Skip to content

Bump the production-dependencies group across 1 directory with 14 updates#114

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/frontend/production-dependencies-a4520d4cb4
Closed

Bump the production-dependencies group across 1 directory with 14 updates#114
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/frontend/production-dependencies-a4520d4cb4

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 27, 2025

Bumps the production-dependencies group with 14 updates in the /frontend directory:

Package From To
@angular/animations 18.2.12 19.1.3
@angular/cdk 18.2.13 19.1.1
@angular/common 18.2.12 19.1.3
@angular/compiler 18.2.12 19.1.3
@angular/core 18.2.12 19.1.3
@angular/forms 18.2.12 19.1.3
@angular/material 18.2.13 19.1.1
@angular/platform-browser 18.2.12 19.1.3
@angular/platform-browser-dynamic 18.2.12 19.1.3
@angular/router 18.2.12 19.1.3
@octokit/types 13.6.1 13.7.0
cronstrue 2.51.0 2.53.0
highcharts 11.4.8 12.1.2
ng2-charts 7.0.0 8.0.0

Updates @angular/animations from 18.2.12 to 19.1.3

Release notes

Sourced from @​angular/animations's releases.

v19.1.3

19.1.3 (2025-01-22)

compiler

Commit Description
fix - ecfb74d287 handle :host-context with comma-separated child selector (#59276)

compiler-cli

Commit Description
fix - 53160e504d extract parenthesized dependencies during HMR (#59644)
fix - 39690969af handle conditional expressions when extracting dependencies (#59637)
fix - 78af7a5059 handle new expressions when extracting dependencies (#59637)

core

Commit Description
fix - 408af24ff3 capture self-referencing component during HMR (#59644)
fix - d7575c201c replace metadata in place during HMR (#59644)
fix - 26f6d4c485 skip component ID collision warning during SSR (#59625)

migrations

Commit Description
fix - a62c84bc18 avoid applying the same replacements twice when cleaning up unused imports (#59656)

platform-browser

Commit Description
fix - b2b3816cb1 clear renderer cache during HMR when using async animations (#59644)

v19.1.2

19.1.2 (2025-01-20)

compiler

Commit Description
fix - 8dcd889987 update @ng/component URL to be relative (#59620)

compiler-cli

Commit Description
fix - 95a05bb202 disable tree shaking during HMR (#59595)

core

Commit Description
fix - a4eb74c79c animation sometimes renderer not being destroyed during HMR (#59574)
fix - 906413aba3 change Resource to use explicit undefined in its typings (#59024)
fix - 4eb541837c cleanup _ejsa when app is destroyed (#59492)
fix - 5497102769 cleanup stash listener when app is destroyed (#59598)
fix - 266a8f2f2e handle shadow DOM encapsulated component with HMR (#59597)
fix - 6f7716268a HMR not matching component that injects ViewContainerRef (#59596)
fix - d12a186d53 treat exceptions in equal as part of computation (#55818)

... (truncated)

Changelog

Sourced from @​angular/animations's changelog.

19.1.3 (2025-01-22)

compiler

Commit Type Description
ecfb74d287 fix handle :host-context with comma-separated child selector (#59276)

compiler-cli

Commit Type Description
53160e504d fix extract parenthesized dependencies during HMR (#59644)
39690969af fix handle conditional expressions when extracting dependencies (#59637)
78af7a5059 fix handle new expressions when extracting dependencies (#59637)

core

Commit Type Description
408af24ff3 fix capture self-referencing component during HMR (#59644)
d7575c201c fix replace metadata in place during HMR (#59644)
26f6d4c485 fix skip component ID collision warning during SSR (#59625)

migrations

Commit Type Description
a62c84bc18 fix avoid applying the same replacements twice when cleaning up unused imports (#59656)

platform-browser

Commit Type Description
b2b3816cb1 fix clear renderer cache during HMR when using async animations (#59644)

