Bump the npm group with 32 updates by dependabot[bot] · Pull Request #2053 · poad/appstore-connect-jwt-generator-cli

dependabot · 2025-10-06T01:30:43Z

Bumps the npm group with 32 updates:

Package	From	To
@types/node	`24.6.0`	`24.6.2`
jiti	`2.6.0`	`2.6.1`
typescript	`5.9.2`	`5.9.3`
vite	`7.1.7`	`7.1.9`
@rollup/rollup-android-arm-eabi	`4.52.3`	`4.52.4`
@rollup/rollup-android-arm64	`4.52.3`	`4.52.4`
@rollup/rollup-darwin-arm64	`4.52.3`	`4.52.4`
@rollup/rollup-darwin-x64	`4.52.3`	`4.52.4`
@rollup/rollup-freebsd-arm64	`4.52.3`	`4.52.4`
@rollup/rollup-freebsd-x64	`4.52.3`	`4.52.4`
@rollup/rollup-linux-arm-gnueabihf	`4.52.3`	`4.52.4`
@rollup/rollup-linux-arm-musleabihf	`4.52.3`	`4.52.4`
@rollup/rollup-linux-arm64-gnu	`4.52.3`	`4.52.4`
@rollup/rollup-linux-arm64-musl	`4.52.3`	`4.52.4`
@rollup/rollup-linux-loong64-gnu	`4.52.3`	`4.52.4`
@rollup/rollup-linux-ppc64-gnu	`4.52.3`	`4.52.4`
@rollup/rollup-linux-riscv64-gnu	`4.52.3`	`4.52.4`
@rollup/rollup-linux-riscv64-musl	`4.52.3`	`4.52.4`
@rollup/rollup-linux-s390x-gnu	`4.52.3`	`4.52.4`
@rollup/rollup-linux-x64-gnu	`4.52.3`	`4.52.4`
@rollup/rollup-linux-x64-musl	`4.52.3`	`4.52.4`
@rollup/rollup-openharmony-arm64	`4.52.3`	`4.52.4`
@rollup/rollup-win32-arm64-msvc	`4.52.3`	`4.52.4`
@rollup/rollup-win32-ia32-msvc	`4.52.3`	`4.52.4`
@rollup/rollup-win32-x64-gnu	`4.52.3`	`4.52.4`
@rollup/rollup-win32-x64-msvc	`4.52.3`	`4.52.4`
@typescript-eslint/types	`8.44.1`	`8.45.0`
baseline-browser-mapping	`2.8.10`	`2.8.12`
caniuse-lite	`1.0.30001746`	`1.0.30001747`
electron-to-chromium	`1.5.228`	`1.5.230`
node-releases	`2.0.21`	`2.0.23`
rollup	`4.52.3`	`4.52.4`

Updates @types/node from 24.6.0 to 24.6.2

Commits

See full diff in compare view

Updates jiti from 2.6.0 to 2.6.1

Release notes

Sourced from jiti's releases.

v2.6.1

compare changes

🩹 Fixes

interop: Only passthrough default if it is not a promise (#408)

📦 Build

Revert to terser-webpack-plugin (#407)

❤️ Contributors

Kricsleo (@kricsleo)

Changelog

Sourced from jiti's changelog.

v2.6.1

compare changes

🩹 Fixes

interop: Only passthrough default if it is not a promise (#408)

📦 Build

Revert to terser-webpack-plugin (#407)

🏡 Chore

Update bench (037c646)

Update deps (974ca40)

Remove unused code (8b41497)

❤️ Contributors

Pooya Parsa (@pi0)

Kricsleo (@kricsleo)

Commits

aedcdee chore(release): v2.6.1
8b41497 chore: remove unused code
974ca40 chore: update deps
e840692 build: revert to terser-webpack-plugin (#407)
092cdd9 fix(interop): only passthrough default if it is not a promise (#408)
037c646 chore: update bench
See full diff in compare view

Updates typescript from 5.9.2 to 5.9.3

Release notes

Sourced from typescript's releases.

TypeScript 5.9.3

Note: this tag was recreated to point at the correct commit. The npm package contained the correct content.

For release notes, check out the release announcement

fixed issues query for Typescript 5.9.0 (Beta).

fixed issues query for Typescript 5.9.1 (RC).

No specific changes for TypeScript 5.9.2 (Stable)

fixed issues query for Typescript 5.9.3 (Stable).

Downloads are available on:

npm

Commits

c63de15 Bump version to 5.9.3 and LKG
8428ca4 🤖 Pick PR #62438 (Fix incorrectly ignored dts file fr...) into release-5.9 (#...
a131cac 🤖 Pick PR #62351 (Add missing Float16Array constructo...) into release-5.9 (#...
0424333 🤖 Pick PR #62423 (Revert PR 61928) into release-5.9 (#62425)
bdb641a 🤖 Pick PR #62311 (Fix parenthesizer rules for manuall...) into release-5.9 (#...
0d9b9b9 🤖 Pick PR #61978 (Restructure CI to prepare for requi...) into release-5.9 (#...
2dce0c5 Intentionally regress one buggy declaration output to an older version (#62163)
See full diff in compare view

Updates vite from 7.1.7 to 7.1.9

Release notes

Sourced from vite's releases.

v7.1.9

Please refer to CHANGELOG.md for details.

v7.1.8

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

7.1.9 (2025-10-03)

Reverts

server: drain stdin when not interactive (#20885) (12d72b0)

7.1.8 (2025-10-02)

Bug Fixes

css: improve url escape characters handling (#20847) (24a61a3)

deps: update all non-major dependencies (#20855) (788a183)

deps: update artichokie to 0.4.2 (#20864) (e670799)

dev: skip JS responses for document requests (#20866) (6bc6c4d)

glob: fix HMR for array patterns with exclusions (#20872) (63e040f)

keep ids for virtual modules as-is (#20808) (d4eca98)

server: drain stdin when not interactive (#20837) (bb950e9)

server: improve malformed URL handling in middlewares (#20830) (d65a983)

Documentation

create-vite: provide deno example (#20747) (fdb758a)

Miscellaneous Chores

deps: update rolldown-related dependencies (#20810) (ea68a88)

deps: update rolldown-related dependencies (#20854) (4dd06fd)

update url of create-react-app license (#20865) (166a178)

Commits

17e2517 release: v7.1.9
12d72b0 revert(server): drain stdin when not interactive (#20885)
8d12c8b release: v7.1.8
63e040f fix(glob): fix HMR for array patterns with exclusions (#20872)
24a61a3 fix(css): improve url escape characters handling (#20847)
6bc6c4d fix(dev): skip JS responses for document requests (#20866)
166a178 chore: update url of create-react-app license (#20865)
d4eca98 fix: keep ids for virtual modules as-is (#20808)
e670799 fix(deps): update artichokie to 0.4.2 (#20864)
bb950e9 fix(server): drain stdin when not interactive (#20837)
Additional commits viewable in compare view

Updates @rollup/rollup-android-arm-eabi from 4.52.3 to 4.52.4

Release notes

Sourced from @rollup/rollup-android-arm-eabi's releases.

v4.52.4

4.52.4

2025-10-03

Bug Fixes

Fix an issue where the wrong branch of nullish coalescing was picked (#6133)

Pull Requests

#6128: Enable npm OIDC publishing (@lukastaegert)

#6133: Correct nullish coalescing branch resolution for symbol left value (@TrickyPi)

#6134: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

Changelog

Sourced from @rollup/rollup-android-arm-eabi's changelog.

4.52.4

2025-10-03

Bug Fixes

Fix an issue where the wrong branch of nullish coalescing was picked (#6133)

Pull Requests

#6128: Enable npm OIDC publishing (@lukastaegert)

#6133: Correct nullish coalescing branch resolution for symbol left value (@TrickyPi)

#6134: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

Commits

cd81da7 4.52.4
0fd66e6 Correct nullish coalescing branch resolution for symbol left value (#6133)
c1c4175 fix(deps): lock file maintenance minor/patch updates (#6134)
bef29f4 Enable npm OIDC publishing (#6128)
See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @rollup/rollup-android-arm-eabi since your current version.

Updates @rollup/rollup-android-arm64 from 4.52.3 to 4.52.4

Release notes

Sourced from @rollup/rollup-android-arm64's releases.

v4.52.4

4.52.4

2025-10-03

Bug Fixes

Fix an issue where the wrong branch of nullish coalescing was picked (#6133)

Pull Requests

#6128: Enable npm OIDC publishing (@lukastaegert)

#6133: Correct nullish coalescing branch resolution for symbol left value (@TrickyPi)

#6134: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

Changelog

Sourced from @rollup/rollup-android-arm64's changelog.

4.52.4

2025-10-03

Bug Fixes

Fix an issue where the wrong branch of nullish coalescing was picked (#6133)

Pull Requests

#6128: Enable npm OIDC publishing (@lukastaegert)

#6133: Correct nullish coalescing branch resolution for symbol left value (@TrickyPi)

#6134: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

Commits

cd81da7 4.52.4
0fd66e6 Correct nullish coalescing branch resolution for symbol left value (#6133)
c1c4175 fix(deps): lock file maintenance minor/patch updates (#6134)
bef29f4 Enable npm OIDC publishing (#6128)
See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @rollup/rollup-android-arm64 since your current version.

Updates @rollup/rollup-darwin-arm64 from 4.52.3 to 4.52.4

Release notes

Sourced from @rollup/rollup-darwin-arm64's releases.

v4.52.4

4.52.4

2025-10-03

Bug Fixes

Fix an issue where the wrong branch of nullish coalescing was picked (#6133)

Pull Requests

#6128: Enable npm OIDC publishing (@lukastaegert)

#6133: Correct nullish coalescing branch resolution for symbol left value (@TrickyPi)

#6134: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

Changelog

Sourced from @rollup/rollup-darwin-arm64's changelog.

4.52.4

2025-10-03

Bug Fixes

Fix an issue where the wrong branch of nullish coalescing was picked (#6133)

Pull Requests

#6128: Enable npm OIDC publishing (@lukastaegert)

#6133: Correct nullish coalescing branch resolution for symbol left value (@TrickyPi)

#6134: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

Commits

cd81da7 4.52.4
0fd66e6 Correct nullish coalescing branch resolution for symbol left value (#6133)
c1c4175 fix(deps): lock file maintenance minor/patch updates (#6134)
bef29f4 Enable npm OIDC publishing (#6128)
See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @rollup/rollup-darwin-arm64 since your current version.

Updates @rollup/rollup-darwin-x64 from 4.52.3 to 4.52.4

Release notes

Sourced from @rollup/rollup-darwin-x64's releases.

v4.52.4

4.52.4

2025-10-03

Bug Fixes

Fix an issue where the wrong branch of nullish coalescing was picked (#6133)

Pull Requests

#6128: Enable npm OIDC publishing (@lukastaegert)

#6133: Correct nullish coalescing branch resolution for symbol left value (@TrickyPi)

#6134: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

Changelog

Sourced from @rollup/rollup-darwin-x64's changelog.

4.52.4

2025-10-03

Bug Fixes

Fix an issue where the wrong branch of nullish coalescing was picked (#6133)

Pull Requests

#6128: Enable npm OIDC publishing (@lukastaegert)

#6133: Correct nullish coalescing branch resolution for symbol left value (@TrickyPi)

#6134: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

Commits

cd81da7 4.52.4
0fd66e6 Correct nullish coalescing branch resolution for symbol left value (#6133)
c1c4175 fix(deps): lock file maintenance minor/patch updates (#6134)
bef29f4 Enable npm OIDC publishing (#6128)
See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @rollup/rollup-darwin-x64 since your current version.

Updates @rollup/rollup-freebsd-arm64 from 4.52.3 to 4.52.4

Release notes

Sourced from @rollup/rollup-freebsd-arm64's releases.

v4.52.4

4.52.4

2025-10-03

Bug Fixes

Fix an issue where the wrong branch of nullish coalescing was picked (#6133)

Pull Requests

#6128: Enable npm OIDC publishing (@lukastaegert)

#6133: Correct nullish coalescing branch resolution for symbol left value (@TrickyPi)

#6134: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

Changelog

Sourced from @rollup/rollup-freebsd-arm64's changelog.

4.52.4

2025-10-03

Bug Fixes

Fix an issue where the wrong branch of nullish coalescing was picked (#6133)

Pull Requests

#6128: Enable npm OIDC publishing (@lukastaegert)

#6133: Correct nullish coalescing branch resolution for symbol left value (@TrickyPi)

#6134: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

Commits

cd81da7 4.52.4
0fd66e6 Correct nullish coalescing branch resolution for symbol left value (#6133)
c1c4175 fix(deps): lock file maintenance minor/patch updates (#6134)
bef29f4 Enable npm OIDC publishing (#6128)
See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @rollup/rollup-freebsd-arm64 since your current version.

Updates @rollup/rollup-freebsd-x64 from 4.52.3 to 4.52.4

Release notes

Sourced from @rollup/rollup-freebsd-x64's releases.

v4.52.4

4.52.4

2025-10-03

Bug Fixes

Fix an issue where the wrong branch of nullish coalescing was picked (#6133)

Pull Requests

#6128: Enable npm OIDC publishing (@lukastaegert)

#6133: Correct nullish coalescing branch resolution for symbol left value (@TrickyPi)

#6134: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

Changelog

Sourced from @rollup/rollup-freebsd-x64's changelog.

4.52.4

2025-10-03

Bug Fixes

Fix an issue where the wrong branch of nullish coalescing was picked (#6133)

Pull Requests

#6128: Enable npm OIDC publishing (@lukastaegert)

#6133: Correct nullish coalescing branch resolution for symbol left value (@TrickyPi)

#6134: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

Commits

cd81da7 4.52.4
0fd66e6 Correct nullish coalescing branch resolution for symbol left value (#6133)
c1c4175 fix(deps): lock file maintenance minor/patch updates (#6134)
bef29f4 Enable npm OIDC publishing (#6128)
See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @rollup/rollup-freebsd-x64 since your current version.

Updates @rollup/rollup-linux-arm-gnueabihf from 4.52.3 to 4.52.4

Release notes

Sourced from @rollup/rollup-linux-arm-gnueabihf's releases.

v4.52.4

4.52.4

2025-10-03

Bug Fixes

Fix an issue where the wrong branch of nullish coalescing was picked (#6133)

Pull Requests

#6128: Enable npm OIDC publishing (@lukastaegert)

#6133: Correct nullish coalescing branch resolution for symbol left value (@TrickyPi)

#6134: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

Changelog

Sourced from @rollup/rollup-linux-arm-gnueabihf's changelog.

4.52.4

2025-10-03

Bug Fixes

Fix an issue where the wrong branch of nullish coalescing was picked (#6133)

Pull Requests

#6128: Enable npm OIDC publishing (@lukastaegert)

#6133: Correct nullish coalescing branch resolution for symbol left value (@TrickyPi)

#6134: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

Commits

cd81da7 4.52.4
0fd66e6 Correct nullish coalescing branch resolution for symbol left value (#6133)
c1c4175 fix(deps): lock file maintenance minor/patch updates (#6134)
bef29f4 Enable npm OIDC publishing (#6128)
See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @rollup/rollup-linux-arm-gnueabihf since your current version.

Updates @rollup/rollup-linux-arm-musleabihf from 4.52.3 to 4.52.4

Release notes

Sourced from @rollup/rollup-linux-arm-musleabihf's releases.

v4.52.4

4.52.4

2025-10-03

Bug Fixes

Fix an issue where the wrong branch of nullish coalescing was picked (#6133)

Pull Requests

#6128: Enable npm OIDC publishing (@lukastaegert)

#6133: Correct nullish coalescing branch resolution for symbol left value (@TrickyPi)

#6134: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

Changelog

Sourced from @rollup/rollup-linux-arm-musleabihf's changelog.

4.52.4

2025-10-03

Bug Fixes

Fix an issue where the wrong branch of nullish coalescing was picked (#6133)

Pull Requests

#6128: Enable npm OIDC publishing (@lukastaegert)

#6133: Correct nullish coalescing branch resolution for symbol left value (@TrickyPi)

#6134: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

Commits

cd81da7 4.52.4
0fd66e6 Correct nullish coalescing branch resolution for symbol left value (#6133)
c1c4175 fix(deps): lock file maintenance minor/patch updates (#6134)
bef29f4 Enable npm OIDC publishing (#6128)
See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @rollup/rollup-linux-arm-musleabihf since your current version.

Updates @rollup/rollup-linux-arm64-gnu from 4.52.3 to 4.52.4

Release notes

Sourced from @rollup/rollup-linux-arm64-gnu's releases.

v4.52.4

4.52.4

2025-10-03

Bug Fixes

Fix an issue where the wrong branch of nullish coalescing was picked (#6133)

Pull Requests

#6128: Enable npm OIDC publishing (@lukastaegert)

#6133: Correct nullish coalescing branch resolution for symbol left value (@TrickyPi)

#6134: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

Changelog

Sourced from @rollup/rollup-linux-arm64-gnu's changelog.

4.52.4

2025-10-03

Bug Fixes

Fix an issue where the wrong branch of nullish coalescing was picked (#6133)

Pull Requests

#6128: Enable npm OIDC publishing (@lukastaegert)

#6133: Correct nullish coalescing branch resolution for symbol left value (@TrickyPi)

#6134: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

Commits

cd81da7 4.52.4
0fd66e6 Correct nullish coalescing branch resolution for symbol left value (#6133)
c1c4175 fix(deps): lock file maintenance minor/patch updates (#6134)
bef29f4 Enable npm OIDC publishing (#6128)
See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @rollup/rollup-linux-arm64-gnu since your current version.

Updates @rollup/rollup-linux-arm64-musl from 4.52.3 to 4.52.4

Release notes

Sourced from @rollup/rollup-linux-arm64-musl's releases.

v4.52.4

4.52.4

2025-10-03

Bug Fixes

Fix an issue where the wrong branch of nullish coalescing was picked (#6133)

Pull Requests

#6128: Enable npm OIDC publishing (@lukastaegert)

#6133: Correct nullish coalescing branch resolution for symbol left value (@TrickyPi)

#6134: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

Changelog

Sourced from @rollup/rollup-linux-arm64-musl's changelog.

4.52.4

2025-10-03

Bug Fixes

Fix an issue where the wrong branch of nullish coalescing was picked (#6133)

Pull Requests

#6128: Enable npm OIDC publishing (@lukastaegert)

#6133: Correct nullish coalescing branch resolution for symbol left value (@TrickyPi)

#6134: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

Commits

cd81da7 4.52.4
0fd66e6 Correct nullish coalescing branch resolution for symbol left value (#6133)
c1c4175 fix(deps): lock file maintenance minor/patch updates (#6134)
bef29f4 Enable npm OIDC publishing (#6128)
See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @rollup/rollup-linux-arm64-musl since your current version.

Updates @rollup/rollup-linux-loong64-gnu from 4.52.3 to 4.52.4

Release notes

Sourced from @rollup/rollup-linux-loong64-gnu's releases.

v4.52.4

4.52.4

2025-10-03

Bug Fixes

Fix an issue where the wrong branch of nullish coalescing was picked (#6133)

Pull Requests

#6128: Enable npm OIDC publishing (@lukastaegert)

#6133: Correct nullish coalescing branch resolution for symbol left value (@TrickyPi)

#6134: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

Changelog

Sourced from @rollup/rollup-linux-loong64-gnu's changelog.

4.52.4

2025-10-03

Bug Fixes

Fix an issue where the wrong branch of nullish coalescing was picked (#6133)

Pull Requests

#6128: Enable npm OIDC publishing (@lukastaegert)

#6133: Correct nullish coalescing branch resolution for symbol left value (@TrickyPi)

#6134: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

Commits

cd81da7 4.52.4
0fd66e6 Correct nullish coalescing branch resolution for symbol left value (#6133)
c1c4175 fix(deps): lock file maintenance minor/patch updates (#6134)
bef29f4 Enable npm OIDC publishing (#6128)
See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @rollup/rollup-linux-loong64-gnu since your current version.

Updates @rollup/rollup-linux-ppc64-gnu from 4.52.3 to 4.52.4

Release notes

Sourced from @rollup/rollup-linux-ppc64-gnu's releases.

v4.52.4

4.52.4

2025-10-03

Bug Fixes

Fix an issue where the wrong branch of nullish coalescing was picked (#6133)

Pull Requests

#6128: Enable npm OIDC publishing (@lukastaegert)

#6133: Correct nullish coalescing branch resolution for symbol left value (@TrickyPi)

#6134: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

Changelog

Sourced from @rollup/rollup-linux-ppc64-gnu's changelog.

4.52.4

2025-10-03

Bug Fixes

Fix an issue where the wrong branch of nullish coalescing was picked (#6133)

Pull Requests

#6128: Enable npm OIDC publishing (@lukastaegert)

#6133: Correct nullish coalescing branch resolution for symbol left value (@TrickyPi)

#6134: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

Commits

cd81da7 4.52.4
0fd66e6 Correct nullish coalescing branch resolution for symbol left value (#6133)
c1c4175 fix(deps): lock file maintenance minor/patch updates (#6134)
bef29f4 Enable npm OIDC publishing (#6128)
See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @rollup/rollup-linux-ppc64-gnu since your current version.

Updates @rollup/rollup-linux-riscv64-gnu from 4.52.3 to 4.52.4

Release notes

Sourced from @rollup/rollup-linux-riscv64-gnu's releases.

v4.52.4

4.52.4

2025-10-03

Bug Fixes

Fix an issue where the wrong branch of nullish coalescing was picked (#6133)

Pull Requests

#6128: Enable npm OIDC publishing (@lukastaegert)

#6133: Correct nullish coalescing branch resolution for symbol left value (@TrickyPi)

#6134: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

Changelog

Sourced from @rollup/rollup-linux-riscv64-gnu's changelog.

4.52.4

2025-10-03

Bug Fixes

Fix an issue where the wrong branch of nullish coalescing was picked (#6133)

Pull Requests

#6128: Enable npm OIDC publishing (@lukastaegert)

#6133: Correct nullish coalescing branch resolution for symbol left value (@TrickyPi)

#6134: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

Commits

cd81da7 4.52.4
0fd66e6 Correct nullish coalescing branch resolution for symbol left value (#6133)
c1c4175 fix(deps): lock file maintenance minor/patch updates (#6134)
bef29f4 Enable npm OIDC publishing (

Bumps the npm group with 32 updates: | Package | From | To | | --- | --- | --- | | [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `24.6.0` | `24.6.2` | | [jiti](https://github.com/unjs/jiti) | `2.6.0` | `2.6.1` | | [typescript](https://github.com/microsoft/TypeScript) | `5.9.2` | `5.9.3` | | [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `7.1.7` | `7.1.9` | | [@rollup/rollup-android-arm-eabi](https://github.com/rollup/rollup) | `4.52.3` | `4.52.4` | | [@rollup/rollup-android-arm64](https://github.com/rollup/rollup) | `4.52.3` | `4.52.4` | | [@rollup/rollup-darwin-arm64](https://github.com/rollup/rollup) | `4.52.3` | `4.52.4` | | [@rollup/rollup-darwin-x64](https://github.com/rollup/rollup) | `4.52.3` | `4.52.4` | | [@rollup/rollup-freebsd-arm64](https://github.com/rollup/rollup) | `4.52.3` | `4.52.4` | | [@rollup/rollup-freebsd-x64](https://github.com/rollup/rollup) | `4.52.3` | `4.52.4` | | [@rollup/rollup-linux-arm-gnueabihf](https://github.com/rollup/rollup) | `4.52.3` | `4.52.4` | | [@rollup/rollup-linux-arm-musleabihf](https://github.com/rollup/rollup) | `4.52.3` | `4.52.4` | | [@rollup/rollup-linux-arm64-gnu](https://github.com/rollup/rollup) | `4.52.3` | `4.52.4` | | [@rollup/rollup-linux-arm64-musl](https://github.com/rollup/rollup) | `4.52.3` | `4.52.4` | | [@rollup/rollup-linux-loong64-gnu](https://github.com/rollup/rollup) | `4.52.3` | `4.52.4` | | [@rollup/rollup-linux-ppc64-gnu](https://github.com/rollup/rollup) | `4.52.3` | `4.52.4` | | [@rollup/rollup-linux-riscv64-gnu](https://github.com/rollup/rollup) | `4.52.3` | `4.52.4` | | [@rollup/rollup-linux-riscv64-musl](https://github.com/rollup/rollup) | `4.52.3` | `4.52.4` | | [@rollup/rollup-linux-s390x-gnu](https://github.com/rollup/rollup) | `4.52.3` | `4.52.4` | | [@rollup/rollup-linux-x64-gnu](https://github.com/rollup/rollup) | `4.52.3` | `4.52.4` | | [@rollup/rollup-linux-x64-musl](https://github.com/rollup/rollup) | `4.52.3` | `4.52.4` | | [@rollup/rollup-openharmony-arm64](https://github.com/rollup/rollup) | `4.52.3` | `4.52.4` | | [@rollup/rollup-win32-arm64-msvc](https://github.com/rollup/rollup) | `4.52.3` | `4.52.4` | | [@rollup/rollup-win32-ia32-msvc](https://github.com/rollup/rollup) | `4.52.3` | `4.52.4` | | [@rollup/rollup-win32-x64-gnu](https://github.com/rollup/rollup) | `4.52.3` | `4.52.4` | | [@rollup/rollup-win32-x64-msvc](https://github.com/rollup/rollup) | `4.52.3` | `4.52.4` | | [@typescript-eslint/types](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/types) | `8.44.1` | `8.45.0` | | [baseline-browser-mapping](https://github.com/web-platform-dx/baseline-browser-mapping) | `2.8.10` | `2.8.12` | | [caniuse-lite](https://github.com/browserslist/caniuse-lite) | `1.0.30001746` | `1.0.30001747` | | [electron-to-chromium](https://github.com/kilian/electron-to-chromium) | `1.5.228` | `1.5.230` | | [node-releases](https://github.com/chicoxyzzy/node-releases) | `2.0.21` | `2.0.23` | | [rollup](https://github.com/rollup/rollup) | `4.52.3` | `4.52.4` | Updates `@types/node` from 24.6.0 to 24.6.2 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `jiti` from 2.6.0 to 2.6.1 - [Release notes](https://github.com/unjs/jiti/releases) - [Changelog](https://github.com/unjs/jiti/blob/main/CHANGELOG.md) - [Commits](unjs/jiti@v2.6.0...v2.6.1) Updates `typescript` from 5.9.2 to 5.9.3 - [Release notes](https://github.com/microsoft/TypeScript/releases) - [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release-publish.yml) - [Commits](microsoft/TypeScript@v5.9.2...v5.9.3) Updates `vite` from 7.1.7 to 7.1.9 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v7.1.9/packages/vite) Updates `@rollup/rollup-android-arm-eabi` from 4.52.3 to 4.52.4 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.52.3...v4.52.4) Updates `@rollup/rollup-android-arm64` from 4.52.3 to 4.52.4 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.52.3...v4.52.4) Updates `@rollup/rollup-darwin-arm64` from 4.52.3 to 4.52.4 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.52.3...v4.52.4) Updates `@rollup/rollup-darwin-x64` from 4.52.3 to 4.52.4 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.52.3...v4.52.4) Updates `@rollup/rollup-freebsd-arm64` from 4.52.3 to 4.52.4 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.52.3...v4.52.4) Updates `@rollup/rollup-freebsd-x64` from 4.52.3 to 4.52.4 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.52.3...v4.52.4) Updates `@rollup/rollup-linux-arm-gnueabihf` from 4.52.3 to 4.52.4 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.52.3...v4.52.4) Updates `@rollup/rollup-linux-arm-musleabihf` from 4.52.3 to 4.52.4 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.52.3...v4.52.4) Updates `@rollup/rollup-linux-arm64-gnu` from 4.52.3 to 4.52.4 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.52.3...v4.52.4) Updates `@rollup/rollup-linux-arm64-musl` from 4.52.3 to 4.52.4 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.52.3...v4.52.4) Updates `@rollup/rollup-linux-loong64-gnu` from 4.52.3 to 4.52.4 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.52.3...v4.52.4) Updates `@rollup/rollup-linux-ppc64-gnu` from 4.52.3 to 4.52.4 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.52.3...v4.52.4) Updates `@rollup/rollup-linux-riscv64-gnu` from 4.52.3 to 4.52.4 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.52.3...v4.52.4) Updates `@rollup/rollup-linux-riscv64-musl` from 4.52.3 to 4.52.4 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.52.3...v4.52.4) Updates `@rollup/rollup-linux-s390x-gnu` from 4.52.3 to 4.52.4 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.52.3...v4.52.4) Updates `@rollup/rollup-linux-x64-gnu` from 4.52.3 to 4.52.4 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.52.3...v4.52.4) Updates `@rollup/rollup-linux-x64-musl` from 4.52.3 to 4.52.4 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.52.3...v4.52.4) Updates `@rollup/rollup-openharmony-arm64` from 4.52.3 to 4.52.4 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.52.3...v4.52.4) Updates `@rollup/rollup-win32-arm64-msvc` from 4.52.3 to 4.52.4 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.52.3...v4.52.4) Updates `@rollup/rollup-win32-ia32-msvc` from 4.52.3 to 4.52.4 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.52.3...v4.52.4) Updates `@rollup/rollup-win32-x64-gnu` from 4.52.3 to 4.52.4 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.52.3...v4.52.4) Updates `@rollup/rollup-win32-x64-msvc` from 4.52.3 to 4.52.4 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.52.3...v4.52.4) Updates `@typescript-eslint/types` from 8.44.1 to 8.45.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/types/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.45.0/packages/types) Updates `baseline-browser-mapping` from 2.8.10 to 2.8.12 - [Release notes](https://github.com/web-platform-dx/baseline-browser-mapping/releases) - [Commits](web-platform-dx/baseline-browser-mapping@v2.8.10...v2.8.12) Updates `caniuse-lite` from 1.0.30001746 to 1.0.30001747 - [Commits](browserslist/caniuse-lite@1.0.30001746...1.0.30001747) Updates `electron-to-chromium` from 1.5.228 to 1.5.230 - [Changelog](https://github.com/Kilian/electron-to-chromium/blob/master/CHANGELOG.md) - [Commits](Kilian/electron-to-chromium@v1.5.228...v1.5.230) Updates `node-releases` from 2.0.21 to 2.0.23 - [Commits](chicoxyzzy/node-releases@v2.0.21...v2.0.23) Updates `rollup` from 4.52.3 to 4.52.4 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.52.3...v4.52.4) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 24.6.2 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm - dependency-name: jiti dependency-version: 2.6.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm - dependency-name: typescript dependency-version: 5.9.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm - dependency-name: vite dependency-version: 7.1.9 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm - dependency-name: "@rollup/rollup-android-arm-eabi" dependency-version: 4.52.4 dependency-type: indirect update-type: version-update:semver-patch dependency-group: npm - dependency-name: "@rollup/rollup-android-arm64" dependency-version: 4.52.4 dependency-type: indirect update-type: version-update:semver-patch dependency-group: npm - dependency-name: "@rollup/rollup-darwin-arm64" dependency-version: 4.52.4 dependency-type: indirect update-type: version-update:semver-patch dependency-group: npm - dependency-name: "@rollup/rollup-darwin-x64" dependency-version: 4.52.4 dependency-type: indirect update-type: version-update:semver-patch dependency-group: npm - dependency-name: "@rollup/rollup-freebsd-arm64" dependency-version: 4.52.4 dependency-type: indirect update-type: version-update:semver-patch dependency-group: npm - dependency-name: "@rollup/rollup-freebsd-x64" dependency-version: 4.52.4 dependency-type: indirect update-type: version-update:semver-patch dependency-group: npm - dependency-name: "@rollup/rollup-linux-arm-gnueabihf" dependency-version: 4.52.4 dependency-type: indirect update-type: version-update:semver-patch dependency-group: npm - dependency-name: "@rollup/rollup-linux-arm-musleabihf" dependency-version: 4.52.4 dependency-type: indirect update-type: version-update:semver-patch dependency-group: npm - dependency-name: "@rollup/rollup-linux-arm64-gnu" dependency-version: 4.52.4 dependency-type: indirect update-type: version-update:semver-patch dependency-group: npm - dependency-name: "@rollup/rollup-linux-arm64-musl" dependency-version: 4.52.4 dependency-type: indirect update-type: version-update:semver-patch dependency-group: npm - dependency-name: "@rollup/rollup-linux-loong64-gnu" dependency-version: 4.52.4 dependency-type: indirect update-type: version-update:semver-patch dependency-group: npm - dependency-name: "@rollup/rollup-linux-ppc64-gnu" dependency-version: 4.52.4 dependency-type: indirect update-type: version-update:semver-patch dependency-group: npm - dependency-name: "@rollup/rollup-linux-riscv64-gnu" dependency-version: 4.52.4 dependency-type: indirect update-type: version-update:semver-patch dependency-group: npm - dependency-name: "@rollup/rollup-linux-riscv64-musl" dependency-version: 4.52.4 dependency-type: indirect update-type: version-update:semver-patch dependency-group: npm - dependency-name: "@rollup/rollup-linux-s390x-gnu" dependency-version: 4.52.4 dependency-type: indirect update-type: version-update:semver-patch dependency-group: npm - dependency-name: "@rollup/rollup-linux-x64-gnu" dependency-version: 4.52.4 dependency-type: indirect update-type: version-update:semver-patch dependency-group: npm - dependency-name: "@rollup/rollup-linux-x64-musl" dependency-version: 4.52.4 dependency-type: indirect update-type: version-update:semver-patch dependency-group: npm - dependency-name: "@rollup/rollup-openharmony-arm64" dependency-version: 4.52.4 dependency-type: indirect update-type: version-update:semver-patch dependency-group: npm - dependency-name: "@rollup/rollup-win32-arm64-msvc" dependency-version: 4.52.4 dependency-type: indirect update-type: version-update:semver-patch dependency-group: npm - dependency-name: "@rollup/rollup-win32-ia32-msvc" dependency-version: 4.52.4 dependency-type: indirect update-type: version-update:semver-patch dependency-group: npm - dependency-name: "@rollup/rollup-win32-x64-gnu" dependency-version: 4.52.4 dependency-type: indirect update-type: version-update:semver-patch dependency-group: npm - dependency-name: "@rollup/rollup-win32-x64-msvc" dependency-version: 4.52.4 dependency-type: indirect update-type: version-update:semver-patch dependency-group: npm - dependency-name: "@typescript-eslint/types" dependency-version: 8.45.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: npm - dependency-name: baseline-browser-mapping dependency-version: 2.8.12 dependency-type: indirect update-type: version-update:semver-patch dependency-group: npm - dependency-name: caniuse-lite dependency-version: 1.0.30001747 dependency-type: indirect update-type: version-update:semver-patch dependency-group: npm - dependency-name: electron-to-chromium dependency-version: 1.5.230 dependency-type: indirect update-type: version-update:semver-patch dependency-group: npm - dependency-name: node-releases dependency-version: 2.0.23 dependency-type: indirect update-type: version-update:semver-patch dependency-group: npm - dependency-name: rollup dependency-version: 4.52.4 dependency-type: indirect update-type: version-update:semver-patch dependency-group: npm ... Signed-off-by: dependabot[bot] <support@github.com>

github-actions · 2025-10-06T01:31:01Z

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Scorecard details

Package

Version

Score

Details

npm/@types/node

^24.6.2

🟢 6.7

Details

Check	Score	Reason
Maintained	🟢 10	30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Code-Review	🟢 6	Found 19/29 approved changesets -- score normalized to 6
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 9	license file detected
Packaging	⚠️ -1	packaging workflow not detected
Security-Policy	🟢 10	security policy file detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	⚠️ -1	no releases found
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	🟢 8	dependency not pinned by hash detected -- score normalized to 8
Fuzzing	⚠️ 0	project is not fuzzed

npm/jiti

^2.6.1

🟢 6

Details

Check	Score	Reason
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Maintained	🟢 10	12 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10
Code-Review	⚠️ 2	Found 6/27 approved changesets -- score normalized to 2
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts	🟢 10	no binaries found in the repo
License	🟢 10	license file detected
Pinned-Dependencies	⚠️ 1	dependency not pinned by hash detected -- score normalized to 1
Fuzzing	⚠️ 0	project is not fuzzed
Signed-Releases	⚠️ -1	no releases found
Security-Policy	⚠️ 0	security policy file not detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	🟢 9	1 existing vulnerabilities detected

npm/typescript

^5.9.3

🟢 8.6

Details

Check	Score	Reason
Maintained	🟢 10	30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Code-Review	🟢 10	all changesets reviewed
Dependency-Update-Tool	🟢 10	update tool detected
Security-Policy	🟢 10	security policy file detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Token-Permissions	🟢 9	detected GitHub workflow tokens with excessive permissions
License	🟢 10	license file detected
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
Signed-Releases	⚠️ 0	Project has not signed or included provenance with any releases.
Branch-Protection	⚠️ -1	internal error: error during GetBranch(release-5.9): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration
SAST	🟢 10	SAST tool is run on all commits
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	🟢 6	dependency not pinned by hash detected -- score normalized to 6
Fuzzing	🟢 10	project is fuzzed
CI-Tests	🟢 10	30 out of 30 merged PRs checked by a CI test -- score normalized to 10
Contributors	🟢 10	project has 34 contributing companies or organizations

npm/vite

^7.1.9

🟢 6.9

Details

Check	Score	Reason
Code-Review	🟢 6	Found 16/24 approved changesets -- score normalized to 6
Maintained	🟢 10	30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Token-Permissions	🟢 6	detected GitHub workflow tokens with excessive permissions
Binary-Artifacts	🟢 7	binaries present in source code
Security-Policy	🟢 10	security policy file detected
Signed-Releases	⚠️ -1	no releases found
Pinned-Dependencies	🟢 5	dependency not pinned by hash detected -- score normalized to 5
Fuzzing	⚠️ 0	project is not fuzzed
SAST	⚠️ 2	SAST tool is not run on all commits -- score normalized to 2
Vulnerabilities	🟢 10	0 existing vulnerabilities detected

npm/@rollup/rollup-android-arm-eabi

4.52.4

🟢 6

Details

Check	Score	Reason
Code-Review	🟢 5	Found 12/23 approved changesets -- score normalized to 5
Maintained	🟢 10	30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	🟢 10	security policy file detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
License	🟢 9	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 1	branch protection is not maximal on development and all release branches
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	🟢 7	dependency not pinned by hash detected -- score normalized to 7
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	🟢 10	0 existing vulnerabilities detected

npm/@rollup/rollup-android-arm64

4.52.4

🟢 6

Details

Check	Score	Reason
Code-Review	🟢 5	Found 12/23 approved changesets -- score normalized to 5
Maintained	🟢 10	30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	🟢 10	security policy file detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
License	🟢 9	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 1	branch protection is not maximal on development and all release branches
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	🟢 7	dependency not pinned by hash detected -- score normalized to 7
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	🟢 10	0 existing vulnerabilities detected

npm/@rollup/rollup-darwin-arm64

4.52.4

🟢 6

Details

Check	Score	Reason
Code-Review	🟢 5	Found 12/23 approved changesets -- score normalized to 5
Maintained	🟢 10	30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	🟢 10	security policy file detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
License	🟢 9	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 1	branch protection is not maximal on development and all release branches
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	🟢 7	dependency not pinned by hash detected -- score normalized to 7
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	🟢 10	0 existing vulnerabilities detected

npm/@rollup/rollup-darwin-x64

4.52.4

🟢 6

Details

Check	Score	Reason
Code-Review	🟢 5	Found 12/23 approved changesets -- score normalized to 5
Maintained	🟢 10	30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	🟢 10	security policy file detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
License	🟢 9	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 1	branch protection is not maximal on development and all release branches
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	🟢 7	dependency not pinned by hash detected -- score normalized to 7
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	🟢 10	0 existing vulnerabilities detected

npm/@rollup/rollup-freebsd-arm64

4.52.4

🟢 6

Details

Check	Score	Reason
Code-Review	🟢 5	Found 12/23 approved changesets -- score normalized to 5
Maintained	🟢 10	30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	🟢 10	security policy file detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
License	🟢 9	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 1	branch protection is not maximal on development and all release branches
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	🟢 7	dependency not pinned by hash detected -- score normalized to 7
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	🟢 10	0 existing vulnerabilities detected

npm/@rollup/rollup-freebsd-x64

4.52.4

🟢 6

Details

Check	Score	Reason
Code-Review	🟢 5	Found 12/23 approved changesets -- score normalized to 5
Maintained	🟢 10	30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	🟢 10	security policy file detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
License	🟢 9	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 1	branch protection is not maximal on development and all release branches
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	🟢 7	dependency not pinned by hash detected -- score normalized to 7
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	🟢 10	0 existing vulnerabilities detected

npm/@rollup/rollup-linux-arm-gnueabihf

4.52.4

🟢 6

Details

Check	Score	Reason
Code-Review	🟢 5	Found 12/23 approved changesets -- score normalized to 5
Maintained	🟢 10	30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	🟢 10	security policy file detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
License	🟢 9	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 1	branch protection is not maximal on development and all release branches
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	🟢 7	dependency not pinned by hash detected -- score normalized to 7
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	🟢 10	0 existing vulnerabilities detected

npm/@rollup/rollup-linux-arm-musleabihf

4.52.4

🟢 6

Details

Check	Score	Reason
Code-Review	🟢 5	Found 12/23 approved changesets -- score normalized to 5
Maintained	🟢 10	30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	🟢 10	security policy file detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
License	🟢 9	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 1	branch protection is not maximal on development and all release branches
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	🟢 7	dependency not pinned by hash detected -- score normalized to 7
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	🟢 10	0 existing vulnerabilities detected

npm/@rollup/rollup-linux-arm64-gnu

4.52.4

🟢 6

Details

Check	Score	Reason
Code-Review	🟢 5	Found 12/23 approved changesets -- score normalized to 5
Maintained	🟢 10	30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	🟢 10	security policy file detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
License	🟢 9	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 1	branch protection is not maximal on development and all release branches
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	🟢 7	dependency not pinned by hash detected -- score normalized to 7
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	🟢 10	0 existing vulnerabilities detected

npm/@rollup/rollup-linux-arm64-musl

4.52.4

🟢 6

Details

Check	Score	Reason
Code-Review	🟢 5	Found 12/23 approved changesets -- score normalized to 5
Maintained	🟢 10	30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	🟢 10	security policy file detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
License	🟢 9	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 1	branch protection is not maximal on development and all release branches
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	🟢 7	dependency not pinned by hash detected -- score normalized to 7
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	🟢 10	0 existing vulnerabilities detected

npm/@rollup/rollup-linux-loong64-gnu

4.52.4

🟢 6

Details

Check	Score	Reason
Code-Review	🟢 5	Found 12/23 approved changesets -- score normalized to 5
Maintained	🟢 10	30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	🟢 10	security policy file detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
License	🟢 9	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 1	branch protection is not maximal on development and all release branches
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	🟢 7	dependency not pinned by hash detected -- score normalized to 7
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	🟢 10	0 existing vulnerabilities detected

npm/@rollup/rollup-linux-ppc64-gnu

4.52.4

🟢 6

Details

Check	Score	Reason
Code-Review	🟢 5	Found 12/23 approved changesets -- score normalized to 5
Maintained	🟢 10	30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	🟢 10	security policy file detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
License	🟢 9	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 1	branch protection is not maximal on development and all release branches
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	🟢 7	dependency not pinned by hash detected -- score normalized to 7
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	🟢 10	0 existing vulnerabilities detected

npm/@rollup/rollup-linux-riscv64-gnu

4.52.4

🟢 6

Details

Check	Score	Reason
Code-Review	🟢 5	Found 12/23 approved changesets -- score normalized to 5
Maintained	🟢 10	30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	🟢 10	security policy file detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
License	🟢 9	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 1	branch protection is not maximal on development and all release branches
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	🟢 7	dependency not pinned by hash detected -- score normalized to 7
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	🟢 10	0 existing vulnerabilities detected

npm/@rollup/rollup-linux-riscv64-musl

4.52.4

🟢 6

Details

Check	Score	Reason
Code-Review	🟢 5	Found 12/23 approved changesets -- score normalized to 5
Maintained	🟢 10	30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	🟢 10	security policy file detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
License	🟢 9	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 1	branch protection is not maximal on development and all release branches
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	🟢 7	dependency not pinned by hash detected -- score normalized to 7
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	🟢 10	0 existing vulnerabilities detected

npm/@rollup/rollup-linux-s390x-gnu

4.52.4

🟢 6

Details

Check	Score	Reason
Code-Review	🟢 5	Found 12/23 approved changesets -- score normalized to 5
Maintained	🟢 10	30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	🟢 10	security policy file detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
License	🟢 9	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 1	branch protection is not maximal on development and all release branches
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	🟢 7	dependency not pinned by hash detected -- score normalized to 7
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	🟢 10	0 existing vulnerabilities detected

npm/@rollup/rollup-linux-x64-gnu

4.52.4

🟢 6

Details

Check	Score	Reason
Code-Review	🟢 5	Found 12/23 approved changesets -- score normalized to 5
Maintained	🟢 10	30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	🟢 10	security policy file detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
License	🟢 9	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 1	branch protection is not maximal on development and all release branches
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	🟢 7	dependency not pinned by hash detected -- score normalized to 7
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	🟢 10	0 existing vulnerabilities detected

npm/@rollup/rollup-linux-x64-musl

4.52.4

🟢 6

Details

Check	Score	Reason
Code-Review	🟢 5	Found 12/23 approved changesets -- score normalized to 5
Maintained	🟢 10	30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	🟢 10	security policy file detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
License	🟢 9	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 1	branch protection is not maximal on development and all release branches
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	🟢 7	dependency not pinned by hash detected -- score normalized to 7
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	🟢 10	0 existing vulnerabilities detected

npm/@rollup/rollup-openharmony-arm64

4.52.4

🟢 6

Details

Check	Score	Reason
Code-Review	🟢 5	Found 12/23 approved changesets -- score normalized to 5
Maintained	🟢 10	30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	🟢 10	security policy file detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
License	🟢 9	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 1	branch protection is not maximal on development and all release branches
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	🟢 7	dependency not pinned by hash detected -- score normalized to 7
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	🟢 10	0 existing vulnerabilities detected

npm/@rollup/rollup-win32-arm64-msvc

4.52.4

🟢 6

Details

Check	Score	Reason
Code-Review	🟢 5	Found 12/23 approved changesets -- score normalized to 5
Maintained	🟢 10	30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	🟢 10	security policy file detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
License	🟢 9	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 1	branch protection is not maximal on development and all release branches
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	🟢 7	dependency not pinned by hash detected -- score normalized to 7
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	🟢 10	0 existing vulnerabilities detected

npm/@rollup/rollup-win32-ia32-msvc

4.52.4

🟢 6

Details

Check	Score	Reason
Code-Review	🟢 5	Found 12/23 approved changesets -- score normalized to 5
Maintained	🟢 10	30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	🟢 10	security policy file detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
License	🟢 9	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 1	branch protection is not maximal on development and all release branches
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	🟢 7	dependency not pinned by hash detected -- score normalized to 7
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	🟢 10	0 existing vulnerabilities detected

npm/@rollup/rollup-win32-x64-gnu

4.52.4

🟢 6

Details

Check	Score	Reason
Code-Review	🟢 5	Found 12/23 approved changesets -- score normalized to 5
Maintained	🟢 10	30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	🟢 10	security policy file detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
License	🟢 9	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 1	branch protection is not maximal on development and all release branches
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	🟢 7	dependency not pinned by hash detected -- score normalized to 7
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	🟢 10	0 existing vulnerabilities detected

npm/@rollup/rollup-win32-x64-msvc

4.52.4

🟢 6

Details

Check	Score	Reason
Code-Review	🟢 5	Found 12/23 approved changesets -- score normalized to 5
Maintained	🟢 10	30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	🟢 10	security policy file detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
License	🟢 9	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 1	branch protection is not maximal on development and all release branches
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	🟢 7	dependency not pinned by hash detected -- score normalized to 7
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	🟢 10	0 existing vulnerabilities detected

npm/@types/node

24.6.2

🟢 6.7

Details

Check	Score	Reason
Maintained	🟢 10	30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Code-Review	🟢 6	Found 19/29 approved changesets -- score normalized to 6
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 9	license file detected
Packaging	⚠️ -1	packaging workflow not detected
Security-Policy	🟢 10	security policy file detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	⚠️ -1	no releases found
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	🟢 8	dependency not pinned by hash detected -- score normalized to 8
Fuzzing	⚠️ 0	project is not fuzzed

npm/baseline-browser-mapping

2.8.12

Unknown

npm/caniuse-lite

1.0.30001747

🟢 5

Details

Check	Score	Reason
Maintained	🟢 10	17 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Code-Review	⚠️ 0	Found 0/30 approved changesets -- score normalized to 0
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Packaging	⚠️ -1	packaging workflow not detected
Security-Policy	⚠️ 0	security policy file not detected
SAST	⚠️ 0	no SAST tool detected
Binary-Artifacts	🟢 10	no binaries found in the repo
License	🟢 10	license file detected
Pinned-Dependencies	🟢 10	all dependencies are pinned
Signed-Releases	⚠️ -1	no releases found
Fuzzing	⚠️ 0	project is not fuzzed
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
Vulnerabilities	🟢 10	0 existing vulnerabilities detected

npm/electron-to-chromium

1.5.230

Unknown

npm/jiti

2.6.1

🟢 6

Details

Check	Score	Reason
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Maintained	🟢 10	12 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10
Code-Review	⚠️ 2	Found 6/27 approved changesets -- score normalized to 2
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts	🟢 10	no binaries found in the repo
License	🟢 10	license file detected
Pinned-Dependencies	⚠️ 1	dependency not pinned by hash detected -- score normalized to 1
Fuzzing	⚠️ 0	project is not fuzzed
Signed-Releases	⚠️ -1	no releases found
Security-Policy	⚠️ 0	security policy file not detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	🟢 9	1 existing vulnerabilities detected

npm/node-releases

2.0.23

🟢 4.2

Details

Check	Score	Reason
Binary-Artifacts	🟢 10	no binaries found in the repo
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Maintained	🟢 6	8 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 6
SAST	⚠️ 0	no SAST tool detected
Packaging	⚠️ -1	packaging workflow not detected
Code-Review	⚠️ 0	Found 0/30 approved changesets -- score normalized to 0
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies	🟢 3	dependency not pinned by hash detected -- score normalized to 3
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Fuzzing	⚠️ 0	project is not fuzzed
Security-Policy	⚠️ 0	security policy file not detected
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
Vulnerabilities	🟢 10	0 existing vulnerabilities detected

npm/rollup

4.52.4

🟢 6

Details

Check	Score	Reason
Code-Review	🟢 5	Found 12/23 approved changesets -- score normalized to 5
Maintained	🟢 10	30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	🟢 10	security policy file detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
License	🟢 9	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 1	branch protection is not maximal on development and all release branches
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	🟢 7	dependency not pinned by hash detected -- score normalized to 7
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	🟢 10	0 existing vulnerabilities detected

npm/typescript

5.9.3

🟢 8.6

Details

Check	Score	Reason
Maintained	🟢 10	30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Code-Review	🟢 10	all changesets reviewed
Dependency-Update-Tool	🟢 10	update tool detected
Security-Policy	🟢 10	security policy file detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Token-Permissions	🟢 9	detected GitHub workflow tokens with excessive permissions
License	🟢 10	license file detected
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
Signed-Releases	⚠️ 0	Project has not signed or included provenance with any releases.
Branch-Protection	⚠️ -1	internal error: error during GetBranch(release-5.9): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration
SAST	🟢 10	SAST tool is run on all commits
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	🟢 6	dependency not pinned by hash detected -- score normalized to 6
Fuzzing	🟢 10	project is fuzzed
CI-Tests	🟢 10	30 out of 30 merged PRs checked by a CI test -- score normalized to 10
Contributors	🟢 10	project has 34 contributing companies or organizations

npm/vite

7.1.9

🟢 6.9

Details

Check	Score	Reason
Code-Review	🟢 6	Found 16/24 approved changesets -- score normalized to 6
Maintained	🟢 10	30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Token-Permissions	🟢 6	detected GitHub workflow tokens with excessive permissions
Binary-Artifacts	🟢 7	binaries present in source code
Security-Policy	🟢 10	security policy file detected
Signed-Releases	⚠️ -1	no releases found
Pinned-Dependencies	🟢 5	dependency not pinned by hash detected -- score normalized to 5
Fuzzing	⚠️ 0	project is not fuzzed
SAST	⚠️ 2	SAST tool is not run on all commits -- score normalized to 2
Vulnerabilities	🟢 10	0 existing vulnerabilities detected

Scanned Files

package.json
pnpm-lock.yaml

dependabot Bot assigned poad Oct 6, 2025

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Oct 6, 2025

github-actions Bot approved these changes Oct 6, 2025

View reviewed changes

github-actions Bot enabled auto-merge (squash) October 6, 2025 01:30

github-actions Bot merged commit 1f3691c into main Oct 6, 2025
5 checks passed

github-actions Bot deleted the dependabot/npm_and_yarn/npm-82a729cf31 branch October 6, 2025 01:31

github-actions Bot mentioned this pull request Feb 22, 2026

Release v1.1.2 #2129

Closed

my-pull-request-auto-merge Bot mentioned this pull request Feb 22, 2026

Release v1.1.2 #2130

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the npm group with 32 updates#2053

Bump the npm group with 32 updates#2053
github-actions[bot] merged 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-82a729cf31

dependabot Bot commented on behalf of github Oct 6, 2025

Uh oh!

github-actions Bot commented Oct 6, 2025

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot Bot commented on behalf of github Oct 6, 2025

v2.6.1

🩹 Fixes

📦 Build

❤️ Contributors

v2.6.1

🩹 Fixes

📦 Build

🏡 Chore

❤️ Contributors

TypeScript 5.9.3

v7.1.9

v7.1.8

7.1.9 (2025-10-03)

Reverts

7.1.8 (2025-10-02)

Bug Fixes

Documentation

Miscellaneous Chores

v4.52.4

4.52.4

Bug Fixes

Pull Requests

4.52.4

Bug Fixes

Pull Requests

v4.52.4

4.52.4

Bug Fixes

Pull Requests

4.52.4

Bug Fixes

Pull Requests

v4.52.4

4.52.4

Bug Fixes

Pull Requests

4.52.4

Bug Fixes

Pull Requests

v4.52.4

4.52.4

Bug Fixes

Pull Requests

4.52.4

Bug Fixes

Pull Requests

v4.52.4

4.52.4

Bug Fixes

Pull Requests

4.52.4

Bug Fixes

Pull Requests

v4.52.4

4.52.4

Bug Fixes

Pull Requests

4.52.4

Bug Fixes

Pull Requests

v4.52.4

4.52.4

Bug Fixes

Pull Requests

4.52.4

Bug Fixes

Pull Requests

v4.52.4

4.52.4

Bug Fixes

Pull Requests

4.52.4

Bug Fixes

Pull Requests

v4.52.4

4.52.4

Bug Fixes

Pull Requests