Skip to content

Bump the development-dependencies group across 1 directory with 6 updates#120

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/backend/development-dependencies-9d8bf82e07
Closed

Bump the development-dependencies group across 1 directory with 6 updates#120
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/backend/development-dependencies-9d8bf82e07

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 3, 2025

Bumps the development-dependencies group with 6 updates in the /backend directory:

Package From To
@eslint/js 9.16.0 9.19.0
@types/express 4.17.21 5.0.0
eslint 9.16.0 9.19.0
globals 15.13.0 15.14.0
typescript 5.7.2 5.7.3
typescript-eslint 8.17.0 8.23.0

Updates @eslint/js from 9.16.0 to 9.19.0

Release notes

Sourced from @​eslint/js's releases.

v9.19.0

Features

  • 1637b8e feat: add --report-unused-inline-configs (#19201) (Josh Goldberg ✨)

Bug Fixes

  • aae6717 fix: sync rule type header comments automatically (#19276) (Francesco Trotta)

Documentation

  • cfea9ab docs: Clarify overrideConfig option (#19370) (Nicholas C. Zakas)
  • 2b84f66 docs: Update README (#19362) (Nicholas C. Zakas)
  • 044f93c docs: clarify frozen rule description (#19351) (Pavel)
  • 797ee7c docs: fix Bluesky links (#19368) (Milos Djermanovic)
  • 81a9c0e docs: Update README (GitHub Actions Bot)
  • 093fb3d docs: replace var with let and const in rule examples (#19365) (Tanuj Kanti)
  • 417de32 docs: replace var with const in rule examples (#19352) (jj)
  • 17f2aae docs: update getting-started config to match default generated config (#19308) (0xDev)
  • 8a0a5a8 docs: better global ignores instruction (#19297) (Jacopo Marrone)
  • 6671a2c docs: Update README (GitHub Actions Bot)
  • e39d3f2 docs: fix divider for rule category (#19264) (Tanuj Kanti)
  • e0cf53f docs: fix search result box position for small screens (#19328) (Tanuj Kanti)
  • f92a680 docs: replace var with let or const in rule examples (#19331) (Ravi Teja Kolla)
  • b04b84b docs: revert accidental changes in TS config files docs (#19336) (Francesco Trotta)

Chores

  • 9b9cb05 chore: upgrade @​eslint/js@​9.19.0 (#19371) (Milos Djermanovic)
  • 58560e7 chore: package.json update for @​eslint/js release (Jenkins)
  • 2089707 test: fix failing test in Node.js v22.13.0 (#19345) (Francesco Trotta)

v9.18.0

Features

  • e84e6e2 feat: Report allowed methods for no-console rule (#19306) (Anna Bocharova)
  • 8efc2d0 feat: unflag TypeScript config files (#19266) (Francesco Trotta)
  • 87a9352 feat: check imports and class names in no-shadow-restricted-names (#19272) (Milos Djermanovic)

Bug Fixes

  • da768d4 fix: correct overrideConfigFile type (#19289) (Francesco Trotta)

Documentation

  • d9c23c5 docs: replace var with const in rule examples (#19325) (Tanuj Kanti)
  • 8e1a898 docs: add tabs to cli code blocks (#18784) (Jay)
  • f3aeefb docs: rewrite using let and const in rule examples (#19320) (PoloSpark)
  • 0b680b3 docs: Update README (GitHub Actions Bot)
  • 98c86a9 docs: Edit this page button link to different branches (#19228) (Tanuj Kanti)
  • 6947901 docs: remove hardcoded edit link (#19323) (Milos Djermanovic)
  • 03f2f44 docs: rewrite var with const in rules examples (#19317) (Thiago)
  • 26c3003 docs: Clarify dangers of eslint:all (#19318) (Nicholas C. Zakas)
  • c038257 docs: add eqeqeq in related rules to no-eq-null (#19310) (루밀LuMir)
  • 89c8fc5 docs: rewrite examples with var using let and const (#19315) (Amaresh S M)
  • db574c4 docs: add missing backticks to no-void (#19313) (루밀LuMir)
  • 8d943c3 docs: add missing backticks to default-case-last (#19311) (루밀LuMir)

... (truncated)

Changelog

Sourced from @​eslint/js's changelog.

v9.19.0 - January 24, 2025

  • 9b9cb05 chore: upgrade @​eslint/js@​9.19.0 (#19371) (Milos Djermanovic)
  • 58560e7 chore: package.json update for @​eslint/js release (Jenkins)
  • cfea9ab docs: Clarify overrideConfig option (#19370) (Nicholas C. Zakas)
  • 2b84f66 docs: Update README (#19362) (Nicholas C. Zakas)
  • 044f93c docs: clarify frozen rule description (#19351) (Pavel)
  • 797ee7c docs: fix Bluesky links (#19368) (Milos Djermanovic)
  • 81a9c0e docs: Update README (GitHub Actions Bot)
  • 093fb3d docs: replace var with let and const in rule examples (#19365) (Tanuj Kanti)
  • 417de32 docs: replace var with const in rule examples (#19352) (jj)
  • 17f2aae docs: update getting-started config to match default generated config (#19308) (0xDev)
  • aae6717 fix: sync rule type header comments automatically (#19276) (Francesco Trotta)
  • 8a0a5a8 docs: better global ignores instruction (#19297) (Jacopo Marrone)
  • 2089707 test: fix failing test in Node.js v22.13.0 (#19345) (Francesco Trotta)
  • 6671a2c docs: Update README (GitHub Actions Bot)
  • 1637b8e feat: add --report-unused-inline-configs (#19201) (Josh Goldberg ✨)
  • e39d3f2 docs: fix divider for rule category (#19264) (Tanuj Kanti)
  • e0cf53f docs: fix search result box position for small screens (#19328) (Tanuj Kanti)
  • f92a680 docs: replace var with let or const in rule examples (#19331) (Ravi Teja Kolla)
  • b04b84b docs: revert accidental changes in TS config files docs (#19336) (Francesco Trotta)

v9.18.0 - January 10, 2025

  • c52be85 chore: upgrade to @eslint/js@9.18.0 (#19330) (Francesco Trotta)
  • 362099c chore: package.json update for @​eslint/js release (Jenkins)
  • 9486141 deps: upgrade @eslint/core and @eslint/plugin-kit (#19329) (Francesco Trotta)
  • d9c23c5 docs: replace var with const in rule examples (#19325) (Tanuj Kanti)
  • 8e1a898 docs: add tabs to cli code blocks (#18784) (Jay)
  • f3aeefb docs: rewrite using let and const in rule examples (#19320) (PoloSpark)
  • 0b680b3 docs: Update README (GitHub Actions Bot)
  • 98c86a9 docs: Edit this page button link to different branches (#19228) (Tanuj Kanti)
  • 6947901 docs: remove hardcoded edit link (#19323) (Milos Djermanovic)
  • 03f2f44 docs: rewrite var with const in rules examples (#19317) (Thiago)
  • 26c3003 docs: Clarify dangers of eslint:all (#19318) (Nicholas C. Zakas)
  • c038257 docs: add eqeqeq in related rules to no-eq-null (#19310) (루밀LuMir)
  • 89c8fc5 docs: rewrite examples with var using let and const (#19315) (Amaresh S M)
  • 495aa49 chore: extract package name from package.json for public interface (#19314) (루밀LuMir)
  • db574c4 docs: add missing backticks to no-void (#19313) (루밀LuMir)
  • 8d943c3 docs: add missing backticks to default-case-last (#19311) (루밀LuMir)
  • 36ef8bb docs: rewrite examples with var using let and const (#19298) (Amaresh S M)
  • 1610c9e docs: add missing backticks to no-else-return (#19309) (루밀LuMir)
  • df409d8 docs: Update README (GitHub Actions Bot)
  • e84e6e2 feat: Report allowed methods for no-console rule (#19306) (Anna Bocharova)
  • 2e84213 docs: Fix Horizontal Scroll Overflow in Rule Description on Mobile View (#19304) (Amaresh S M)
  • 6e7361b docs: replace var with let and const in rule example (#19302) (Tanuj Kanti)
  • 069af5e docs: rewrite var using const in rule examples (#19303) (Kim GyeonWon)
  • 064e35d docs: remove 'I hope to' comments from scope-manager-interface (#19300) (Josh Goldberg ✨)
  • 8e00305 docs: replace var with const in rule examples (#19299) (Tanuj Kanti)
  • a559009 docs: Add warning about extending core rules (#19295) (Nicholas C. Zakas)

... (truncated)