19.1.2 (2025-01-20)

compiler

Commit Type Description
8dcd889987 fix update @ng/component URL to be relative (#59620)

compiler-cli

Commit Type Description
95a05bb202 fix disable tree shaking during HMR (#59595)

core

Commit Type Description
a4eb74c79c fix animation sometimes renderer not being destroyed during HMR (#59574)
906413aba3 fix change Resource to use explicit undefined in its typings (#59024)
4eb541837c fix cleanup _ejsa when app is destroyed (#59492)
5497102769 fix cleanup stash listener when app is destroyed (#59598)
266a8f2f2e fix handle shadow DOM encapsulated component with HMR (#59597)
6f7716268a fix HMR not matching component that injects ViewContainerRef (#59596)
d12a186d53 fix treat exceptions in equal as part of computation (#55818)

... (truncated)

Commits
  • a4eb74c fix(core): animation sometimes renderer not being destroyed during HMR (#59574)
  • bfaeefe refactor(animations): drop warning functions in production (#59408)
  • 0e23f20 fix(platform-browser): styles not replaced during HMR when using animations r...
  • 2f5f898 docs(animations): update position parameter to be a decimal (#57927)
  • d010e11 feat(core): add event listener options to renderer (#59092)
  • 0513fbc docs: set syntax highlighting of code examples MD code blocks (#59026)
  • 8d6ea5b docs: fix missing alert block styles in the API reference (#59020)
  • 09df589 refactor(core): Migrate all packages with the explicit-standalone-flag sche...
  • 84b6896 refactor(platform-server): Add an ssr benchmark setup. (#57647)
  • 9dbe6fc refactor: update license text to point to angular.dev (#57901)
  • See full diff in compare view

Updates @angular/cdk from 18.2.13 to 19.1.1

Release notes

Sourced from @​angular/cdk's releases.

v19.1.1

19.1.1 "lanthanum-labrador" (2025-01-22)

material

Commit Description
fix - 5c4421641 autocomplete: fix initial render logic (#30348)
fix - db3895cf1 chips: fix chip blur timing (#30347)
fix - 09d7476d9 expansion: inherit shape for focus indicator (#30352)

cdk

Commit Description
fix - 380fd1dfa text-field: clear cached line height on resize (#30355)

v19.1.0

19.1.0 "denim-firefly" (2025-01-16)

material-luxon-adapter

Commit Description
fix - e52a369a1b infer first day of week from locale (#30285)

material-experimental

Commit Description
feat - 8685c01a92 column-resize: Add support for "lazy" rather than live updating during resizing. (#30120)

cdk-experimental

Commit Description
feat - 75c8aa8767 column-resize: Support column size persistance hooks (#30136)
fix - 50d906b3e3 column-resize: Previous size was being sent for persistance rather than newly updated size in non-live resize mode. (#30161)

material

Commit Description
feat - f47f5f9a1e schematics: Add CSS output to custom theme schematic (#30004)
fix - 057ed370aa api-theme: fix nav items hover/focus contrast (#1004)
fix - 5138fe7b38 checkbox: ensure focus indicator has the correct shape (#30332)
fix - 3163040850 docs: change twitter logo (#1245)
fix - 781e91e798 menu: lazy content not detached after animation (#30301)
fix - a3d9e4b45d select: match disabled placeholder color with label (#29870)
fix - 027c3ad267 select: remove color transition w/ no animations module (#30304)
fix - 4f676d4030 slider: active vs inactive tick mark count (#30319)
fix - eae073032c slider: tick mark positioning (#30329)
fix - 0c099ff024 sort: avoid center align for sort header
fix - 6ca21fd740 tabs: tab nav bar animation not working when navigating forwards (#30313)
fix - a0b5546111 theme: unselected theme picker
fix - 884740d605 tooltip: deprecate matTooltipAnimations (#30310)
perf - ab497c44e7 button: Remove unused inject. (#30320)
perf - ab44d45c56 table: Optimize expensive css selector (#30305)
perf - 980f9ba7bb tooltip: Use afterNextRender to invoke aria describer to align layout updates with other components using afterNextRender. (#30265)

cdk

... (truncated)

Changelog

Sourced from @​angular/cdk's changelog.

19.1.1 "lanthanum-labrador" (2025-01-22)

cdk

Commit Type Description
380fd1dfa fix text-field: clear cached line height on resize (#30355)

material

Commit Type Description
5c4421641 fix autocomplete: fix initial render logic (#30348)
db3895cf1 fix chips: fix chip blur timing (#30347)
09d7476d9 fix expansion: inherit shape for focus indicator (#30352)

19.2.0-next.0 "bronze-baguette" (2025-01-16)

material

Commit Type Description
44c7320653 feat schematics: Add option to customize colors for neutral variant and error palettes (#30321)
1e5663636e fix stepper: switch away from animations module (#30314)
0eb9012777 fix tabs: switch away from animations module (#30281)
e5c3ddfb0b fix timepicker: adds default aria-label to timepicker toggle (#30284)

19.1.0 "denim-firefly" (2025-01-16)

cdk

Commit Type Description
62a672af0d feat dialog: expose cdk dialog docs (#1144)
a0a16fc70e feat menu: expose cdk menu docs (#1142)
2be0afcfb5 fix menu: avoid resetting the scroll position when using the mouse (#30249)
e421765d8d fix menu: not responding to position changes (#30234)
5c75bbecb2 fix scrolling: avoid SSR error in CdkVirtualScrollableWindow (#30259)
d721f0c2bc perf table: Use afterNextRender for sticky styling. Fixes a performance regression dating back to #28393 and removes need for coalesced sticky styler. (#30242)

material

Commit Type Description
f47f5f9a1e feat schematics: Add CSS output to custom theme schematic (#30004)
057ed370aa fix api-theme: fix nav items hover/focus contrast (#1004)
5138fe7b38 fix checkbox: ensure focus indicator has the correct shape (#30332)
3163040850 fix docs: change twitter logo (#1245)
781e91e798 fix menu: lazy content not detached after animation (#30301)
a3d9e4b45d fix select: match disabled placeholder color with label (#29870)
027c3ad267 fix select: remove color transition w/ no animations module (#30304)
4f676d4030 fix slider: active vs inactive tick mark count (#30319)
eae073032c fix slider: tick mark positioning (#30329)
0c099ff024 fix sort: avoid center align for sort header

... (truncated)

Commits
  • 0b9c040 release: cut the v19.1.1 release
  • 380fd1d fix(cdk/text-field): clear cached line height on resize (#30355)
  • 09d7476 fix(material/expansion): inherit shape for focus indicator (#30352)
  • 5c44216 fix(material/autocomplete): fix initial render logic (#30348)
  • db3895c fix(material/chips): fix chip blur timing (#30347)
  • 7a3eb6c release: cut the v19.1.0 release
  • 0f12ed2 Revert "test(material/timepicker): updates timepicker.spec.ts (#30335)" (#30342)
  • 5138fe7 fix(material/checkbox): ensure focus indicator has the correct shape (#30332)
  • eae0730 fix(material/slider): tick mark positioning (#30329)
  • 0df6e03 test(material/timepicker): updates timepicker.spec.ts (#30335)
  • Additional commits viewable in compare view

Updates @angular/common from 18.2.12 to 19.1.3

Release notes

Sourced from @​angular/common's releases.

v19.1.3

19.1.3 (2025-01-22)

compiler

Commit Description
fix - ecfb74d287 handle :host-context with comma-separated child selector (#59276)

compiler-cli

Commit Description
fix - 53160e504d extract parenthesized dependencies during HMR (#59644)
fix - 39690969af handle conditional expressions when extracting dependencies (#59637)
fix - 78af7a5059 handle new expressions when extracting dependencies (#59637)

core

Commit Description
fix - 408af24ff3 capture self-referencing component during HMR (#59644)
fix - d7575c201c replace metadata in place during HMR (#59644)
fix - 26f6d4c485 skip component ID collision warning during SSR (#59625)

migrations

Commit Description
fix - a62c84bc18 avoid applying the same replacements twice when cleaning up unused imports (#59656)

platform-browser

Commit Description
fix - b2b3816cb1 clear renderer cache during HMR when using async animations (#59644)

v19.1.2

19.1.2 (2025-01-20)

compiler

Commit Description
fix - 8dcd889987 update @ng/component URL to be relative (#59620)

compiler-cli

Commit Description
fix - 95a05bb202 disable tree shaking during HMR (#59595)

core

Commit Description
fix - a4eb74c79c animation sometimes renderer not being destroyed during HMR (#59574)
fix - 906413aba3 change Resource to use explicit undefined in its typings (#59024)
fix - 4eb541837c cleanup _ejsa when app is destroyed (#59492)
fix - 5497102769 cleanup stash listener when app is destroyed (#59598)
fix - 266a8f2f2e handle shadow DOM encapsulated component with HMR (#59597)
fix - 6f7716268a HMR not matching component that injects ViewContainerRef (#59596)
fix - d12a186d53 treat exceptions in equal as part of computation (#55818)

... (truncated)

Changelog

Sourced from @​angular/common's changelog.

19.1.3 (2025-01-22)

compiler

Commit Type Description
ecfb74d287 fix handle :host-context with comma-separated child selector (#59276)

compiler-cli

Commit Type Description
53160e504d fix extract parenthesized dependencies during HMR (#59644)
39690969af fix handle conditional expressions when extracting dependencies (#59637)
78af7a5059 fix handle new expressions when extracting dependencies (#59637)

core

Commit Type Description
408af24ff3 fix capture self-referencing component during HMR (#59644)
d7575c201c fix replace metadata in place during HMR (#59644)
26f6d4c485 fix skip component ID collision warning during SSR (#59625)

migrations

Commit Type Description
a62c84bc18 fix avoid applying the same replacements twice when cleaning up unused imports (#59656)

platform-browser

Commit Type Description
b2b3816cb1 fix clear renderer cache during HMR when using async animations (#59644)

19.1.2 (2025-01-20)

compiler

Commit Type Description
8dcd889987 fix update @ng/component URL to be relative (#59620)

compiler-cli

Commit Type Description
95a05bb202 fix disable tree shaking during HMR (#59595)

core

Commit Type Description
a4eb74c79c fix animation sometimes renderer not being destroyed during HMR (#59574)
906413aba3 fix change Resource to use explicit undefined in its typings (#59024)
4eb541837c fix cleanup _ejsa when app is destroyed (#59492)
5497102769 fix cleanup stash listener when app is destroyed (#59598)
266a8f2f2e fix handle shadow DOM encapsulated component with HMR (#59597)
6f7716268a fix HMR not matching component that injects ViewContainerRef (#59596)
d12a186d53 fix treat exceptions in equal as part of computation (#55818)

... (truncated)

Commits
  • 810ed6a refactor(common): prevent duplicating Content-Type header (#59518)
  • e2b7359 refactor(common): drop error message in production (#59471)
  • 95c0e51 docs: update class & style binding recommendation (#59240)
  • 6a0dd96 Revert "refactor: initialize headers map directly in HttpHeaders class (#5926...
  • 3e7ba3d docs: set syntax highlighting to the remaining Markdown code examples blocks ...
  • 51a4839 refactor(common): tree-shake lcpObserver in NgOptimizedImage (#59481)
  • f6e7516 refactor(common): tree-shake transfer cache interceptor stuff (#59439)
  • f73f39c refactor: initialize headers map directly in HttpHeaders class (#59268)
  • 411b4f5 refactor(common): prevent duplicating Accept header (#59467)
  • de12b52 refactor(common): drop enums by changing to const enum (#59468)
  • Additional commits viewable in compare view

Updates @angular/compiler from 18.2.12 to 19.1.3

Release notes

Sourced from @​angular/compiler's releases.

