Skip to content

Bump the production-dependencies group across 1 directory with 13 updates#97

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/frontend/production-dependencies-858b2fc971
Closed

Bump the production-dependencies group across 1 directory with 13 updates#97
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/frontend/production-dependencies-858b2fc971

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 23, 2024

Bumps the production-dependencies group with 13 updates in the /frontend directory:

Package From To
@angular/animations 18.2.12 19.0.5
@angular/cdk 18.2.13 19.0.4
@angular/common 18.2.12 19.0.5
@angular/compiler 18.2.12 19.0.5
@angular/core 18.2.12 19.0.5
@angular/forms 18.2.12 19.0.5
@angular/material 18.2.13 19.0.4
@angular/platform-browser 18.2.12 19.0.5
@angular/platform-browser-dynamic 18.2.12 19.0.5
@angular/router 18.2.12 19.0.5
@octokit/types 13.6.1 13.6.2
cronstrue 2.51.0 2.52.0
highcharts 11.4.8 12.1.2

Updates @angular/animations from 18.2.12 to 19.0.5

Release notes

Sourced from @​angular/animations's releases.

v19.0.5

19.0.5 (2024-12-18)

core

Commit Description
fix - 3793218e77 avoid triggering on timer and on idle on the server (#59177)
fix - cfc96ed82c Fix nested timer serialization (#59173)

platform-server

Commit Description
fix - 9085a8fbd8 Warn user when transfer state happens more than once (#58935)

v19.0.4

19.0.4 (2024-12-12)

compiler-cli

Commit Description
fix - 7e612171709 consider pre-release versions when detecting feature support (#59061)
fix - cd764a31152 error in unused standalone imports diagnostic (#59064)

core

Commit Description
fix - 34ded10fa60 Fix a bug where snapshotted functions are being run twice if they return a nullish/falsey value. (#59073)

platform-browser

Commit Description
fix - ae0802d63c5 collect external component styles from server rendering (#59031)

v19.0.3

19.0.3 (2024-12-04)

v19.0.2

19.0.2 (2024-12-04)

compiler-cli

Commit Description
fix - 9f99196d23 account for multiple generated namespace imports in HMR (#58924)

core

Commit Description
fix - 4792db9a6d Explicitly manage TracingSnapshot lifecycle and dispose of it once it's been used. (#58929)

migrations

Commit Description
fix - 7b5bacc228 class content being deleted in some edge cases (#58959)
fix - d1cbdd6acb correctly strip away parameters surrounded by comments in inject migration (#58959)

... (truncated)

Changelog

Sourced from @​angular/animations's changelog.

19.0.5 (2024-12-18)

core

Commit Type Description
3793218e77 fix avoid triggering on timer and on idle on the server (#59177)
cfc96ed82c fix Fix nested timer serialization (#59173)

platform-server

Commit Type Description
9085a8fbd8 fix Warn user when transfer state happens more than once (#58935)

19.1.0-next.3 (2024-12-12)

compiler-cli

Commit Type Description
c5c20e9d86 fix check event side of two-way bindings (#59002)
0dee2681f7 fix consider pre-release versions when detecting feature support (#59061)
1b9492edf8 fix error in unused standalone imports diagnostic (#59064)

core

Commit Type Description
d010e11b73 feat add event listener options to renderer (#59092)
30e676098d fix Fix a bug where snapshotted functions are being run twice if they return a nullish/falsey value. (#59073)

platform-browser

Commit Type Description
52be35118f fix collect external component styles from server rendering (#59031)

19.0.4 (2024-12-12)

compiler-cli

Commit Type Description
7e612171709 fix consider pre-release versions when detecting feature support (#59061)
cd764a31152 fix error in unused standalone imports diagnostic (#59064)

core

Commit Type Description
34ded10fa60 fix Fix a bug where snapshotted functions are being run twice if they return a nullish/falsey value. (#59073)

platform-browser

Commit Type Description
ae0802d63c5 fix collect external component styles from server rendering (#59031)

... (truncated)

Commits
  • c829a15 docs(animations): update position parameter to be a decimal (#57927)
  • 5f3ba06 docs: set syntax highlighting of code examples MD code blocks (#59026)
  • b8a2ae0 docs: fix missing alert block styles in the API reference (#59020)
  • 09df589 refactor(core): Migrate all packages with the explicit-standalone-flag sche...
  • 84b6896 refactor(platform-server): Add an ssr benchmark setup. (#57647)
  • 9dbe6fc refactor: update license text to point to angular.dev (#57901)
  • See full diff in compare view