Commits
  • 58560e7 chore: package.json update for @​eslint/js release
  • 362099c chore: package.json update for @​eslint/js release
  • 495aa49 chore: extract package name from package.json for public interface (#19314)
  • 84c5787 chore: package.json update for @​eslint/js release
  • See full diff in compare view

Updates @types/express from 4.17.21 to 5.0.0

Commits

Updates eslint from 9.16.0 to 9.19.0

Release notes

Sourced from eslint's releases.

v9.19.0

Features

  • 1637b8e feat: add --report-unused-inline-configs (#19201) (Josh Goldberg ✨)

Bug Fixes

  • aae6717 fix: sync rule type header comments automatically (#19276) (Francesco Trotta)

Documentation

  • cfea9ab docs: Clarify overrideConfig option (#19370) (Nicholas C. Zakas)
  • 2b84f66 docs: Update README (#19362) (Nicholas C. Zakas)
  • 044f93c docs: clarify frozen rule description (#19351) (Pavel)
  • 797ee7c docs: fix Bluesky links (#19368) (Milos Djermanovic)
  • 81a9c0e docs: Update README (GitHub Actions Bot)
  • 093fb3d docs: replace var with let and const in rule examples (#19365) (Tanuj Kanti)
  • 417de32 docs: replace var with const in rule examples (#19352) (jj)
  • 17f2aae docs: update getting-started config to match default generated config (#19308) (0xDev)
  • 8a0a5a8 docs: better global ignores instruction (#19297) (Jacopo Marrone)
  • 6671a2c docs: Update README (GitHub Actions Bot)
  • e39d3f2 docs: fix divider for rule category (#19264) (Tanuj Kanti)
  • e0cf53f docs: fix search result box position for small screens (#19328) (Tanuj Kanti)
  • f92a680 docs: replace var with let or const in rule examples (#19331) (Ravi Teja Kolla)
  • b04b84b docs: revert accidental changes in TS config files docs (#19336) (Francesco Trotta)

Chores

  • 9b9cb05 chore: upgrade @​eslint/js@​9.19.0 (#19371) (Milos Djermanovic)
  • 58560e7 chore: package.json update for @​eslint/js release (Jenkins)
  • 2089707 test: fix failing test in Node.js v22.13.0 (#19345) (Francesco Trotta)

v9.18.0

Features

  • e84e6e2 feat: Report allowed methods for no-console rule (#19306) (Anna Bocharova)
  • 8efc2d0 feat: unflag TypeScript config files (#19266) (Francesco Trotta)
  • 87a9352 feat: check imports and class names in no-shadow-restricted-names (#19272) (Milos Djermanovic)

Bug Fixes

  • da768d4 fix: correct overrideConfigFile type (#19289) (Francesco Trotta)

Documentation

  • d9c23c5 docs: replace var with const in rule examples (#19325) (Tanuj Kanti)
  • 8e1a898 docs: add tabs to cli code blocks (#18784) (Jay)
  • f3aeefb docs: rewrite using let and const in rule examples (#19320) (PoloSpark)
  • 0b680b3 docs: Update README (GitHub Actions Bot)
  • 98c86a9 docs: Edit this page button link to different branches (#19228) (Tanuj Kanti)
  • 6947901 docs: remove hardcoded edit link (#19323) (Milos Djermanovic)
  • 03f2f44 docs: rewrite var with const in rules examples (#19317) (Thiago)
  • 26c3003 docs: Clarify dangers of eslint:all (#19318) (Nicholas C. Zakas)
  • c038257 docs: add eqeqeq in related rules to no-eq-null (#19310) (루밀LuMir)
  • 89c8fc5 docs: rewrite examples with var using let and const (#19315) (Amaresh S M)
  • db574c4 docs: add missing backticks to no-void (#19313) (루밀LuMir)
  • 8d943c3 docs: add missing backticks to default-case-last (#19311) (루밀LuMir)

... (truncated)

Changelog

Sourced from eslint's changelog.