v19.1.3

19.1.3 (2025-01-22)

compiler

Commit Description
fix - ecfb74d287 handle :host-context with comma-separated child selector (#59276)

compiler-cli

Commit Description
fix - 53160e504d extract parenthesized dependencies during HMR (#59644)
fix - 39690969af handle conditional expressions when extracting dependencies (#59637)
fix - 78af7a5059 handle new expressions when extracting dependencies (#59637)

core

Commit Description
fix - 408af24ff3 capture self-referencing component during HMR (#59644)
fix - d7575c201c replace metadata in place during HMR (#59644)
fix - 26f6d4c485 skip component ID collision warning during SSR (#59625)

migrations

Commit Description
fix - a62c84bc18 avoid applying the same replacements twice when cleaning up unused imports (#59656)

platform-browser

Commit Description
fix - b2b3816cb1 clear renderer cache during HMR when using async animations (#59644)

v19.1.2

19.1.2 (2025-01-20)

compiler

Commit Description
fix - 8dcd889987 update @ng/component URL to be relative (#59620)

compiler-cli

Commit Description
fix - 95a05bb202 disable tree shaking during HMR (#59595)

core

<...

Description has been truncated

Commit Description
fix - a4eb74c79c animation sometimes renderer not being destroyed during HMR (#59574)
fix - 906413aba3 change Resource to use explicit undefined in its typings (#59024)
fix - 4eb541837c cleanup _ejsa when app is destroyed (#59492)
fix - 5497102769 cleanup stash listener when app is destroyed (#59598)
fix - 266a8f2f2e handle shadow DOM encapsulated component with HMR (#59597)
fix - 6f7716268a HMR not matching component that injects ViewContainerRef (#59596)

…ates

Bumps the production-dependencies group with 14 updates in the /frontend directory:

| Package | From | To |
| --- | --- | --- |
| [@angular/animations](https://github.com/angular/angular/tree/HEAD/packages/animations) | `18.2.12` | `19.1.3` |
| [@angular/cdk](https://github.com/angular/components) | `18.2.13` | `19.1.1` |
| [@angular/common](https://github.com/angular/angular/tree/HEAD/packages/common) | `18.2.12` | `19.1.3` |
| [@angular/compiler](https://github.com/angular/angular/tree/HEAD/packages/compiler) | `18.2.12` | `19.1.3` |
| [@angular/core](https://github.com/angular/angular/tree/HEAD/packages/core) | `18.2.12` | `19.1.3` |
| [@angular/forms](https://github.com/angular/angular/tree/HEAD/packages/forms) | `18.2.12` | `19.1.3` |
| [@angular/material](https://github.com/angular/components) | `18.2.13` | `19.1.1` |
| [@angular/platform-browser](https://github.com/angular/angular/tree/HEAD/packages/platform-browser) | `18.2.12` | `19.1.3` |
| [@angular/platform-browser-dynamic](https://github.com/angular/angular/tree/HEAD/packages/platform-browser-dynamic) | `18.2.12` | `19.1.3` |
| [@angular/router](https://github.com/angular/angular/tree/HEAD/packages/router) | `18.2.12` | `19.1.3` |
| [@octokit/types](https://github.com/octokit/types.ts) | `13.6.1` | `13.7.0` |
| [cronstrue](https://github.com/bradymholt/cronstrue) | `2.51.0` | `2.53.0` |
| [highcharts](https://github.com/highcharts/highcharts-dist) | `11.4.8` | `12.1.2` |
| [ng2-charts](https://github.com/valor-software/ng2-charts) | `7.0.0` | `8.0.0` |



Updates `@angular/animations` from 18.2.12 to 19.1.3
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/19.1.3/packages/animations)

Updates `@angular/cdk` from 18.2.13 to 19.1.1
- [Release notes](https://github.com/angular/components/releases)
- [Changelog](https://github.com/angular/components/blob/main/CHANGELOG.md)
- [Commits](angular/components@18.2.13...19.1.1)

Updates `@angular/common` from 18.2.12 to 19.1.3
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/19.1.3/packages/common)

Updates `@angular/compiler` from 18.2.12 to 19.1.3
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/19.1.3/packages/compiler)

Updates `@angular/core` from 18.2.12 to 19.1.3
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/19.1.3/packages/core)

Updates `@angular/forms` from 18.2.12 to 19.1.3
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/19.1.3/packages/forms)

Updates `@angular/material` from 18.2.13 to 19.1.1
- [Release notes](https://github.com/angular/components/releases)
- [Changelog](https://github.com/angular/components/blob/main/CHANGELOG.md)
- [Commits](angular/components@18.2.13...19.1.1)

Updates `@angular/platform-browser` from 18.2.12 to 19.1.3
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/19.1.3/packages/platform-browser)

Updates `@angular/platform-browser-dynamic` from 18.2.12 to 19.1.3
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/19.1.3/packages/platform-browser-dynamic)

Updates `@angular/router` from 18.2.12 to 19.1.3
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/19.1.3/packages/router)

Updates `@octokit/types` from 13.6.1 to 13.7.0
- [Release notes](https://github.com/octokit/types.ts/releases)
- [Commits](octokit/types.ts@v13.6.1...v13.7.0)

Updates `cronstrue` from 2.51.0 to 2.53.0
- [Release notes](https://github.com/bradymholt/cronstrue/releases)
- [Changelog](https://github.com/bradymholt/cRonstrue/blob/main/CHANGELOG.md)
- [Commits](bradymholt/cRonstrue@v2.51.0...v2.53.0)

Updates `highcharts` from 11.4.8 to 12.1.2
- [Commits](highcharts/highcharts-dist@v11.4.8...v12.1.2)

Updates `ng2-charts` from 7.0.0 to 8.0.0
- [Release notes](https://github.com/valor-software/ng2-charts/releases)
- [Commits](valor-software/ng2-charts@v7.0.0...v8.0.0)

---
updated-dependencies:
- dependency-name: "@angular/animations"
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: "@angular/cdk"
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: "@angular/common"
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: "@angular/compiler"
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: "@angular/core"
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: "@angular/forms"
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: "@angular/material"
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: "@angular/platform-browser"
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: "@angular/platform-browser-dynamic"
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: "@angular/router"
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: "@octokit/types"
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: cronstrue
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: highcharts
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: ng2-charts
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jan 27, 2025
@github-actions
Copy link

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 1 package(s) with unknown licenses.
See the Details below.

License Issues

frontend/package.json

PackageVersionLicenseIssue Type
highcharts^12.1.2NullUnknown License

OpenSSF Scorecard

Scorecard details
PackageVersionScoreDetails
npm/@angular/animations 19.1.3 🟢 6.4
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests⚠️ -1no pull request found
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0no SAST tool detected
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 073 existing vulnerabilities detected
npm/@angular/cdk 19.1.1 🟢 7.3
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 1027 out of 27 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: in_progress
Code-Review🟢 9found 1 unreviewed changesets out of 28 -- score normalized to 9
Contributors🟢 1023 different organizations found -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) out of 30 and 10 issue activity out of 30 found in the last 90 days -- score normalized to 10
Packaging⚠️ -1no published package detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions🟢 8detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 056 existing vulnerabilities detected
npm/@angular/common 19.1.3 🟢 6.4
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests⚠️ -1no pull request found
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0no SAST tool detected
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 073 existing vulnerabilities detected
npm/@angular/compiler 19.1.3 🟢 6.4
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests⚠️ -1no pull request found
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0no SAST tool detected
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 073 existing vulnerabilities detected
npm/@angular/core 19.1.3 🟢 6.4
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests⚠️ -1no pull request found
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0no SAST tool detected
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 073 existing vulnerabilities detected
npm/@angular/forms 19.1.3 🟢 6.4
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests⚠️ -1no pull request found
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0no SAST tool detected
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 073 existing vulnerabilities detected
npm/@angular/material 19.1.1 🟢 7.3
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 1027 out of 27 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: in_progress
Code-Review🟢 9found 1 unreviewed changesets out of 28 -- score normalized to 9
Contributors🟢 1023 different organizations found -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) out of 30 and 10 issue activity out of 30 found in the last 90 days -- score normalized to 10
Packaging⚠️ -1no published package detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions🟢 8detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 056 existing vulnerabilities detected
npm/@angular/platform-browser 19.1.3 🟢 6.4
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests⚠️ -1no pull request found
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0no SAST tool detected
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 073 existing vulnerabilities detected
npm/@angular/platform-browser-dynamic 19.1.3 🟢 6.4
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests⚠️ -1no pull request found
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0no SAST tool detected
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 073 existing vulnerabilities detected
npm/@angular/router 19.1.3 🟢 6.4
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests⚠️ -1no pull request found
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0no SAST tool detected
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 073 existing vulnerabilities detected
npm/@octokit/openapi-types 23.0.1 🟢 7.1
Details
CheckScoreReason
Code-Review🟢 8Found 6/7 approved changesets -- score normalized to 8
Maintained🟢 89 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 8
Binary-Artifacts🟢 10no binaries found in the repo
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 9security policy file detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Vulnerabilities🟢 100 existing vulnerabilities detected
Signed-Releases⚠️ -1no releases found
Packaging🟢 10packaging workflow detected
SAST🟢 9SAST tool detected but not run on all commits
Pinned-Dependencies🟢 3dependency not pinned by hash detected -- score normalized to 3
npm/@octokit/types 13.7.0 🟢 6.9
Details
CheckScoreReason
Code-Review🟢 10all changesets reviewed
Security-Policy🟢 9security policy file detected
Binary-Artifacts🟢 10no binaries found in the repo
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Maintained🟢 55 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 5
Pinned-Dependencies🟢 3dependency not pinned by hash detected -- score normalized to 3
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging🟢 10packaging workflow detected
SAST🟢 10SAST tool is run on all commits
Vulnerabilities🟢 82 existing vulnerabilities detected
npm/cronstrue 2.53.0 🟢 4
Details
CheckScoreReason
Code-Review🟢 3Found 9/28 approved changesets -- score normalized to 3
Packaging⚠️ -1packaging workflow not detected
Maintained🟢 87 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 8
Binary-Artifacts🟢 10no binaries found in the repo
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Security-Policy⚠️ 0security policy file not detected
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities🟢 55 existing vulnerabilities detected
npm/highcharts 12.1.2 🟢 3.5
Details
CheckScoreReason
Packaging⚠️ -1packaging workflow not detected
Code-Review⚠️ 0Found 1/28 approved changesets -- score normalized to 0
Maintained🟢 79 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 7
Dangerous-Workflow⚠️ -1no workflows found
Token-Permissions⚠️ -1No tokens found
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Security-Policy⚠️ 0security policy file not detected
License⚠️ 0license file not detected
Vulnerabilities🟢 100 existing vulnerabilities detected
Signed-Releases⚠️ -1no releases found
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Pinned-Dependencies⚠️ -1no dependencies found
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
npm/ng2-charts 8.0.0 🟢 4.2
Details
CheckScoreReason
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Code-Review⚠️ 0Found 1/16 approved changesets -- score normalized to 0
Maintained🟢 1014 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Pinned-Dependencies⚠️ 2dependency not pinned by hash detected -- score normalized to 2
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Security-Policy⚠️ 0security policy file not detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities🟢 73 existing vulnerabilities detected
npm/zone.js 0.15.0 🟢 6.4
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests⚠️ -1no pull request found
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0no SAST tool detected
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 073 existing vulnerabilities detected
npm/@angular/animations ^19.1.3 🟢 6.4
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests⚠️ -1no pull request found
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0no SAST tool detected
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 073 existing vulnerabilities detected
npm/@angular/cdk ^19.1.1 🟢 7.3
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 1027 out of 27 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: in_progress
Code-Review🟢 9found 1 unreviewed changesets out of 28 -- score normalized to 9
Contributors🟢 1023 different organizations found -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) out of 30 and 10 issue activity out of 30 found in the last 90 days -- score normalized to 10
Packaging⚠️ -1no published package detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions🟢 8detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 056 existing vulnerabilities detected
npm/@angular/common ^19.1.3 🟢 6.4
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests⚠️ -1no pull request found
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0no SAST tool detected
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 073 existing vulnerabilities detected
npm/@angular/compiler ^19.1.3 🟢 6.4
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests⚠️ -1no pull request found
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0no SAST tool detected
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 073 existing vulnerabilities detected
npm/@angular/core ^19.1.3 🟢 6.4
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests⚠️ -1no pull request found
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0no SAST tool detected
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 073 existing vulnerabilities detected
npm/@angular/forms ^19.1.3 🟢 6.4
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests⚠️ -1no pull request found
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0no SAST tool detected
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 073 existing vulnerabilities detected
npm/@angular/material ^19.1.1 🟢 7.3
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 1027 out of 27 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: in_progress
Code-Review🟢 9found 1 unreviewed changesets out of 28 -- score normalized to 9
Contributors🟢 1023 different organizations found -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) out of 30 and 10 issue activity out of 30 found in the last 90 days -- score normalized to 10
Packaging⚠️ -1no published package detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions🟢 8detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 056 existing vulnerabilities detected
npm/@angular/platform-browser ^19.1.3 🟢 6.4
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests⚠️ -1no pull request found
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0no SAST tool detected
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 073 existing vulnerabilities detected
npm/@angular/platform-browser-dynamic ^19.1.3 🟢 6.4
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests⚠️ -1no pull request found
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0no SAST tool detected
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 073 existing vulnerabilities detected
npm/@angular/router ^19.1.3 🟢 6.4
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests⚠️ -1no pull request found
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0no SAST tool detected
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 073 existing vulnerabilities detected
npm/@octokit/types ^13.7.0 🟢 6.9
Details
CheckScoreReason
Code-Review🟢 10all changesets reviewed
Security-Policy🟢 9security policy file detected
Binary-Artifacts🟢 10no binaries found in the repo
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Maintained🟢 55 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 5
Pinned-Dependencies🟢 3dependency not pinned by hash detected -- score normalized to 3
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging🟢 10packaging workflow detected
SAST🟢 10SAST tool is run on all commits
Vulnerabilities🟢 82 existing vulnerabilities detected
npm/cronstrue ^2.53.0 🟢 4
Details
CheckScoreReason
Code-Review🟢 3Found 9/28 approved changesets -- score normalized to 3
Packaging⚠️ -1packaging workflow not detected
Maintained🟢 87 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 8
Binary-Artifacts🟢 10no binaries found in the repo
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Security-Policy⚠️ 0security policy file not detected
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities🟢 55 existing vulnerabilities detected
npm/highcharts ^12.1.2 🟢 3.5
Details
CheckScoreReason
Packaging⚠️ -1packaging workflow not detected
Code-Review⚠️ 0Found 1/28 approved changesets -- score normalized to 0
Maintained🟢 79 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 7
Dangerous-Workflow⚠️ -1no workflows found
Token-Permissions⚠️ -1No tokens found
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Security-Policy⚠️ 0security policy file not detected
License⚠️ 0license file not detected
Vulnerabilities🟢 100 existing vulnerabilities detected
Signed-Releases⚠️ -1no releases found
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Pinned-Dependencies⚠️ -1no dependencies found
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
npm/ng2-charts ^8.0.0 🟢 4.2
Details
CheckScoreReason
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Code-Review⚠️ 0Found 1/16 approved changesets -- score normalized to 0
Maintained🟢 1014 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Pinned-Dependencies⚠️ 2dependency not pinned by hash detected -- score normalized to 2
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Security-Policy⚠️ 0security policy file not detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities🟢 73 existing vulnerabilities detected

Scanned Files

  • frontend/package-lock.json
  • frontend/package.json

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Feb 3, 2025

Superseded by #117.

@dependabot dependabot bot closed this Feb 3, 2025
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/frontend/production-dependencies-a4520d4cb4 branch February 3, 2025 20:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants