build: migrate from npm to pnpm · code-pushup/cli@52dac0b

Triggered via pull request May 19, 2026 16:17

matejchalk

synchronize #1285

npm-to-pnpm

Status Failure

Total duration 5m 28s

Artifacts 1

dependency-review.yml

on: pull_request

1 error and 10 warnings

Dependency review detected vulnerable packages.

npm/@szmarczak/http-timer has an OpenSSF Scorecard of 2, which is less than this repository's threshold of 3.

npm/@szmarczak/http-timer has an OpenSSF Scorecard of 2, which is less than this repository's threshold of 3.

npm/@rtsao/scc has an OpenSSF Scorecard of 2.3, which is less than this repository's threshold of 3.

npm/@phenomnomnominal/tsquery has an OpenSSF Scorecard of 2.6, which is less than this repository's threshold of 3.

npm/@kwsites/promise-deferred has an OpenSSF Scorecard of 2, which is less than this repository's threshold of 3.

npm/@kwsites/file-exists has an OpenSSF Scorecard of 2, which is less than this repository's threshold of 3.

npm/@jridgewell/sourcemap-codec has an OpenSSF Scorecard of 2.8, which is less than this repository's threshold of 3.

npm/@jridgewell/source-map has an OpenSSF Scorecard of 2.9, which is less than this repository's threshold of 3.

npm/@jridgewell/resolve-uri has an OpenSSF Scorecard of 2.8, which is less than this repository's threshold of 3.

npm/@bcoe/v8-coverage has an OpenSSF Scorecard of 2.7, which is less than this repository's threshold of 3.

Produced during runtime

Name	Size	Digest
dependency-review-summary Expired	96.8 KB	`sha256:b58f1db9c49f869a336f709cd709e656bc33c1cc6329b51919aec7cc4d9ac9f3`