Updates @angular/cdk from 18.2.13 to 19.0.4

Release notes

Sourced from @​angular/cdk's releases.

v19.0.4

19.0.4 "linen-lampshade" (2024-12-18)

material

Commit Description
fix - 050b59b883 list: enable MacOS select all with command+a (#30183)
fix - c3f22f3c9a menu: remove dependency on animations module (#30163)
fix - a9c569e13d sort: avoid center align for sort header (#30198)
fix - f0ec675aaa table: improve filter predicate efficiency (#30172)
fix - b724b0698c table: set border none for header cells on last row (#30193)
fix - 125d867161 theming: fix not found error in the guide duplicate theming styles document (#30108)
fix - 8d3279fcd4 tooltip: body line height affecting gap (#30164)

cdk

Commit Description
fix - 622057a146 drag-drop: resolve projected handles
fix - 1456074baa drag-drop: stop dragging on touchcancel (#30184)
fix - c92def439b testing: add code to keyboard events (#30188)

v19.0.3

19.0.3 "polonium-popsicle" (2024-12-11)

material

Commit Description
fix - 7b64c451e6 expansion: switch away from animations module (#30119)
fix - d18c3395d8 menu: decouple menu lifecycle from animations (#30148)
fix - 3ea8cf5c31 paginator: ignore clicks on disabled buttons (#30138)
fix - fbaf286f9c select: add opt-in input that allows selection of nullable options (#30142)
fix - 600a8b04f9 timepicker: deserialize ControlValueAccessor values correctly (#30149)
fix - 4b69162998 timepicker: disable toggle if timepicker is disabled (#30137)

v19.0.2

19.0.2 "plastic-rhino" (2024-12-04)

youtube-player

Commit Description
fix - 1d3905a208 update to latest typings (#30126)

material

Commit Description
fix - 0ed9869529 button-toggle: unable to tab into ngModel-based group on first render (#30103)
fix - 72ff6fcce3 core: optgroup label color not inferred correctly (#30085)
fix - c395585446 schematics: avoid parsing stylesheets that don't include Material
fix - 5b3350a60e schematics: error if stylesheet contains syntax errors
fix - 1235ad28bc sort: simplify animations (#30057)
fix - 5b165067e8 tabs: ink bar not showing when same tab is re-selected (#30121)

cdk

... (truncated)

Changelog

Sourced from @​angular/cdk's changelog.

19.0.4 "linen-lampshade" (2024-12-18)

cdk

Commit Type Description
622057a146 fix drag-drop: resolve projected handles
1456074baa fix drag-drop: stop dragging on touchcancel (#30184)
c92def439b fix testing: add code to keyboard events (#30188)

material

Commit Type Description
050b59b883 fix list: enable MacOS select all with command+a (#30183)
c3f22f3c9a fix menu: remove dependency on animations module (#30163)
a9c569e13d fix sort: avoid center align for sort header (#30198)
f0ec675aaa fix table: improve filter predicate efficiency (#30172)
b724b0698c fix table: set border none for header cells on last row (#30193)
125d867161 fix theming: fix not found error in the guide duplicate theming styles document (#30108)
8d3279fcd4 fix tooltip: body line height affecting gap (#30164)

19.0.3 "polonium-popsicle" (2024-12-11)

material

Commit Type Description
7b64c451e6 fix expansion: switch away from animations module (#30119)
d18c3395d8 fix menu: decouple menu lifecycle from animations (#30148)
3ea8cf5c31 fix paginator: ignore clicks on disabled buttons (#30138)
fbaf286f9c fix select: add opt-in input that allows selection of nullable options (#30142)
600a8b04f9 fix timepicker: deserialize ControlValueAccessor values correctly (#30149)
4b69162998 fix timepicker: disable toggle if timepicker is disabled (#30137)

