Skip to content

Bump the production-dependencies group across 1 directory with 13 updates#93

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/frontend/production-dependencies-61b26cb21f
Closed

Bump the production-dependencies group across 1 directory with 13 updates#93
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/frontend/production-dependencies-61b26cb21f

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 16, 2024

Bumps the production-dependencies group with 13 updates in the /frontend directory:

Package From To
@angular/animations 18.2.12 19.0.4
@angular/cdk 18.2.13 19.0.3
@angular/common 18.2.12 19.0.4
@angular/compiler 18.2.12 19.0.4
@angular/core 18.2.12 19.0.4
@angular/forms 18.2.12 19.0.4
@angular/material 18.2.13 19.0.3
@angular/platform-browser 18.2.12 19.0.4
@angular/platform-browser-dynamic 18.2.12 19.0.4
@angular/router 18.2.12 19.0.4
@octokit/types 13.6.1 13.6.2
cronstrue 2.51.0 2.52.0
highcharts 11.4.8 12.0.2

Updates @angular/animations from 18.2.12 to 19.0.4

Release notes

Sourced from @​angular/animations's releases.

v19.0.4

19.0.4 (2024-12-12)

compiler-cli

Commit Description
fix - 7e612171709 consider pre-release versions when detecting feature support (#59061)
fix - cd764a31152 error in unused standalone imports diagnostic (#59064)

core

Commit Description
fix - 34ded10fa60 Fix a bug where snapshotted functions are being run twice if they return a nullish/falsey value. (#59073)

platform-browser

Commit Description
fix - ae0802d63c5 collect external component styles from server rendering (#59031)

v19.0.3

19.0.3 (2024-12-04)

v19.0.2

19.0.2 (2024-12-04)

compiler-cli

Commit Description
fix - 9f99196d23 account for multiple generated namespace imports in HMR (#58924)

core

Commit Description
fix - 4792db9a6d Explicitly manage TracingSnapshot lifecycle and dispose of it once it's been used. (#58929)

migrations

Commit Description
fix - 7b5bacc228 class content being deleted in some edge cases (#58959)
fix - d1cbdd6acb correctly strip away parameters surrounded by comments in inject migration (#58959)
fix - e17ff71c31 don't migrate classes with parameters that can't be injected (#58959)
fix - 7c5f990001 inject migration aggressively removing imports (#58959)
fix - 4392ccedf9 inject migration dropping code if everything except super is removed (#58959)
fix - 9cbebc6dda preserve type literals and tuples in inject migrations (#58959)

platform-server

Commit Description
fix - f3c388ecda remove peer dependency on animations (#58997)

v19.0.1

19.0.1 (2024-11-26)

compiler-cli

... (truncated)

Changelog

Sourced from @​angular/animations's changelog.

19.0.4 (2024-12-12)

compiler-cli

Commit Type Description
7e612171709 fix consider pre-release versions when detecting feature support (#59061)
cd764a31152 fix error in unused standalone imports diagnostic (#59064)

core

Commit Type Description
34ded10fa60 fix Fix a bug where snapshotted functions are being run twice if they return a nullish/falsey value. (#59073)

platform-browser

Commit Type Description
ae0802d63c5 fix collect external component styles from server rendering (#59031)

19.1.0-next.2 (2024-12-04)

19.0.3 (2024-12-04)

19.1.0-next.1 (2024-12-04)

compiler-cli

Commit Type Description
f280467398 fix account for multiple generated namespace imports in HMR (#58924)

core

Commit Type Description
e894a5daea feat set kind field on template and effect nodes (#58865)
3b765367f3 fix Explicitly manage TracingSnapshot lifecycle and dispose of it once it's been used. (#58929)

migrations

Commit Type Description
e31e52e177 fix class content being deleted in some edge cases (#58959)
508d3a1b3b fix correctly strip away parameters surrounded by comments in inject migration (#58959)
7191aa6e09 fix don't migrate classes with parameters that can't be injected (#58959)
a4924af6d5 fix inject migration aggressively removing imports (#58959)
35165d152d fix inject migration dropping code if everything except super is removed (#58959)
68e5ba7a3a fix preserve type literals and tuples in inject migrations (#58959)

platform-server

Commit Type Description

... (truncated)

Commits
  • 5f3ba06 docs: set syntax highlighting of code examples MD code blocks (#59026)
  • b8a2ae0 docs: fix missing alert block styles in the API reference (#59020)
  • 09df589 refactor(core): Migrate all packages with the explicit-standalone-flag sche...
  • 84b6896 refactor(platform-server): Add an ssr benchmark setup. (#57647)
  • 9dbe6fc refactor: update license text to point to angular.dev (#57901)
  • See full diff in compare view

Updates @angular/cdk from 18.2.13 to 19.0.3

Release notes

Sourced from @​angular/cdk's releases.

v19.0.3

19.0.3 "polonium-popsicle" (2024-12-11)

material

Commit Description
fix - 7b64c451e6 expansion: switch away from animations module (#30119)
fix - d18c3395d8 menu: decouple menu lifecycle from animations (#30148)
fix - 3ea8cf5c31 paginator: ignore clicks on disabled buttons (#30138)
fix - fbaf286f9c select: add opt-in input that allows selection of nullable options (#30142)
fix - 600a8b04f9 timepicker: deserialize ControlValueAccessor values correctly (#30149)
fix - 4b69162998 timepicker: disable toggle if timepicker is disabled (#30137)

v19.0.2

19.0.2 "plastic-rhino" (2024-12-04)

youtube-player

Commit Description
fix - 1d3905a208 update to latest typings (#30126)

material

Commit Description
fix - 0ed9869529 button-toggle: unable to tab into ngModel-based group on first render (#30103)
fix - 72ff6fcce3 core: optgroup label color not inferred correctly (#30085)
fix - c395585446 schematics: avoid parsing stylesheets that don't include Material
fix - 5b3350a60e schematics: error if stylesheet contains syntax errors
fix - 1235ad28bc sort: simplify animations (#30057)
fix - 5b165067e8 tabs: ink bar not showing when same tab is re-selected (#30121)

cdk

Commit Description
fix - 460f971b27 accordion: improve accessibility in example code (#30087)
fix - 6306a12c12 menu: disable flexible dimensions (#30086)

v19.0.1

19.0.1 "mercury-mailbox" (2024-11-27)

material

Commit Description
fix - 2d7e078bb button-toggle: animate checkbox (#30025)
fix - edac40645 chips: emit state changes when chip grid is disabled (#30033)
fix - 18f7f4bb9 datepicker: adds comparison ids and aria-describedby spans (#30040)
fix - 375435497 slider: update documentation (#30029)
fix - a31201475 timepicker: make disabled input public (#30063)

docs

Commit Description
fix - f9d9d2c81 update errorState example to cover handle missing state (#30059)

... (truncated)

Changelog

Sourced from @​angular/cdk's changelog.

19.0.3 "polonium-popsicle" (2024-12-11)

material

Commit Type Description
7b64c451e6 fix expansion: switch away from animations module (#30119)
d18c3395d8 fix menu: decouple menu lifecycle from animations (#30148)
3ea8cf5c31 fix paginator: ignore clicks on disabled buttons (#30138)
fbaf286f9c fix select: add opt-in input that allows selection of nullable options (#30142)
600a8b04f9 fix timepicker: deserialize ControlValueAccessor values correctly (#30149)
4b69162998 fix timepicker: disable toggle if timepicker is disabled (#30137)

19.1.0-next.1 "plastic-monkey" (2024-12-04)

cdk

Commit Type Description
de6c491892 fix accordion: improve accessibility in example code (#30087)
85d26391e4 fix menu: disable flexible dimensions (#30086)

material

Commit Type Description
f0a767ca0f fix button-toggle: unable to tab into ngModel-based group on first render (#30103)
6962c85837 fix core: optgroup label color not inferred correctly (#30085)
4ef3baaf08 fix schematics: avoid parsing stylesheets that don't include Material
c89192639c fix schematics: error if stylesheet contains syntax errors
a08eeebf6b fix sort: simplify animations (#30057)
a028b5d842 fix tabs: ink bar not showing when same tab is re-selected (#30121)

youtube-player

Commit Type Description
8a55d9a09e fix update to latest typings (#30126)

docs

Commit Type Description
d7fc560140 fix add example for adding icon in meta section using matListI… (#30068)

19.0.2 "plastic-rhino" (2024-12-04)

cdk

Commit Type Description
460f971b27 fix accordion: improve accessibility in example code (#30087)
6306a12c12 fix menu: disable flexible dimensions (#30086)

material

Commit Type Description

... (truncated)

Commits
  • 431b031 release: cut the v19.0.3 release
  • aba043b Revert "docs: archive changelog before v17" (#30168)
  • d18c339 fix(material/menu): decouple menu lifecycle from animations (#30148)
  • fbaf286 fix(material/select): add opt-in input that allows selection of nullable opti...
  • 600a8b0 fix(material/timepicker): deserialize ControlValueAccessor values correctly (...
  • f8cf936 docs: archive changelog before v17 (#30147)
  • 3ea8cf5 fix(material/paginator): ignore clicks on disabled buttons (#30138)
  • 4b69162 fix(material/timepicker): disable toggle if timepicker is disabled (#30137)
  • 1f854a2 ci: update to latest version of dev-infra actions (#30133)
  • 7b64c45 fix(material/expansion): switch away from animations module (#30119)
  • Additional commits viewable in compare view

Updates @angular/common from 18.2.12 to 19.0.4

Release notes

Sourced from @​angular/common's releases.

v19.0.4

19.0.4 (2024-12-12)

compiler-cli

Commit Description
fix - 7e612171709 consider pre-release versions when detecting feature support (#59061)
fix - cd764a31152 error in unused standalone imports diagnostic (#59064)

core

Commit Description
fix - 34ded10fa60 Fix a bug where snapshotted functions are being run twice if they return a nullish/falsey value. (#59073)

platform-browser

Commit Description
fix - ae0802d63c5 collect external component styles from server rendering (#59031)

v19.0.3

19.0.3 (2024-12-04)

v19.0.2

19.0.2 (2024-12-04)

compiler-cli

Commit Description
fix - 9f99196d23 account for multiple generated namespace imports in HMR (#58924)

core

Commit Description
fix - 4792db9a6d Explicitly manage TracingSnapshot lifecycle and dispose of it once it's been used. (#58929)

migrations

Commit Description
fix - 7b5bacc228 class content being deleted in some edge cases (#58959)
fix - d1cbdd6acb correctly strip away parameters surrounded by comments in inject migration (#58959)
fix - e17ff71c31 don't migrate classes with parameters that can't be injected (#58959)
fix - 7c5f990001 inject migration aggressively removing imports (#58959)
fix - 4392ccedf9 inject migration dropping code if everything except super is removed (#58959)
fix - 9cbebc6dda preserve type literals and tuples in inject migrations (#58959)

platform-server

Commit Description
fix - f3c388ecda remove peer dependency on animations (#58997)

v19.0.1

19.0.1 (2024-11-26)

compiler-cli

... (truncated)

Changelog

Sourced from @​angular/common's changelog.

19.0.4 (2024-12-12)

compiler-cli

Commit Type Description
7e612171709 fix consider pre-release versions when detecting feature support (#59061)
cd764a31152 fix error in unused standalone imports diagnostic (#59064)

core

Commit Type Description
34ded10fa60 fix Fix a bug where snapshotted functions are being run twice if they return a nullish/falsey value. (#59073)

platform-browser

Commit Type Description
ae0802d63c5 fix collect external component styles from server rendering (#59031)

19.1.0-next.2 (2024-12-04)

19.0.3 (2024-12-04)

19.1.0-next.1 (2024-12-04)

compiler-cli

Commit Type Description
f280467398 fix account for multiple generated namespace imports in HMR (#58924)

core

Commit Type Description
e894a5daea feat set kind field on template and effect nodes (#58865)
3b765367f3 fix Explicitly manage TracingSnapshot lifecycle and dispose of it once it's been used. (#58929)

migrations

Commit Type Description
e31e52e177 fix class content being deleted in some edge cases (#58959)
508d3a1b3b fix correctly strip away parameters surrounded by comments in inject migration (#58959)
7191aa6e09 fix don't migrate classes with parameters that can't be injected (#58959)
a4924af6d5 fix inject migration aggressively removing imports (#58959)
35165d152d fix inject migration dropping code if everything except super is removed (#58959)
68e5ba7a3a fix preserve type literals and tuples in inject migrations (#58959)

platform-server

Commit Type Description

... (truncated)

Commits
  • 326337e refactor: replace ɵPendingTasks with ɵPendingTasksInternal (#59138)
  • ffae7df refactor(http): Don't log fetch warning in tests. (#59049)
  • 0c40bb2 refactor(docs-infra): convert code-example-s that have only region param to @...
  • 5f3ba06 docs: set syntax highlighting of code examples MD code blocks (#59026)
  • 0df7b1e refactor(common): remove standalone: true (#58949)
  • b8a2ae0 docs: fix missing alert block styles in the API reference (#59020)
  • ea0bf74 refactor(core): use ApplicationRef.whenStable instead of a custom util func...
  • 7dfb127 refactor: add @__PURE__ next to @pureOrBreakMyCode for improved bundler c...
  • da9c0c5 refactor: cleanup initializers that use ctor params (#58349)
  • 24c6373 feat(common): add optional rounded transform support in cloudinary image load...
  • Additional commits viewable in compare view

Updates @angular/compiler from 18.2.12 to 19.0.4

Release notes

Sourced from @​angular/compiler's releases.

v19.0.4

19.0.4 (2024-12-12)

compiler-cli

Commit Description
fix - 7e612171709 consider pre-release versions when detecting feature support (#59061)
fix - cd764a31152 error in unused standalone imports diagnostic (#59064)

core

Commit Description
fix - 34ded10fa60 Fix a bug where snapshotted functions are being run twice if they return a nullish/falsey value. (#59073)

platform-browser

Commit Description
fix - ae0802d63c5 collect external component styles from server rendering (#59031)

v19.0.3

19.0.3 (2024-12-04)

v19.0.2

19.0.2 (2024-12-04)

compiler-cli

Commit Description
fix - 9f99196d23 account for multiple generated namespace imports in HMR (#58924)

core

Commit Description
fix - 4792db9a6d Explicitly manage TracingSnapshot lifecycle and dispose of it once it's been used. (#58929)

migrations

Commit Description
fix - 7b5bacc228 class content being deleted in some edge cases (#58959)
fix - d1cbdd6acb correctly strip away parameters surrounded by comments in inject migration (#58959)
fix - e17ff71c31 don't migrate classes with parameters that can't be injected (#58959)
fix - 7c5f990001 inject migration aggressively removing imports (#58959)
fix - 4392ccedf9 inject migration dropping code if everything except super is removed (#58959)
fix - 9cbebc6dda preserve type literals and tuples in inject migrations (#58959)

platform-server

Commit Description
fix - f3c388ecda remove peer dependency on animations (#58997)

v19.0.1

19.0.1 (2024-11-26)

compiler-cli

... (truncated)

Changelog

Sourced from @​angular/compiler's changelog.

19.0.4 (2024-12-12)

compiler-cli

Commit Type Description
7e612171709 fix consider pre-release versions when detecting feature support (#59061)
cd764a31152 fix error in unused standalone imports diagnostic (#59064)

core

Commit Type Description
34ded10fa60 fix Fix a bug where snapshotted functions are being run twice if they return a nullish/falsey value. (#59073)

platform-browser

Commit Type Description
ae0802d63c5 fix collect external component styles from server rendering (#59031)

19.1.0-next.2 (2024-12-04)

19.0.3 (2024-12-04)

19.1.0-next.1 (2024-12-04)

compiler-cli

Commit Type Description
f280467398 fix account for multiple generated namespace imports in HMR (#58924)

core

Commit Type Description
e894a5daea feat set kind field on template and effect nodes (#58865)
3b765367f3 fix Explicitly manage TracingSnapshot lifecycle and dispose of it once it's been used. (#58929)

migrations

Commit Type Description
e31e52e177 fix class content being deleted in some edge cases (#58959)
508d3a1b3b fix correctly strip away parameters surrounded by comments in inject migration (#58959)
7191aa6e09 fix don't migrate classes with parameters that can't be injected (#58959)
a4924af6d5 fix inject migration aggressively removing imports (#58959)
35165d152d fix inject migration dropping code if everything except super is removed (#58959)
68e5ba7a3a fix preserve type literals and tuples in inject migrations (#58959)

platform-server

Commit Type Description

... (truncated)

Commits
  • b58123b refactor(compiler): remove circular dep in the output ast (#59083)
  • 5f3ba06 docs: set syntax highlighting of code examples MD code blocks (#59026)
  • b182806 refactor(compiler): remove allowInvalidAssignmentEvents flag (#58988)
  • 9f99196 fix(compiler-cli): account for multiple generated namespace imports in HMR (#...
  • d23a5d5 refactor(core): Consolidates shouldTrigger* methods down to one (#58833)
  • d6da631 refactor(compiler): Adds ingest and flags for defer details (#58833)
  • 4852e57 docs: capitalize webpack with a lowercase W (#56812)
  • fb1fa8b fix(compiler-cli): more accurate diagnostics for host binding parser errors (...
  • 806a61b fix(compiler): fix multiline selectors (#58681)
  • e5d3abb fix(compiler): resolve :host:host-context(.foo) (#58681)
  • Additional commits viewable in compare view

Updates @angular/core from 18.2.12 to 19.0.4

Release notes

Sourced from @​angular/core's releases.

v19.0.4

19.0.4 (2024-12-12)

compiler-cli

Commit Description
fix - 7e612171709 consider pre-release versions when detecting feature support (#59061)
fix - cd764a31152 error in unused standalone imports diagnostic (#59064)

core

Commit Description
fix - 34ded10fa60 Fix a bug where snapshotted functions are being run twice if they return a nullish/falsey value. (#59073)

platform-browser

Commit Description
fix - ae0802d63c5 collect external component styles from server rendering (#59031)

v19.0.3

19.0.3 (2024-12-04)

v19.0.2

19.0.2 (2024-12-04)

compiler-cli

Commit Description
fix - 9f99196d23 account for multiple generated namespace imports in HMR (#58924)

core

Commit Description
fix - 4792db9a6d Explicitly manage TracingSnapshot lifecycle and dispose of it once it's been used. (

…ates

Bumps the production-dependencies group with 13 updates in the /frontend directory:

| Package | From | To |
| --- | --- | --- |
| [@angular/animations](https://github.com/angular/angular/tree/HEAD/packages/animations) | `18.2.12` | `19.0.4` |
| [@angular/cdk](https://github.com/angular/components) | `18.2.13` | `19.0.3` |
| [@angular/common](https://github.com/angular/angular/tree/HEAD/packages/common) | `18.2.12` | `19.0.4` |
| [@angular/compiler](https://github.com/angular/angular/tree/HEAD/packages/compiler) | `18.2.12` | `19.0.4` |
| [@angular/core](https://github.com/angular/angular/tree/HEAD/packages/core) | `18.2.12` | `19.0.4` |
| [@angular/forms](https://github.com/angular/angular/tree/HEAD/packages/forms) | `18.2.12` | `19.0.4` |
| [@angular/material](https://github.com/angular/components) | `18.2.13` | `19.0.3` |
| [@angular/platform-browser](https://github.com/angular/angular/tree/HEAD/packages/platform-browser) | `18.2.12` | `19.0.4` |
| [@angular/platform-browser-dynamic](https://github.com/angular/angular/tree/HEAD/packages/platform-browser-dynamic) | `18.2.12` | `19.0.4` |
| [@angular/router](https://github.com/angular/angular/tree/HEAD/packages/router) | `18.2.12` | `19.0.4` |
| [@octokit/types](https://github.com/octokit/types.ts) | `13.6.1` | `13.6.2` |
| [cronstrue](https://github.com/bradymholt/cronstrue) | `2.51.0` | `2.52.0` |
| [highcharts](https://github.com/highcharts/highcharts-dist) | `11.4.8` | `12.0.2` |



Updates `@angular/animations` from 18.2.12 to 19.0.4
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/19.0.4/packages/animations)

Updates `@angular/cdk` from 18.2.13 to 19.0.3
- [Release notes](https://github.com/angular/components/releases)
- [Changelog](https://github.com/angular/components/blob/main/CHANGELOG.md)
- [Commits](angular/components@18.2.13...19.0.3)

Updates `@angular/common` from 18.2.12 to 19.0.4
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/19.0.4/packages/common)

Updates `@angular/compiler` from 18.2.12 to 19.0.4
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/19.0.4/packages/compiler)

Updates `@angular/core` from 18.2.12 to 19.0.4
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/19.0.4/packages/core)

Updates `@angular/forms` from 18.2.12 to 19.0.4
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/19.0.4/packages/forms)

Updates `@angular/material` from 18.2.13 to 19.0.3
- [Release notes](https://github.com/angular/components/releases)
- [Changelog](https://github.com/angular/components/blob/main/CHANGELOG.md)
- [Commits](angular/components@18.2.13...19.0.3)

Updates `@angular/platform-browser` from 18.2.12 to 19.0.4
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/19.0.4/packages/platform-browser)

Updates `@angular/platform-browser-dynamic` from 18.2.12 to 19.0.4
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/19.0.4/packages/platform-browser-dynamic)

Updates `@angular/router` from 18.2.12 to 19.0.4
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/19.0.4/packages/router)

Updates `@octokit/types` from 13.6.1 to 13.6.2
- [Release notes](https://github.com/octokit/types.ts/releases)
- [Commits](octokit/types.ts@v13.6.1...v13.6.2)

Updates `cronstrue` from 2.51.0 to 2.52.0
- [Release notes](https://github.com/bradymholt/cronstrue/releases)
- [Changelog](https://github.com/bradymholt/cRonstrue/blob/main/CHANGELOG.md)
- [Commits](bradymholt/cRonstrue@v2.51.0...v2.52.0)

Updates `highcharts` from 11.4.8 to 12.0.2
- [Commits](highcharts/highcharts-dist@v11.4.8...v12.0.2)

---
updated-dependencies:
- dependency-name: "@angular/animations"
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: "@angular/cdk"
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: "@angular/common"
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: "@angular/compiler"
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: "@angular/core"
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: "@angular/forms"
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: "@angular/material"
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: "@angular/platform-browser"
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: "@angular/platform-browser-dynamic"
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: "@angular/router"
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: "@octokit/types"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: cronstrue
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: highcharts
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Dec 16, 2024
@github-actions
Copy link

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 1 package(s) with unknown licenses.
See the Details below.

License Issues

frontend/package.json

PackageVersionLicenseIssue Type
highcharts^12.0.2NullUnknown License

OpenSSF Scorecard

Scorecard details
PackageVersionScoreDetails
npm/@angular/animations 19.0.4 🟢 6.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 101 out of 1 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 38 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 068 existing vulnerabilities detected
npm/@angular/cdk 19.0.3 🟢 7.4
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 1029 out of 29 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: in_progress
Code-Review🟢 10all changesets reviewed
Contributors🟢 1021 different organizations found -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) out of 30 and 10 issue activity out of 30 found in the last 90 days -- score normalized to 10
Packaging⚠️ -1no published package detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions🟢 8detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 050 existing vulnerabilities detected
npm/@angular/common 19.0.4 🟢 6.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 101 out of 1 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 38 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 068 existing vulnerabilities detected
npm/@angular/compiler 19.0.4 🟢 6.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 101 out of 1 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 38 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 068 existing vulnerabilities detected
npm/@angular/core 19.0.4 🟢 6.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 101 out of 1 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 38 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 068 existing vulnerabilities detected
npm/@angular/forms 19.0.4 🟢 6.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 101 out of 1 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 38 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 068 existing vulnerabilities detected
npm/@angular/material 19.0.3 🟢 7.4
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 1029 out of 29 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: in_progress
Code-Review🟢 10all changesets reviewed
Contributors🟢 1021 different organizations found -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) out of 30 and 10 issue activity out of 30 found in the last 90 days -- score normalized to 10
Packaging⚠️ -1no published package detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions🟢 8detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 050 existing vulnerabilities detected
npm/@angular/platform-browser 19.0.4 🟢 6.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 101 out of 1 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 38 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 068 existing vulnerabilities detected
npm/@angular/platform-browser-dynamic 19.0.4 🟢 6.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 101 out of 1 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 38 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 068 existing vulnerabilities detected
npm/@angular/router 19.0.4 🟢 6.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 101 out of 1 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 38 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 068 existing vulnerabilities detected
npm/@octokit/types 13.6.2 🟢 7.3
Details
CheckScoreReason
Maintained🟢 99 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 9
Binary-Artifacts🟢 10no binaries found in the repo
Code-Review🟢 10all changesets reviewed
Security-Policy🟢 9security policy file detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Pinned-Dependencies🟢 3dependency not pinned by hash detected -- score normalized to 3
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Signed-Releases⚠️ -1no releases found
Fuzzing⚠️ 0project is not fuzzed
Packaging🟢 10packaging workflow detected
SAST🟢 10SAST tool is run on all commits
Vulnerabilities🟢 82 existing vulnerabilities detected
npm/cronstrue 2.52.0 🟢 3.6
Details
CheckScoreReason
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Code-Review⚠️ 2Found 8/28 approved changesets -- score normalized to 2
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Maintained🟢 54 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 5
Packaging⚠️ -1packaging workflow not detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
License🟢 10license file detected
Security-Policy⚠️ 0security policy file not detected
Fuzzing⚠️ 0project is not fuzzed
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities🟢 55 existing vulnerabilities detected
npm/highcharts 12.0.2 🟢 3.3
Details
CheckScoreReason
Maintained🟢 56 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5
Packaging⚠️ -1packaging workflow not detected
Code-Review⚠️ 0Found 1/28 approved changesets -- score normalized to 0
Token-Permissions⚠️ -1No tokens found
Dangerous-Workflow⚠️ -1no workflows found
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Security-Policy⚠️ 0security policy file not detected
Vulnerabilities🟢 100 existing vulnerabilities detected
Signed-Releases⚠️ -1no releases found
License⚠️ 0license file not detected
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Binary-Artifacts🟢 10no binaries found in the repo
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies⚠️ -1no dependencies found
Fuzzing⚠️ 0project is not fuzzed
npm/zone.js 0.15.0 🟢 6.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 101 out of 1 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 38 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 068 existing vulnerabilities detected
npm/@angular/animations ^19.0.4 🟢 6.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 101 out of 1 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 38 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 068 existing vulnerabilities detected
npm/@angular/cdk ^19.0.3 🟢 7.4
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 1029 out of 29 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: in_progress
Code-Review🟢 10all changesets reviewed
Contributors🟢 1021 different organizations found -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) out of 30 and 10 issue activity out of 30 found in the last 90 days -- score normalized to 10
Packaging⚠️ -1no published package detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions🟢 8detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 050 existing vulnerabilities detected
npm/@angular/common ^19.0.4 🟢 6.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 101 out of 1 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 38 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 068 existing vulnerabilities detected
npm/@angular/compiler ^19.0.4 🟢 6.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 101 out of 1 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 38 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 068 existing vulnerabilities detected
npm/@angular/core ^19.0.4 🟢 6.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 101 out of 1 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 38 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 068 existing vulnerabilities detected
npm/@angular/forms ^19.0.4 🟢 6.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 101 out of 1 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 38 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 068 existing vulnerabilities detected
npm/@angular/material ^19.0.3 🟢 7.4
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 1029 out of 29 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: in_progress
Code-Review🟢 10all changesets reviewed
Contributors🟢 1021 different organizations found -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) out of 30 and 10 issue activity out of 30 found in the last 90 days -- score normalized to 10
Packaging⚠️ -1no published package detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions🟢 8detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 050 existing vulnerabilities detected
npm/@angular/platform-browser ^19.0.4 🟢 6.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 101 out of 1 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 38 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 068 existing vulnerabilities detected
npm/@angular/platform-browser-dynamic ^19.0.4 🟢 6.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 101 out of 1 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 38 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 068 existing vulnerabilities detected
npm/@angular/router ^19.0.4 🟢 6.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 101 out of 1 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 38 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 068 existing vulnerabilities detected
npm/@octokit/types ^13.6.2 🟢 7.3
Details
CheckScoreReason
Maintained🟢 99 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 9
Binary-Artifacts🟢 10no binaries found in the repo
Code-Review🟢 10all changesets reviewed
Security-Policy🟢 9security policy file detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Pinned-Dependencies🟢 3dependency not pinned by hash detected -- score normalized to 3
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Signed-Releases⚠️ -1no releases found
Fuzzing⚠️ 0project is not fuzzed
Packaging🟢 10packaging workflow detected
SAST🟢 10SAST tool is run on all commits
Vulnerabilities🟢 82 existing vulnerabilities detected
npm/cronstrue ^2.52.0 🟢 3.6
Details
CheckScoreReason
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Code-Review⚠️ 2Found 8/28 approved changesets -- score normalized to 2
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Maintained🟢 54 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 5
Packaging⚠️ -1packaging workflow not detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
License🟢 10license file detected
Security-Policy⚠️ 0security policy file not detected
Fuzzing⚠️ 0project is not fuzzed
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities🟢 55 existing vulnerabilities detected
npm/highcharts ^12.0.2 🟢 3.3
Details
CheckScoreReason
Maintained🟢 56 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5
Packaging⚠️ -1packaging workflow not detected
Code-Review⚠️ 0Found 1/28 approved changesets -- score normalized to 0
Token-Permissions⚠️ -1No tokens found
Dangerous-Workflow⚠️ -1no workflows found
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Security-Policy⚠️ 0security policy file not detected
Vulnerabilities🟢 100 existing vulnerabilities detected
Signed-Releases⚠️ -1no releases found
License⚠️ 0license file not detected
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Binary-Artifacts🟢 10no binaries found in the repo
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies⚠️ -1no dependencies found
Fuzzing⚠️ 0project is not fuzzed

Scanned Files

  • frontend/package-lock.json
  • frontend/package.json

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 23, 2024

Superseded by #97.

@dependabot dependabot bot closed this Dec 23, 2024
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/frontend/production-dependencies-61b26cb21f branch December 23, 2024 20:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants