Bump the eslint group in /frontend-react with 4 updates

[dependabot]

Bumps the eslint group in /frontend-react with 4 updates: eslint, eslint-plugin-jest-dom, eslint-plugin-react-hooks and eslint-plugin-react-refresh.

Updates eslint from 8.57.0 to 9.2.0

Release notes

Sourced from eslint's releases.

v9.2.0

Features

• 8485d76 feat: no-case-declarations add suggestions (#18388) (Josh Goldberg ✨)
• a498f35 feat: update Unicode letter detection in capitalized-comments rule (#18375) (Francesco Trotta)

Bug Fixes

• eeec413 fix: do not throw when defining a global named defineSetter (#18364) (唯然)

Documentation

• 0f5df50 docs: Update README (GitHub Actions Bot)
• 1579ce0 docs: update wording regarding indirect eval (#18394) (Kirk Waiblinger)
• f12a02c docs: update to eslint v9 in custom-rule-tutorial (#18383) (唯然)

Chores

• b346605 chore: upgrade @​eslint/js@​9.2.0 (#18413) (Milos Djermanovic)
• c4c18e0 chore: package.json update for @​eslint/js release (Jenkins)
• 284722c chore: package.json update for eslint-config-eslint release (Jenkins)
• 347d44f chore: remove eslintrc export from eslint-config-eslint (#18400) (Milos Djermanovic)
• f316e20 ci: run tests in Node.js 22 (#18393) (Francesco Trotta)

v9.1.1

Bug Fixes

• a26b402 fix: use @​eslint/create-config latest (#18373) (唯然)

v9.1.0

Features

• 03068f1 feat: Provide helpful error message for nullish configs (#18357) (Nicholas C. Zakas)
• 751b518 feat: replace dependency graphemer with Intl.Segmenter (#18110) (Francesco Trotta)
• 4d11e56 feat: add name to eslint configs (#18289) (唯然)
• 1cbe1f6 feat: allow while(true) in no-constant-condition (#18286) (Tanuj Kanti)
• 0db676f feat: add Intl in es6 globals (#18318) (唯然)

Bug Fixes

• 8d18958 fix: Remove name from eslint/js packages (#18368) (Nicholas C. Zakas)
• 594eb0e fix: do not crash on error in fs.walk filter (#18295) (Francesco Trotta)
• 0d8cf63 fix: EMFILE errors (#18313) (Nicholas C. Zakas)
• e1ac0b5 fix: --inspect-config only for flat config and respect -c (#18306) (Nicholas C. Zakas)
• 09675e1 fix: --no-ignore should not apply to non-global ignores (#18334) (Milos Djermanovic)

Documentation

• fb50077 docs: include notes about globals in migration-guide (#18356) (Gabriel Rohden)
• 71c771f docs: Fix missing accessible name for scroll-to-top link (#18329) (Germán Freixinós)
• 200fd4e docs: indicate eslintrc mode for .eslintignore (#18285) (Francesco Trotta)
• 16b6a8b docs: Update README (GitHub Actions Bot)
• df5f8a9 docs: paths and patterns difference in no-restricted-imports (#18273) (Tanuj Kanti)
• c537d76 docs: update npm init @eslint/config generated file names (#18298) (唯然)
• e1e305d docs: fix linebreak-style examples (#18262) (Francesco Trotta)
• 113f51e docs: Mention package.json config support dropped (#18305) (Nicholas C. Zakas)
• 5c35321 docs: add eslintrc-only note to --rulesdir (#18281) (Adam Lui 刘展鹏)

... (truncated)

Changelog

Sourced from eslint's changelog.

v9.2.0 - May 3, 2024

• b346605 chore: upgrade @​eslint/js@​9.2.0 (#18413) (Milos Djermanovic)
• c4c18e0 chore: package.json update for @​eslint/js release (Jenkins)
• 284722c chore: package.json update for eslint-config-eslint release (Jenkins)
• 0f5df50 docs: Update README (GitHub Actions Bot)
• 347d44f chore: remove eslintrc export from eslint-config-eslint (#18400) (Milos Djermanovic)
• 8485d76 feat: no-case-declarations add suggestions (#18388) (Josh Goldberg ✨)
• a498f35 feat: update Unicode letter detection in capitalized-comments rule (#18375) (Francesco Trotta)
• 1579ce0 docs: update wording regarding indirect eval (#18394) (Kirk Waiblinger)
• f316e20 ci: run tests in Node.js 22 (#18393) (Francesco Trotta)
• eeec413 fix: do not throw when defining a global named defineSetter (#18364) (唯然)
• f12a02c docs: update to eslint v9 in custom-rule-tutorial (#18383) (唯然)

v9.1.1 - April 22, 2024

• a26b402 fix: use @​eslint/create-config latest (#18373) (唯然)

v9.1.0 - April 19, 2024

• d9a2983 chore: upgrade @​eslint/js to v9.1.1 (#18367) (Francesco Trotta)
• 03068f1 feat: Provide helpful error message for nullish configs (#18357) (Nicholas C. Zakas)
• 50d406d chore: package.json update for @​eslint/js release (Jenkins)
• 8d18958 fix: Remove name from eslint/js packages (#18368) (Nicholas C. Zakas)
• 155c71c chore: package.json update for @​eslint/js release (Jenkins)
• 594eb0e fix: do not crash on error in fs.walk filter (#18295) (Francesco Trotta)
• 751b518 feat: replace dependency graphemer with Intl.Segmenter (#18110) (Francesco Trotta)
• fb50077 docs: include notes about globals in migration-guide (#18356) (Gabriel Rohden)
• 4d11e56 feat: add name to eslint configs (#18289) (唯然)
• 1cbe1f6 feat: allow while(true) in no-constant-condition (#18286) (Tanuj Kanti)
• 0588fc5 refactor: Move directive gathering to SourceCode (#18328) (Nicholas C. Zakas)
• 0d8cf63 fix: EMFILE errors (#18313) (Nicholas C. Zakas)
• e1ac0b5 fix: --inspect-config only for flat config and respect -c (#18306) (Nicholas C. Zakas)
• 09675e1 fix: --no-ignore should not apply to non-global ignores (#18334) (Milos Djermanovic)
• 9048e21 chore: lint docs/src/_data js files (#18335) (Milos Djermanovic)
• 4820790 chore: upgrade globals@15.0.0 dev dependency (#18332) (Milos Djermanovic)
• 698d9ff chore: upgrade jsdoc & unicorn plugins in eslint-config-eslint (#18333) (Milos Djermanovic)
• 71c771f docs: Fix missing accessible name for scroll-to-top link (#18329) (Germán Freixinós)
• 0db676f feat: add Intl in es6 globals (#18318) (唯然)
• 200fd4e docs: indicate eslintrc mode for .eslintignore (#18285) (Francesco Trotta)
• 32c08cf chore: drop Node < 18 and use @​eslint/js v9 in eslint-config-eslint (#18323) (Milos Djermanovic)
• 16b6a8b docs: Update README (GitHub Actions Bot)
• a76fb55 chore: @​eslint-community/eslint-plugin-eslint-comments v4.3.0 (#18319) (Milos Djermanovic)
• df5f8a9 docs: paths and patterns difference in no-restricted-imports (#18273) (Tanuj Kanti)
• c537d76 docs: update npm init @eslint/config generated file names (#18298) (唯然)
• 78e45b1 chore: eslint-plugin-eslint-plugin v6.0.0 (#18316) (唯然)
• 36103a5 chore: eslint-plugin-n v17.0.0 (#18315) (唯然)
• e1e305d docs: fix linebreak-style examples (#18262) (Francesco Trotta)
• 113f51e docs: Mention package.json config support dropped (#18305) (Nicholas C. Zakas)
• 1fa6622 build: do not use --force flag to install dependencies (#18284) (Francesco Trotta)

... (truncated)

Commits

• 271e7ab 9.2.0
• 989ac9d Build: changelog update for 9.2.0
• b346605 chore: upgrade @​eslint/js@​9.2.0 (#18413)
• c4c18e0 chore: package.json update for @​eslint/js release
• 284722c chore: package.json update for eslint-config-eslint release
• 0f5df50 docs: Update README
• 347d44f chore: remove eslintrc export from eslint-config-eslint (#18400)
• 8485d76 feat: no-case-declarations add suggestions (#18388)
• a498f35 feat: update Unicode letter detection in capitalized-comments rule (#18375)
• 1579ce0 docs: update wording regarding indirect eval (#18394)
• Additional commits viewable in compare view

Updates eslint-plugin-jest-dom from 5.2.0 to 5.4.0

Release notes

Sourced from eslint-plugin-jest-dom's releases.

v5.4.0

5.4.0 (2024-04-19)

Features

• support ESLint v9 (#355) (3965c8f)

v5.3.0

5.3.0 (2024-04-19)

Features

• allow testing-library/dom v10 (#362) (60a3a37)

Reverts

• downgrade codecov/codecov-action (again) (#351) (18afe30)

Commits

• 3965c8f feat: support ESLint v9 (#355)
• de56a19 ci: update matrix node version conditions (#364)
• 3fc5b10 ci: don't run @testing-library/dom v10 against Node 12.x (#365)
• 60a3a37 feat: allow testing-library/dom v10 (#362)
• 7478eba ci: only test against latest versions of ESLint majors (#363)
• 227d0f8 ci: update matrix of node versions to test against (#361)
• 18afe30 revert: downgrade codecov/codecov-action (again) (#351)
• 7ddc1f6 chore(deps): bump codecov/codecov-action from 3 to 4 (#350)
• See full diff in compare view

Updates eslint-plugin-react-hooks from 4.6.0 to 4.6.2

Changelog

Sourced from eslint-plugin-react-hooks's changelog.

5.0.0 (next release)

• New Violations: Component names now need to start with an uppercase letter instead of a non-lowercase letter. This means _Button or _component are no longer valid. (@​kassens) in #25162

Commits

• See full diff in compare view

Maintainer changes

This version was pushed to npm by react-bot, a new releaser for eslint-plugin-react-hooks since your current version.

Updates eslint-plugin-react-refresh from 0.4.6 to 0.4.7

Release notes

Sourced from eslint-plugin-react-refresh's releases.

v0.4.7

• Support export { Component as default } (fixes #41)

Changelog

Sourced from eslint-plugin-react-refresh's changelog.

0.4.7

• Support export { Component as default } (fixes #41)

Commits

• 70dcd5a Support export { Component as default } (fixes #41) [publish]
• See full diff in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
npm/@eslint/eslintrc	3.0.2	🟢 6.1	Details Check Score Reason Code-Review 🟢 8 Found 18/21 approved changesets -- score normalized to 8 Maintained 🟢 5 6 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ -1 no releases found Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 10 security policy file detected Packaging 🟢 10 packaging workflow detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/@eslint/js	9.2.0	🟢 6.7	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 20 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 5 Found 16/27 approved changesets -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Vulnerabilities 🟢 10 0 existing vulnerabilities detected Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
npm/@humanwhocodes/config-array	0.13.0	🟢 5.3	Details Check Score Reason Code-Review 🟢 4 Found 7/15 approved changesets -- score normalized to 4 Maintained 🟢 10 13 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected Packaging 🟢 10 packaging workflow detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 2 dependency not pinned by hash detected -- score normalized to 2 Vulnerabilities 🟢 6 4 existing vulnerabilities detected
npm/@humanwhocodes/object-schema	2.0.3	🟢 3.7	Details Check Score Reason Code-Review ⚠️ 0 Found 0/23 approved changesets -- score normalized to 0 Maintained ⚠️ 1 2 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 1 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging 🟢 10 packaging workflow detected Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 3 7 existing vulnerabilities detected Pinned-Dependencies ⚠️ 2 dependency not pinned by hash detected -- score normalized to 2
npm/@humanwhocodes/retry	0.2.4	Unknown	Unknown
npm/eslint	9.2.0	🟢 6.7	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 20 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 5 Found 16/27 approved changesets -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Vulnerabilities 🟢 10 0 existing vulnerabilities detected Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
npm/eslint-plugin-jest-dom	5.4.0	🟢 5.2	Details Check Score Reason Maintained 🟢 10 13 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 4 Found 10/23 approved changesets -- score normalized to 4 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
npm/eslint-plugin-react-hooks	4.6.2	🟢 5.5	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 9 Found 27/30 approved changesets -- score normalized to 9 CII-Best-Practices ⚠️ 2 badge detected: InProgress License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 10 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 0 183 existing vulnerabilities detected
npm/eslint-plugin-react-refresh	0.4.7	Unknown	Unknown
npm/eslint-scope	8.0.1	🟢 6.1	Details Check Score Reason Code-Review 🟢 8 Found 23/26 approved changesets -- score normalized to 8 Maintained 🟢 5 6 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Packaging 🟢 10 packaging workflow detected Security-Policy 🟢 10 security policy file detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/eslint-visitor-keys	4.0.0	🟢 5.9	Details Check Score Reason Code-Review 🟢 8 Found 22/26 approved changesets -- score normalized to 8 Maintained 🟢 3 4 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 3 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Packaging 🟢 10 packaging workflow detected Security-Policy 🟢 10 security policy file detected Signed-Releases ⚠️ -1 no releases found Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/espree	10.0.1	🟢 6	Details Check Score Reason Maintained 🟢 5 5 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 5 Code-Review 🟢 7 Found 18/25 approved changesets -- score normalized to 7 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Vulnerabilities 🟢 10 0 existing vulnerabilities detected Security-Policy 🟢 10 security policy file detected Packaging 🟢 10 packaging workflow detected Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
npm/file-entry-cache	8.0.0	🟢 3.5	Details Check Score Reason Code-Review ⚠️ 0 Found 0/15 approved changesets -- score normalized to 0 Maintained ⚠️ 1 2 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 1 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
npm/flat-cache	4.0.1	🟢 4.8	Details Check Score Reason Code-Review ⚠️ 2 Found 2/10 approved changesets -- score normalized to 2 Maintained 🟢 8 8 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 8 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Security-Policy ⚠️ 0 security policy file not detected SAST 🟢 6 SAST tool is not run on all commits -- score normalized to 6 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
npm/globals	14.0.0	🟢 5.8	Details Check Score Reason Code-Review 🟢 8 Found 21/26 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
npm/json-buffer	3.0.1	🟢 3.2	Details Check Score Reason Code-Review ⚠️ 1 Found 4/29 approved changesets -- score normalized to 1 Maintained ⚠️ 0 project is archived CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow ⚠️ -1 no workflows found Token-Permissions ⚠️ -1 No tokens found Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ -1 no dependencies found Packaging ⚠️ -1 packaging workflow not detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/keyv	4.5.4	🟢 5.7	Details Check Score Reason Code-Review ⚠️ 1 Found 4/30 approved changesets -- score normalized to 1 Maintained 🟢 10 15 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Signed-Releases ⚠️ -1 no releases found Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
npm/@eslint/eslintrc	2.1.4	🟢 6.1	Details Check Score Reason Code-Review 🟢 8 Found 18/21 approved changesets -- score normalized to 8 Maintained 🟢 5 6 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ -1 no releases found Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 10 security policy file detected Packaging 🟢 10 packaging workflow detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/@eslint/js	8.57.0	🟢 6.7	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 20 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 5 Found 16/27 approved changesets -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Vulnerabilities 🟢 10 0 existing vulnerabilities detected Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
npm/@humanwhocodes/config-array	0.11.14	🟢 5.3	Details Check Score Reason Code-Review 🟢 4 Found 7/15 approved changesets -- score normalized to 4 Maintained 🟢 10 13 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected Packaging 🟢 10 packaging workflow detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 2 dependency not pinned by hash detected -- score normalized to 2 Vulnerabilities 🟢 6 4 existing vulnerabilities detected
npm/@humanwhocodes/object-schema	2.0.2	🟢 3.7	Details Check Score Reason Code-Review ⚠️ 0 Found 0/23 approved changesets -- score normalized to 0 Maintained ⚠️ 1 2 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 1 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging 🟢 10 packaging workflow detected Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 3 7 existing vulnerabilities detected Pinned-Dependencies ⚠️ 2 dependency not pinned by hash detected -- score normalized to 2
npm/eslint	8.57.0	🟢 6.7	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 20 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 5 Found 16/27 approved changesets -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Vulnerabilities 🟢 10 0 existing vulnerabilities detected Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
npm/eslint-plugin-jest-dom	5.2.0	🟢 5.2	Details Check Score Reason Maintained 🟢 10 13 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 4 Found 10/23 approved changesets -- score normalized to 4 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
npm/eslint-plugin-react-hooks	4.6.0	🟢 5.5	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 9 Found 27/30 approved changesets -- score normalized to 9 CII-Best-Practices ⚠️ 2 badge detected: InProgress License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 10 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 0 183 existing vulnerabilities detected
npm/eslint-plugin-react-refresh	0.4.6	Unknown	Unknown
npm/eslint-scope	7.2.2	🟢 6.1	Details Check Score Reason Code-Review 🟢 8 Found 23/26 approved changesets -- score normalized to 8 Maintained 🟢 5 6 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Packaging 🟢 10 packaging workflow detected Security-Policy 🟢 10 security policy file detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/espree	9.6.1	🟢 6	Details Check Score Reason Maintained 🟢 5 5 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 5 Code-Review 🟢 7 Found 18/25 approved changesets -- score normalized to 7 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Vulnerabilities 🟢 10 0 existing vulnerabilities detected Security-Policy 🟢 10 security policy file detected Packaging 🟢 10 packaging workflow detected Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
npm/file-entry-cache	6.0.1	🟢 3.5	Details Check Score Reason Code-Review ⚠️ 0 Found 0/15 approved changesets -- score normalized to 0 Maintained ⚠️ 1 2 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 1 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
npm/flat-cache	3.0.4	🟢 4.8	Details Check Score Reason Code-Review ⚠️ 2 Found 2/10 approved changesets -- score normalized to 2 Maintained 🟢 8 8 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 8 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Security-Policy ⚠️ 0 security policy file not detected SAST 🟢 6 SAST tool is not run on all commits -- score normalized to 6 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0

Scanned Manifest Files

frontend-react/package.json

• eslint@^9.2.0
• eslint-plugin-jest-dom@^5.4.0
• eslint-plugin-react-hooks@^4.6.2
• eslint-plugin-react-refresh@^0.4.7
• eslint@^8.57.0
• eslint-plugin-jest-dom@^5.2.0
• eslint-plugin-react-hooks@^4.6.0
• eslint-plugin-react-refresh@^0.4.6

frontend-react/yarn.lock

• @eslint/eslintrc@3.0.2
• @eslint/js@9.2.0
• @humanwhocodes/config-array@0.13.0
• @humanwhocodes/object-schema@2.0.3
• @humanwhocodes/retry@0.2.4
• eslint@9.2.0
• eslint-plugin-jest-dom@5.4.0
• eslint-plugin-react-hooks@4.6.2
• eslint-plugin-react-refresh@0.4.7
• eslint-scope@8.0.1
• eslint-visitor-keys@4.0.0
• espree@10.0.1
• file-entry-cache@8.0.0
• flat-cache@4.0.1
• globals@14.0.0
• json-buffer@3.0.1
• keyv@4.5.4
• @eslint/eslintrc@2.1.4
• @eslint/js@8.57.0
• @humanwhocodes/config-array@0.11.14
• @humanwhocodes/object-schema@2.0.2
• eslint@8.57.0
• eslint-plugin-jest-dom@5.2.0
• eslint-plugin-react-hooks@4.6.0
• eslint-plugin-react-refresh@0.4.6
• eslint-scope@7.2.2
• espree@9.6.1
• file-entry-cache@6.0.1
• flat-cache@3.0.4

[snesm]

@dependabot rebase

[dependabot]

Superseded by #14435.