v9.19.0 - January 24, 2025

  • 9b9cb05 chore: upgrade @​eslint/js@​9.19.0 (#19371) (Milos Djermanovic)
  • 58560e7 chore: package.json update for @​eslint/js release (Jenkins)
  • cfea9ab docs: Clarify overrideConfig option (#19370) (Nicholas C. Zakas)
  • 2b84f66 docs: Update README (#19362) (Nicholas C. Zakas)
  • 044f93c docs: clarify frozen rule description (#19351) (Pavel)
  • 797ee7c docs: fix Bluesky links (#19368) (Milos Djermanovic)
  • 81a9c0e docs: Update README (GitHub Actions Bot)
  • 093fb3d docs: replace var with let and const in rule examples (#19365) (Tanuj Kanti)
  • 417de32 docs: replace var with const in rule examples (#19352) (jj)
  • 17f2aae docs: update getting-started config to match default generated config (#19308) (0xDev)
  • aae6717 fix: sync rule type header comments automatically (#19276) (Francesco Trotta)
  • 8a0a5a8 docs: better global ignores instruction (#19297) (Jacopo Marrone)
  • 2089707 test: fix failing test in Node.js v22.13.0 (#19345) (Francesco Trotta)
  • 6671a2c docs: Update README (GitHub Actions Bot)
  • 1637b8e feat: add --report-unused-inline-configs (#19201) (Josh Goldberg ✨)
  • e39d3f2 docs: fix divider for rule category (#19264) (Tanuj Kanti)
  • e0cf53f docs: fix search result box position for small screens (#19328) (Tanuj Kanti)
  • f92a680 docs: replace var with let or const in rule examples (#19331) (Ravi Teja Kolla)
  • b04b84b docs: revert accidental changes in TS config files docs (#19336) (Francesco Trotta)

v9.18.0 - January 10, 2025

  • c52be85 chore: upgrade to @eslint/js@9.18.0 (#19330) (Francesco Trotta)
  • 362099c chore: package.json update for @​eslint/js release (Jenkins)
  • 9486141 deps: upgrade @eslint/core and @eslint/plugin-kit (#19329) (Francesco Trotta)
  • d9c23c5 docs: replace var with const in rule examples (#19325) (Tanuj Kanti)
  • 8e1a898 docs: add tabs to cli code blocks (#18784) (Jay)
  • f3aeefb docs: rewrite using let and const in rule examples (#19320) (PoloSpark)
  • 0b680b3 docs: Update README (GitHub Actions Bot)
  • 98c86a9 docs: Edit this page button link to different branches (#19228) (Tanuj Kanti)
  • 6947901 docs: remove hardcoded edit link (#19323) (Milos Djermanovic)
  • 03f2f44 docs: rewrite var with const in rules examples (#19317) (Thiago)
  • 26c3003 docs: Clarify dangers of eslint:all (#19318) (Nicholas C. Zakas)
  • c038257 docs: add eqeqeq in related rules to no-eq-null (#19310) (루밀LuMir)
  • 89c8fc5 docs: rewrite examples with var using let and const (#19315) (Amaresh S M)
  • 495aa49 chore: extract package name from package.json for public interface (#19314) (루밀LuMir)
  • db574c4 docs: add missing backticks to no-void (#19313) (루밀LuMir)
  • 8d943c3 docs: add missing backticks to default-case-last (#19311) (루밀LuMir)
  • 36ef8bb docs: rewrite examples with var using let and const (#19298) (Amaresh S M)
  • 1610c9e docs: add missing backticks to no-else-return (#19309) (루밀LuMir)
  • df409d8 docs: Update README (GitHub Actions Bot)
  • e84e6e2 feat: Report allowed methods for no-console rule (#19306) (Anna Bocharova)
  • 2e84213 docs: Fix Horizontal Scroll Overflow in Rule Description on Mobile View (#19304) (Amaresh S M)
  • 6e7361b docs: replace var with let and const in rule example (#19302) (Tanuj Kanti)
  • 069af5e docs: rewrite var using const in rule examples (#19303) (Kim GyeonWon)
  • 064e35d docs: remove 'I hope to' comments from scope-manager-interface (#19300) (Josh Goldberg ✨)
  • 8e00305 docs: replace var with const in rule examples (#19299) (Tanuj Kanti)
  • a559009 docs: Add warning about extending core rules (#19295) (Nicholas C. Zakas)

... (truncated)

Commits

Updates globals from 15.13.0 to 15.14.0

Release notes

Sourced from globals's releases.

v15.14.0

  • Add vitest globals (#274) 06a5723

sindresorhus/globals@v15.13.0...v15.14.0

Commits

Updates typescript from 5.7.2 to 5.7.3

Release notes

Sourced from typescript's releases.

TypeScript 5.7.3

For release notes, check out the release announcement.

Downloads are available on npm

Commits
  • a5e123d Update LKG
  • 8bc0204 🤖 Pick PR #60828 (Fix CodeQL configuration, releases) into release-5.7 (#60923)
  • 7aa63df 🤖 Pick PR #60393 (Don't try to add an implicit undefi...) into release-5.7 (#...
  • 9df7c36 Bump version to 5.7.3 and LKG
  • e167412 🤖 Pick PR #60794 (Harden sanitizeLog against incorr...) into release-5.7 (#...
  • 9ba364c Fix coverage build on release-5.7 (#60792)
  • 4b7441a 🤖 Pick PR #60680 (Mark the inherited any-based index ...) into release-5.7 (#...
  • e844dc3 Cherry-pick #60402, #60440, #60616 into release-5.7 (#60777)
  • 21b02a1 🤖 Pick PR #60749 (Do not require import attribute on ...) into release-5.7 (#...
  • b82fd16 🤖 Pick PR #60576 (Avoid incorrectly reusing assertion...) into release-5.7 (#...
  • Additional commits viewable in compare view

Updates typescript-eslint from 8.17.0 to 8.23.0

Release notes

Sourced from typescript-eslint's releases.

v8.23.0

8.23.0 (2025-02-03)

🚀 Features

  • eslint-plugin: [no-unnecessary-boolean-literal-compare] enforce strictNullChecks (#10712)
  • types: add strict parent types for function-declaration, default-export and named-export nodes (#10685)

🩹 Fixes

  • bump ts-api-utils to ^2.0.1 (#10761)
  • deps: update eslint monorepo to v9.19.0 (#10752)
  • eslint-plugin: [no-unnecessary-type-assertion] should report readonly class properties with a literal initializer (#10618)
  • eslint-plugin: [switch-exhaustiveness-check] suggest with qualified name (#10697)
  • eslint-plugin: [no-unnecessary-template-expression] allow interpolating type parameter in type context (#10739)
  • eslint-plugin: [prefer-nullish-coalescing] fix missing return (#10732)
  • eslint-plugin: [dot-notation] handle noPropertyAccessFromIndexSignature true (#10644)
  • eslint-plugin: [no-restricted-imports] support regex option (#10699)
  • eslint-plugin: [no-shadow] ignore declare variables in definition files shadowing global variables (#10710)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

v8.22.0

8.22.0 (2025-01-27)

🚀 Features

  • parser: add standalone isolatedDeclarations option (#10499)

🩹 Fixes

  • eslint-plugin: [prefer-nullish-coalescing] doesn't report on ternary but on equivalent || (#10517)
  • eslint-plugin: [no-duplicate-type-constituents] handle nested types (#10638)
  • eslint-plugin: [no-shadow] don't report unnecessarily on valid ways of using module augmentation (#10616)
  • eslint-plugin: [no-extraneous-class] handle accessor keyword (#10678)
  • eslint-plugin: [prefer-readonly] autofixer doesn't add type to property that is mutated in the constructor (#10552)
  • eslint-plugin: [no-unnecessary-template-expression] handle template literal type (#10612)
  • type-utils: support matching intersection types in TypeOrValueSpecifier with a PackageSpecifier (#10667)

❤️ Thank You

... (truncated)

Changelog

Sourced from typescript-eslint's changelog.

8.23.0 (2025-02-03)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.22.0 (2025-01-27)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.21.0 (2025-01-20)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.20.0 (2025-01-13)

🚀 Features

  • eslint-plugin: [no-misused-spread] add new rule (#10551)

❤️ Thank You

  • Josh Goldberg ✨

You can read about our versioning strategy and releases on our website.

8.19.1 (2025-01-06)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.19.0 (2024-12-30)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.18.2 (2024-12-23)

🩹 Fixes

  • typescript-eslint: export types so that declarations can be named for dts files (#10513)

❤️ Thank You

... (truncated)

Commits
  • 2a96020 chore(release): publish 8.23.0
  • 94e8098 chore(release): publish 8.22.0
  • 79af426 chore(release): publish 8.21.0
  • a157fd4 chore: standardized on inline named exports (mostly) (#10596)
  • ea6fbea chore(release): publish 8.20.0
  • a175189 docs(typescript-eslint): make jsdoc for config helper function consistent (#1...
  • 04166e0 feat(eslint-plugin): [no-misused-spread] add new rule (#10551)
  • 328b7df chore(release): publish 8.19.1
  • 4f50f64 docs: [return-await] make the rule no longer an extension of ESLint no-return...
  • e19f30f chore(release): publish 8.19.0
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously r...

Description has been truncated

…ates

Bumps the development-dependencies group with 6 updates in the /backend directory:

| Package | From | To |
| --- | --- | --- |
| [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js) | `9.16.0` | `9.19.0` |
| [@types/express](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/express) | `4.17.21` | `5.0.0` |
| [eslint](https://github.com/eslint/eslint) | `9.16.0` | `9.19.0` |
| [globals](https://github.com/sindresorhus/globals) | `15.13.0` | `15.14.0` |
| [typescript](https://github.com/microsoft/TypeScript) | `5.7.2` | `5.7.3` |
| [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.17.0` | `8.23.0` |



Updates `@eslint/js` from 9.16.0 to 9.19.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/commits/v9.19.0/packages/js)

Updates `@types/express` from 4.17.21 to 5.0.0
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/express)

Updates `eslint` from 9.16.0 to 9.19.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](eslint/eslint@v9.16.0...v9.19.0)

Updates `globals` from 15.13.0 to 15.14.0
- [Release notes](https://github.com/sindresorhus/globals/releases)
- [Commits](sindresorhus/globals@v15.13.0...v15.14.0)

Updates `typescript` from 5.7.2 to 5.7.3
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml)
- [Commits](microsoft/TypeScript@v5.7.2...v5.7.3)

Updates `typescript-eslint` from 8.17.0 to 8.23.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.23.0/packages/typescript-eslint)

---
updated-dependencies:
- dependency-name: "@eslint/js"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: development-dependencies
- dependency-name: "@types/express"
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: development-dependencies
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: development-dependencies
- dependency-name: globals
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: development-dependencies
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: development-dependencies
- dependency-name: typescript-eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: development-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Feb 3, 2025
@github-actions
Copy link

github-actions bot commented Feb 3, 2025

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Scorecard details
PackageVersionScoreDetails
npm/@eslint/core 0.10.0 UnknownUnknown
npm/@eslint/js 9.19.0 🟢 6.8
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 27 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 6Found 19/30 approved changesets -- score normalized to 6
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Vulnerabilities🟢 100 existing vulnerabilities detected
Binary-Artifacts🟢 10no binaries found in the repo
Security-Policy🟢 10security policy file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases⚠️ -1no releases found
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
SAST🟢 10SAST tool is run on all commits
npm/@eslint/plugin-kit 0.2.5 UnknownUnknown
npm/@types/express 5.0.0 🟢 6.9
Details
CheckScoreReason
Code-Review🟢 8Found 26/30 approved changesets -- score normalized to 8
Maintained🟢 1030 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Security-Policy🟢 10security policy file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
License🟢 9license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Vulnerabilities🟢 100 existing vulnerabilities detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies🟢 8dependency not pinned by hash detected -- score normalized to 8
Fuzzing⚠️ 0project is not fuzzed
npm/@types/express-serve-static-core 5.0.6 🟢 6.9
Details
CheckScoreReason
Code-Review🟢 8Found 26/30 approved changesets -- score normalized to 8
Maintained🟢 1030 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Security-Policy🟢 10security policy file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
License🟢 9license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Vulnerabilities🟢 100 existing vulnerabilities detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies🟢 8dependency not pinned by hash detected -- score normalized to 8
Fuzzing⚠️ 0project is not fuzzed
npm/@types/qs 6.9.18 🟢 6.9
Details
CheckScoreReason
Code-Review🟢 8Found 26/30 approved changesets -- score normalized to 8
Maintained🟢 1030 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Security-Policy🟢 10security policy file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
License🟢 9license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Vulnerabilities🟢 100 existing vulnerabilities detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies🟢 8dependency not pinned by hash detected -- score normalized to 8
Fuzzing⚠️ 0project is not fuzzed
npm/@typescript-eslint/eslint-plugin 8.23.0 🟢 5.3
Details
CheckScoreReason
Code-Review🟢 8Found 20/25 approved changesets -- score normalized to 8
Maintained🟢 1030 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 10security policy file detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Packaging⚠️ -1packaging workflow not detected
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases⚠️ -1no releases found
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities⚠️ 024 existing vulnerabilities detected
npm/@typescript-eslint/parser 8.23.0 🟢 5.3
Details
CheckScoreReason
Code-Review🟢 8Found 20/25 approved changesets -- score normalized to 8
Maintained🟢 1030 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 10security policy file detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Packaging⚠️ -1packaging workflow not detected
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases⚠️ -1no releases found
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities⚠️ 024 existing vulnerabilities detected
npm/@typescript-eslint/scope-manager 8.23.0 🟢 5.3
Details
CheckScoreReason
Code-Review🟢 8Found 20/25 approved changesets -- score normalized to 8
Maintained🟢 1030 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 10security policy file detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Packaging⚠️ -1packaging workflow not detected
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases⚠️ -1no releases found
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities⚠️ 024 existing vulnerabilities detected
npm/@typescript-eslint/type-utils 8.23.0 🟢 5.3
Details
CheckScoreReason
Code-Review🟢 8Found 20/25 approved changesets -- score normalized to 8
Maintained🟢 1030 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 10security policy file detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Packaging⚠️ -1packaging workflow not detected
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases⚠️ -1no releases found
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities⚠️ 024 existing vulnerabilities detected
npm/@typescript-eslint/types 8.23.0 🟢 5.3
Details
CheckScoreReason
Code-Review🟢 8Found 20/25 approved changesets -- score normalized to 8
Maintained🟢 1030 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 10security policy file detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Packaging⚠️ -1packaging workflow not detected
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases⚠️ -1no releases found
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities⚠️ 024 existing vulnerabilities detected
npm/@typescript-eslint/typescript-estree 8.23.0 🟢 5.3
Details
CheckScoreReason
Code-Review🟢 8Found 20/25 approved changesets -- score normalized to 8
Maintained🟢 1030 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 10security policy file detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Packaging⚠️ -1packaging workflow not detected
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases⚠️ -1no releases found
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities⚠️ 024 existing vulnerabilities detected
npm/@typescript-eslint/utils 8.23.0 🟢 5.3
Details
CheckScoreReason
Code-Review🟢 8Found 20/25 approved changesets -- score normalized to 8
Maintained🟢 1030 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 10security policy file detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Packaging⚠️ -1packaging workflow not detected
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases⚠️ -1no releases found
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities⚠️ 024 existing vulnerabilities detected
npm/@typescript-eslint/visitor-keys 8.23.0 🟢 5.3
Details
CheckScoreReason
Code-Review🟢 8Found 20/25 approved changesets -- score normalized to 8
Maintained🟢 1030 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 10security policy file detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Packaging⚠️ -1packaging workflow not detected
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases⚠️ -1no releases found
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities⚠️ 024 existing vulnerabilities detected
npm/cross-spawn 7.0.6 🟢 3.8
Details
CheckScoreReason
Maintained🟢 1012 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Code-Review⚠️ 2Found 8/29 approved changesets -- score normalized to 2
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies🟢 3dependency not pinned by hash detected -- score normalized to 3
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Security-Policy⚠️ 0security policy file not detected
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities⚠️ 044 existing vulnerabilities detected
npm/eslint 9.19.0 🟢 6.8
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 27 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 6Found 19/30 approved changesets -- score normalized to 6
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Vulnerabilities🟢 100 existing vulnerabilities detected
Binary-Artifacts🟢 10no binaries found in the repo
Security-Policy🟢 10security policy file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases⚠️ -1no releases found
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
SAST🟢 10SAST tool is run on all commits
npm/fast-glob 3.3.3 🟢 4.9
Details
CheckScoreReason
Code-Review⚠️ 0Found 1/13 approved changesets -- score normalized to 0
Maintained🟢 1030 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Security-Policy⚠️ 0security policy file not detected
License🟢 10license file detected
Vulnerabilities🟢 100 existing vulnerabilities detected
Fuzzing⚠️ 0project is not fuzzed
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
SAST🟢 9SAST tool detected but not run on all commits
npm/fastq 1.19.0 🟢 4.9
Details
CheckScoreReason
Packaging⚠️ -1packaging workflow not detected
Binary-Artifacts🟢 10no binaries found in the repo
Maintained🟢 54 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 5
Code-Review🟢 4Found 13/28 approved changesets -- score normalized to 4
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Security-Policy🟢 10security policy file detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Vulnerabilities🟢 100 existing vulnerabilities detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/globals 15.14.0 🟢 4.9
Details
CheckScoreReason
Maintained🟢 56 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 5
Code-Review🟢 4Found 11/24 approved changesets -- score normalized to 4
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Security-Policy🟢 10security policy file detected
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Fuzzing⚠️ 0project is not fuzzed
Vulnerabilities🟢 100 existing vulnerabilities detected
License🟢 10license file detected
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Signed-Releases⚠️ -1no releases found
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/semver 7.7.0 🟢 7
Details
CheckScoreReason
Maintained🟢 87 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 8
Security-Policy🟢 10security policy file detected
Code-Review🟢 10all changesets reviewed
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Vulnerabilities🟢 100 existing vulnerabilities detected
Binary-Artifacts🟢 10no binaries found in the repo
License🟢 10license file detected
Packaging⚠️ -1packaging workflow not detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases⚠️ -1no releases found
SAST🟢 9SAST tool detected but not run on all commits
npm/ts-api-utils 2.0.1 UnknownUnknown
npm/typescript 5.7.3 🟢 8.7
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
CI-Tests🟢 1030 out of 30 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Code-Review🟢 10all changesets reviewed
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 6dependency not pinned by hash detected -- score normalized to 6
SAST🟢 10SAST tool is run on all commits
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Vulnerabilities🟢 100 existing vulnerabilities detected
npm/typescript-eslint 8.23.0 🟢 5.3
Details
CheckScoreReason
Code-Review🟢 8Found 20/25 approved changesets -- score normalized to 8
Maintained🟢 1030 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 10security policy file detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Packaging⚠️ -1packaging workflow not detected
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases⚠️ -1no releases found
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities⚠️ 024 existing vulnerabilities detected
npm/@eslint/js ^9.19.0 🟢 6.8
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 27 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 6Found 19/30 approved changesets -- score normalized to 6
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Vulnerabilities🟢 100 existing vulnerabilities detected
Binary-Artifacts🟢 10no binaries found in the repo
Security-Policy🟢 10security policy file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases⚠️ -1no releases found
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
SAST🟢 10SAST tool is run on all commits
npm/@types/express ^5.0.0 🟢 6.9
Details
CheckScoreReason
Code-Review🟢 8Found 26/30 approved changesets -- score normalized to 8
Maintained🟢 1030 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Security-Policy🟢 10security policy file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
License🟢 9license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Vulnerabilities🟢 100 existing vulnerabilities detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies🟢 8dependency not pinned by hash detected -- score normalized to 8
Fuzzing⚠️ 0project is not fuzzed
npm/eslint 9.19 🟢 6.8
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 27 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 6Found 19/30 approved changesets -- score normalized to 6
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Vulnerabilities🟢 100 existing vulnerabilities detected
Binary-Artifacts🟢 10no binaries found in the repo
Security-Policy🟢 10security policy file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases⚠️ -1no releases found
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
SAST🟢 10SAST tool is run on all commits
npm/globals ^15.14.0 🟢 4.9
Details
CheckScoreReason
Maintained🟢 56 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 5
Code-Review🟢 4Found 11/24 approved changesets -- score normalized to 4
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Security-Policy🟢 10security policy file detected
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Fuzzing⚠️ 0project is not fuzzed
Vulnerabilities🟢 100 existing vulnerabilities detected
License🟢 10license file detected
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Signed-Releases⚠️ -1no releases found
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/typescript ^5.7.3 🟢 8.7
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
CI-Tests🟢 1030 out of 30 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Code-Review🟢 10all changesets reviewed
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 6dependency not pinned by hash detected -- score normalized to 6
SAST🟢 10SAST tool is run on all commits
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Vulnerabilities🟢 100 existing vulnerabilities detected
npm/typescript-eslint ^8.23.0 🟢 5.3
Details
CheckScoreReason
Code-Review🟢 8Found 20/25 approved changesets -- score normalized to 8
Maintained🟢 1030 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 10security policy file detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Packaging⚠️ -1packaging workflow not detected
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases⚠️ -1no releases found
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities⚠️ 024 existing vulnerabilities detected

Scanned Files

  • backend/package-lock.json
  • backend/package.json

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Feb 4, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Feb 4, 2025
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/backend/development-dependencies-9d8bf82e07 branch February 4, 2025 21:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants

Comments