Skip to content

chore(deps): lock file maintenance#966

Merged
renovate[bot] merged 1 commit into
masterfrom
renovate/lock-file-maintenance
Nov 3, 2025
Merged

chore(deps): lock file maintenance#966
renovate[bot] merged 1 commit into
masterfrom
renovate/lock-file-maintenance

Conversation

@renovate

@renovate renovate Bot commented Nov 3, 2025

Copy link
Copy Markdown
Contributor

This PR contains the following updates:

Update Change
lockFileMaintenance All locks refreshed

🔧 This Pull Request updates lock files to use the latest dependency versions.


Configuration

📅 Schedule: Branch creation - "before 5am on monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Nov 3, 2025
@github-actions

github-actions Bot commented Nov 3, 2025

Copy link
Copy Markdown

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
npm/@eslint/config-helpers 0.4.2 UnknownUnknown
npm/@eslint/core 0.17.0 UnknownUnknown
npm/@eslint/js 9.39.0 🟢 6.8
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 26 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 7Found 22/28 approved changesets -- score normalized to 7
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
License🟢 10license file detected
Binary-Artifacts🟢 10no binaries found in the repo
Vulnerabilities🟢 100 existing vulnerabilities detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Branch-Protection🟢 5branch protection is not maximal on development and all release branches
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Fuzzing⚠️ 0project is not fuzzed
SAST🟢 10SAST tool is run on all commits
npm/@eslint/plugin-kit 0.4.1 UnknownUnknown
npm/eslint 9.39.0 🟢 6.8
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 26 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 7Found 22/28 approved changesets -- score normalized to 7
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
License🟢 10license file detected
Binary-Artifacts🟢 10no binaries found in the repo
Vulnerabilities🟢 100 existing vulnerabilities detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Branch-Protection🟢 5branch protection is not maximal on development and all release branches
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Fuzzing⚠️ 0project is not fuzzed
SAST🟢 10SAST tool is run on all commits

Scanned Files

  • package-lock.json

@renovate renovate Bot merged commit c574202 into master Nov 3, 2025
6 checks passed
@renovate renovate Bot deleted the renovate/lock-file-maintenance branch November 3, 2025 07:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants