0bbe06:`