19.0.2 "plastic-rhino" (2024-12-04)

cdk

Commit Type Description
460f971b27 fix accordion: improve accessibility in example code (#30087)
6306a12c12 fix menu: disable flexible dimensions (#30086)

material

Commit Type Description
0ed9869529 fix button-toggle: unable to tab into ngModel-based group on first render (#30103)
72ff6fcce3 fix core: optgroup label color not inferred correctly (#30085)
c395585446 fix schematics: avoid parsing stylesheets that don't include Material
5b3350a60e fix schematics: error if stylesheet contains syntax errors
1235ad28bc fix sort: simplify animations (#30057)
5b165067e8 fix tabs: ink bar not showing when same tab is re-selected (#30121)

... (truncated)

Commits
  • 65db2cc release: cut the v19.0.4 release
  • 7e3f1e6 docs: fix whether typos (#30204)
  • a9c569e fix(material/sort): avoid center align for sort header (#30198)
  • 8f5ff96 docs: fix typo in custom theme guide (#30202)
  • 03a59b6 docs: update system var prefix (#30199)
  • b724b06 fix(material/table): set border none for header cells on last row (#30193)
  • 050b59b fix(material/list): enable MacOS select all with command+a (#30183)
  • 125d867 fix(material/theming): fix not found error in the guide duplicate theming sty...
  • 0eb9e2f test(multiple): clean up standalone flags (#30189)
  • c92def4 fix(cdk/testing): add code to keyboard events (#30188)
  • Additional commits viewable in compare view

Updates @angular/common from 18.2.12 to 19.0.5

Release notes

Sourced from @​angular/common's releases.

v19.0.5

19.0.5 (2024-12-18)

core

Commit Description
fix - 3793218e77 avoid triggering on timer and on idle on the server (#59177)
fix - cfc96ed82c Fix nested timer serialization (#59173)

platform-server

Commit Description
fix - 9085a8fbd8 Warn user when transfer state happens more than once (#58935)

v19.0.4

19.0.4 (2024-12-12)

compiler-cli

Commit Description
fix - 7e612171709 consider pre-release versions when detecting feature support (#59061)
fix - cd764a31152 error in unused standalone imports diagnostic (#59064)

core

Commit Description
fix - 34ded10fa60 Fix a bug where snapshotted functions are being run twice if they return a nullish/falsey value. (#59073)

platform-browser

Commit Description
fix - ae0802d63c5 collect external component styles from server rendering (#59031)

v19.0.3

19.0.3 (2024-12-04)

v19.0.2

19.0.2 (2024-12-04)

compiler-cli

Commit Description
fix - 9f99196d23 account for multiple generated namespace imports in HMR (#58924)

core

Commit Description
fix - 4792db9a6d Explicitly manage TracingSnapshot lifecycle and dispose of it once it's been used. (#58929)

migrations

Commit Description
fix - 7b5bacc228 class content being deleted in some edge cases (#58959)
fix - d1cbdd6acb correctly strip away parameters surrounded by comments in inject migration (#58959)

... (truncated)

Changelog

Sourced from @​angular/common's changelog.

19.0.5 (2024-12-18)

core

Commit Type Description
3793218e77 fix avoid triggering on timer and on idle on the server (#59177)
cfc96ed82c fix Fix nested timer serialization (#59173)

platform-server

Commit Type Description
9085a8fbd8 fix Warn user when transfer state happens more than once (#58935)

19.1.0-next.3 (2024-12-12)

compiler-cli

Commit Type Description
c5c20e9d86 fix check event side of two-way bindings (#59002)
0dee2681f7 fix consider pre-release versions when detecting feature support (#59061)
1b9492edf8 fix error in unused standalone imports diagnostic (#59064)

core

Commit Type Description
d010e11b73 feat add event listener options to renderer (#59092)
30e676098d fix Fix a bug where snapshotted functions are being run twice if they return a nullish/falsey value. (#59073)

platform-browser

Commit Type Description
52be35118f fix collect external component styles from server rendering (#59031)

19.0.4 (2024-12-12)

compiler-cli

Commit Type Description
7e612171709 fix consider pre-release versions when detecting feature support (#59061)
cd764a31152 fix error in unused standalone imports diagnostic (#59064)

core

Commit Type Description
34ded10fa60 fix Fix a bug where snapshotted functions are being run twice if they return a nullish/falsey value. (#59073)

platform-browser

Commit Type Description
ae0802d63c5 fix collect external component styles from server rendering (#59031)

... (truncated)

Commits
  • e3bb6a0 refactor(common): update the NgOptimizedImage message to use @if instead of...
  • 326337e refactor: replace ɵPendingTasks with ɵPendingTasksInternal (#59138)
  • ffae7df refactor(http): Don't log fetch warning in tests. (#59049)
  • 0c40bb2 refactor(docs-infra): convert code-example-s that have only region param to @...
  • 5f3ba06 docs: set syntax highlighting of code examples MD code blocks (#59026)
  • 0df7b1e refactor(common): remove standalone: true (#58949)
  • b8a2ae0 docs: fix missing alert block styles in the API reference (#59020)
  • ea0bf74 refactor(core): use ApplicationRef.whenStable instead of a custom util func...
  • 7dfb127 refactor: add @__PURE__ next to @pureOrBreakMyCode for improved bundler c...
  • da9c0c5 refactor: cleanup initializers that use ctor params (#58349)
  • Additional commits viewable in compare view

Updates @angular/compiler from 18.2.12 to 19.0.5

Release notes

Sourced from @​angular/compiler's releases.

v19.0.5

19.0.5 (2024-12-18)

core

Commit Description
fix - 3793218e77 avoid triggering on timer and on idle on the server (#59177)
fix - cfc96ed82c Fix nested timer serialization (#59173)

platform-server

Commit Description
fix - 9085a8fbd8 Warn user when transfer state happens more than once (#58935)

v19.0.4

19.0.4 (2024-12-12)

compiler-cli

Commit Description
fix - 7e612171709 consider pre-release versions when detecting feature support (#59061)
fix - cd764a31152 error in unused standalone imports diagnostic (#59064)

core

Commit Description
fix - 34ded10fa60 Fix a bug where snapshotted functions are being run twice if they return a nullish/falsey value. (#59073)

platform-browser

Commit Description
fix - ae0802d63c5 collect external component styles from server rendering (#59031)

v19.0.3

19.0.3 (2024-12-04)

v19.0.2

19.0.2 (2024-12-04)

compiler-cli

Commit Description
fix - 9f99196d23 account for multiple generated namespace imports in HMR (#58924)

core

Commit Description
fix - 4792db9a6d Explicitly manage TracingSnapshot lifecycle and dispose of it once it's been used. (#58929)

migrations

Commit Description
fix - 7b5bacc228 class content being deleted in some edge cases (#58959)
fix - d1cbdd6acb correctly strip away parameters surrounded by comments in inject migration (#58959)

... (truncated)

Changelog

Sourced from @​angular/compiler's changelog.

19.0.5 (2024-12-18)

core

Commit Type Description
3793218e77 fix avoid triggering on timer and on idle on the server (#59177)
cfc96ed82c fix Fix nested timer serialization (#59173)

platform-server

Commit Type Description
9085a8fbd8 fix Warn user when transfer state happens more than once (#58935)

19.1.0-next.3 (2024-12-12)

compiler-cli

Commit Type Description
c5c20e9d86 fix check event side of two-way bindings (#59002)
0dee2681f7 fix consider pre-release versions when detecting feature support (#59061)
1b9492edf8 fix error in unused standalone imports diagnostic (#59064)

core

Commit Type Description
d010e11b73 feat add event listener options to renderer (#59092)
30e676098d fix Fix a bug where snapshotted functions are being run twice if they return a nullish/falsey value. (#59073)

platform-browser

Commit Type Description
52be35118f fix collect external component styles from server rendering (#59031)

19.0.4 (2024-12-12)

compiler-cli

Commit Type Description
7e612171709 fix consider pre-release versions when detecting feature support (#59061)
cd764a31152 fix error in unused standalone imports diagnostic (#59064)

core

Commit Type Description
34ded10fa60 fix Fix a bug where snapshotted functions are being run twice if they return a nullish/falsey value. (#59073)

platform-browser

Commit Type Description
ae0802d63c5 fix collect external component styles from server rendering (#59031)

... (truncated)

Commits
  • b58123b refactor(compiler): remove circular dep in the output ast (#59083)
  • 5f3ba06 docs: set syntax highlighting of code examples MD code blocks (#59026)
  • b182806 refactor(compiler): remove allowInvalidAssignmentEvents flag (#58988)
  • 9f99196 fix(compiler-cli): account for multiple generated namespace imports in HMR (#...
  • d23a5d5 refactor(core): Consolidates shouldTrigger* methods down to one (#58833)
  • d6da631 refactor(compiler): Adds ingest and flags for defer details (#58833)
  • 4852e57 docs: capitalize webpack with a lowercase W (#56812)
  • fb1fa8b fix(compiler-cli): more accurate diagnostics for host binding parser errors (...
  • 806a61b fix(compiler): fix multiline selectors (#58681)
  • e5d3abb fix(compiler): resolve :host:host-context(.foo) (#58681)
  • Additional commits viewable in compare view

Updates @angular/core from 18.2.12 to 19.0.5

Release notes

Sourced from @​angular/core's releases.

v19.0.5

19.0.5 (2024-12-18)

core

Commit Description
fix - 3793218e77 avoid triggering on timer and on idle on the server (#59177)
fix - cfc96ed82c Fix nested timer serialization (#59173)

platform-server

Commit Description
fix - 9085a8fbd8 Warn user when transfer state happens more than once (#58935)

v19.0.4

19.0.4 (2024-12-12)

compiler-cli

Commit Description
fix - 7e612171709 consider pre-release versions when detecting feature support (#59061)
fix - cd764a31152 error in unused standalone imports diagnostic (#59064)

core

Commit Description

…ates

Bumps the production-dependencies group with 13 updates in the /frontend directory:

| Package | From | To |
| --- | --- | --- |
| [@angular/animations](https://github.com/angular/angular/tree/HEAD/packages/animations) | `18.2.12` | `19.0.5` |
| [@angular/cdk](https://github.com/angular/components) | `18.2.13` | `19.0.4` |
| [@angular/common](https://github.com/angular/angular/tree/HEAD/packages/common) | `18.2.12` | `19.0.5` |
| [@angular/compiler](https://github.com/angular/angular/tree/HEAD/packages/compiler) | `18.2.12` | `19.0.5` |
| [@angular/core](https://github.com/angular/angular/tree/HEAD/packages/core) | `18.2.12` | `19.0.5` |
| [@angular/forms](https://github.com/angular/angular/tree/HEAD/packages/forms) | `18.2.12` | `19.0.5` |
| [@angular/material](https://github.com/angular/components) | `18.2.13` | `19.0.4` |
| [@angular/platform-browser](https://github.com/angular/angular/tree/HEAD/packages/platform-browser) | `18.2.12` | `19.0.5` |
| [@angular/platform-browser-dynamic](https://github.com/angular/angular/tree/HEAD/packages/platform-browser-dynamic) | `18.2.12` | `19.0.5` |
| [@angular/router](https://github.com/angular/angular/tree/HEAD/packages/router) | `18.2.12` | `19.0.5` |
| [@octokit/types](https://github.com/octokit/types.ts) | `13.6.1` | `13.6.2` |
| [cronstrue](https://github.com/bradymholt/cronstrue) | `2.51.0` | `2.52.0` |
| [highcharts](https://github.com/highcharts/highcharts-dist) | `11.4.8` | `12.1.2` |



Updates `@angular/animations` from 18.2.12 to 19.0.5
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/19.0.5/packages/animations)

Updates `@angular/cdk` from 18.2.13 to 19.0.4
- [Release notes](https://github.com/angular/components/releases)
- [Changelog](https://github.com/angular/components/blob/19.0.4/CHANGELOG.md)
- [Commits](angular/components@18.2.13...19.0.4)

Updates `@angular/common` from 18.2.12 to 19.0.5
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/19.0.5/packages/common)

Updates `@angular/compiler` from 18.2.12 to 19.0.5
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/19.0.5/packages/compiler)

Updates `@angular/core` from 18.2.12 to 19.0.5
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/19.0.5/packages/core)

Updates `@angular/forms` from 18.2.12 to 19.0.5
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/19.0.5/packages/forms)

Updates `@angular/material` from 18.2.13 to 19.0.4
- [Release notes](https://github.com/angular/components/releases)
- [Changelog](https://github.com/angular/components/blob/19.0.4/CHANGELOG.md)
- [Commits](angular/components@18.2.13...19.0.4)

Updates `@angular/platform-browser` from 18.2.12 to 19.0.5
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/19.0.5/packages/platform-browser)

Updates `@angular/platform-browser-dynamic` from 18.2.12 to 19.0.5
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/19.0.5/packages/platform-browser-dynamic)

Updates `@angular/router` from 18.2.12 to 19.0.5
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/19.0.5/packages/router)

Updates `@octokit/types` from 13.6.1 to 13.6.2
- [Release notes](https://github.com/octokit/types.ts/releases)
- [Commits](octokit/types.ts@v13.6.1...v13.6.2)

Updates `cronstrue` from 2.51.0 to 2.52.0
- [Release notes](https://github.com/bradymholt/cronstrue/releases)
- [Changelog](https://github.com/bradymholt/cRonstrue/blob/main/CHANGELOG.md)
- [Commits](bradymholt/cRonstrue@v2.51.0...v2.52.0)

Updates `highcharts` from 11.4.8 to 12.1.2
- [Commits](highcharts/highcharts-dist@v11.4.8...v12.1.2)

---
updated-dependencies:
- dependency-name: "@angular/animations"
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: "@angular/cdk"
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: "@angular/common"
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: "@angular/compiler"
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: "@angular/core"
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: "@angular/forms"
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: "@angular/material"
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: "@angular/platform-browser"
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: "@angular/platform-browser-dynamic"
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: "@angular/router"
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: "@octokit/types"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: cronstrue
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: highcharts
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Dec 23, 2024
@github-actions
Copy link

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 1 package(s) with unknown licenses.
See the Details below.

License Issues

frontend/package.json

PackageVersionLicenseIssue Type
highcharts^12.1.2NullUnknown License

OpenSSF Scorecard

Scorecard details
PackageVersionScoreDetails
npm/@angular/animations 19.0.5 🟢 6.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 102 out of 2 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 068 existing vulnerabilities detected
npm/@angular/cdk 19.0.4 🟢 7.4
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 1023 out of 23 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: in_progress
Code-Review🟢 10all changesets reviewed
Contributors🟢 1024 different organizations found -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) out of 30 and 10 issue activity out of 30 found in the last 90 days -- score normalized to 10
Packaging⚠️ -1no published package detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions🟢 8detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 053 existing vulnerabilities detected
npm/@angular/common 19.0.5 🟢 6.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 102 out of 2 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 068 existing vulnerabilities detected
npm/@angular/compiler 19.0.5 🟢 6.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 102 out of 2 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 068 existing vulnerabilities detected
npm/@angular/core 19.0.5 🟢 6.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 102 out of 2 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 068 existing vulnerabilities detected
npm/@angular/forms 19.0.5 🟢 6.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 102 out of 2 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 068 existing vulnerabilities detected
npm/@angular/material 19.0.4 🟢 7.4
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 1023 out of 23 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: in_progress
Code-Review🟢 10all changesets reviewed
Contributors🟢 1024 different organizations found -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) out of 30 and 10 issue activity out of 30 found in the last 90 days -- score normalized to 10
Packaging⚠️ -1no published package detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions🟢 8detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 053 existing vulnerabilities detected
npm/@angular/platform-browser 19.0.5 🟢 6.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 102 out of 2 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 068 existing vulnerabilities detected
npm/@angular/platform-browser-dynamic 19.0.5 🟢 6.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 102 out of 2 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 068 existing vulnerabilities detected
npm/@angular/router 19.0.5 🟢 6.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 102 out of 2 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 068 existing vulnerabilities detected
npm/@octokit/types 13.6.2 🟢 7.2
Details
CheckScoreReason
Security-Policy🟢 9security policy file detected
Code-Review🟢 10all changesets reviewed
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Maintained🟢 88 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 8
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies🟢 3dependency not pinned by hash detected -- score normalized to 3
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging🟢 10packaging workflow detected
SAST🟢 10SAST tool is run on all commits
Vulnerabilities🟢 82 existing vulnerabilities detected
npm/cronstrue 2.52.0 🟢 3.6
Details
CheckScoreReason
Maintained🟢 54 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 5
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Code-Review⚠️ 2Found 8/28 approved changesets -- score normalized to 2
Packaging⚠️ -1packaging workflow not detected
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Security-Policy⚠️ 0security policy file not detected
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities🟢 55 existing vulnerabilities detected
npm/highcharts 12.1.2 🟢 3.3
Details
CheckScoreReason
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow⚠️ -1no workflows found
Code-Review⚠️ 0Found 1/28 approved changesets -- score normalized to 0
Maintained🟢 57 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5
Token-Permissions⚠️ -1No tokens found
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Vulnerabilities🟢 100 existing vulnerabilities detected
Binary-Artifacts🟢 10no binaries found in the repo
Security-Policy⚠️ 0security policy file not detected
Signed-Releases⚠️ -1no releases found
License⚠️ 0license file not detected
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Pinned-Dependencies⚠️ -1no dependencies found
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
npm/zone.js 0.15.0 🟢 6.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 102 out of 2 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 068 existing vulnerabilities detected
npm/@angular/animations ^19.0.5 🟢 6.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 102 out of 2 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 068 existing vulnerabilities detected
npm/@angular/cdk ^19.0.4 🟢 7.4
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 1023 out of 23 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: in_progress
Code-Review🟢 10all changesets reviewed
Contributors🟢 1024 different organizations found -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) out of 30 and 10 issue activity out of 30 found in the last 90 days -- score normalized to 10
Packaging⚠️ -1no published package detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions🟢 8detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 053 existing vulnerabilities detected
npm/@angular/common ^19.0.5 🟢 6.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 102 out of 2 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 068 existing vulnerabilities detected
npm/@angular/compiler ^19.0.5 🟢 6.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 102 out of 2 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 068 existing vulnerabilities detected
npm/@angular/core ^19.0.5 🟢 6.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 102 out of 2 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 068 existing vulnerabilities detected
npm/@angular/forms ^19.0.5 🟢 6.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 102 out of 2 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 068 existing vulnerabilities detected
npm/@angular/material ^19.0.4 🟢 7.4
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 1023 out of 23 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: in_progress
Code-Review🟢 10all changesets reviewed
Contributors🟢 1024 different organizations found -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) out of 30 and 10 issue activity out of 30 found in the last 90 days -- score normalized to 10
Packaging⚠️ -1no published package detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions🟢 8detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 053 existing vulnerabilities detected
npm/@angular/platform-browser ^19.0.5 🟢 6.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 102 out of 2 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 068 existing vulnerabilities detected
npm/@angular/platform-browser-dynamic ^19.0.5 🟢 6.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 102 out of 2 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 068 existing vulnerabilities detected
npm/@angular/router ^19.0.5 🟢 6.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
CI-Tests🟢 102 out of 2 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Contributors🟢 10project has 36 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities⚠️ 068 existing vulnerabilities detected
npm/@octokit/types ^13.6.2 🟢 7.2
Details
CheckScoreReason
Security-Policy🟢 9security policy file detected
Code-Review🟢 10all changesets reviewed
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Maintained🟢 88 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 8
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies🟢 3dependency not pinned by hash detected -- score normalized to 3
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging🟢 10packaging workflow detected
SAST🟢 10SAST tool is run on all commits
Vulnerabilities🟢 82 existing vulnerabilities detected
npm/cronstrue ^2.52.0 🟢 3.6
Details
CheckScoreReason
Maintained🟢 54 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 5
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Code-Review⚠️ 2Found 8/28 approved changesets -- score normalized to 2
Packaging⚠️ -1packaging workflow not detected
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Security-Policy⚠️ 0security policy file not detected
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities🟢 55 existing vulnerabilities detected
npm/highcharts ^12.1.2 🟢 3.3
Details
CheckScoreReason
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow⚠️ -1no workflows found
Code-Review⚠️ 0Found 1/28 approved changesets -- score normalized to 0
Maintained🟢 57 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5
Token-Permissions⚠️ -1No tokens found
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Vulnerabilities🟢 100 existing vulnerabilities detected
Binary-Artifacts🟢 10no binaries found in the repo
Security-Policy⚠️ 0security policy file not detected
Signed-Releases⚠️ -1no releases found
License⚠️ 0license file not detected
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Pinned-Dependencies⚠️ -1no dependencies found
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed

Scanned Files

  • frontend/package-lock.json
  • frontend/package.json

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Jan 6, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Jan 6, 2025
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/frontend/production-dependencies-858b2fc971 branch January 6, 2025 20:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants