chore(deps-dev): bump ts-jest from 29.4.0 to 29.4.5

[dependabot]

Bumps ts-jest from 29.4.0 to 29.4.5.

Release notes

Sourced from ts-jest's releases.

v29.4.5

Please refer to CHANGELOG.md for details.

v29.4.4

Please refer to CHANGELOG.md for details.

v29.4.3

Please refer to CHANGELOG.md for details.

v29.4.2

Please refer to CHANGELOG.md for details.

v29.4.1

Please refer to CHANGELOG.md for details.

Changelog

Sourced from ts-jest's changelog.

29.4.5 (2025-10-10)

Bug Fixes

• allow filtering modern module warning message with diagnostic code (c290d4d), , closes #5013

29.4.4 (2025-09-19)

Bug Fixes

• revert 29.4.3 changes (25cb706), closes #5049

29.4.3 (2025-09-17)

Bug Fixes

• introduce transpilation option to replace isolatedModules option (#5044) (5868761)

29.4.2 (2025-09-15)

Bug Fixes

• fix: node 14 compatibility (aa0d563), fixes #5038

29.4.1 (2025-08-03)

Bug Fixes

• fix: replace ejs with handlebars due to security issues (899c9b7), closes #4969

Commits

• 9d5248a chore(release): 29.4.5
• ca8b623 refactor: improve message about using Node16/18/Next
• c290d4d fix: allow filtering modern module warning message with diagnostic code
• 1ff2dda build: replace conventional-changelog-cli dep
• 1c08db3 ci: run npm ci --ignore-scripts for workflows
• 9f60d2c ci: enhance security for Renovate PRs
• 1c1077f build(deps): Update dependency @​formatjs/ts-transformer to ^3.14.2
• 9037f2f build(deps): Update dependency @​types/node to v20.19.20
• 6ed0e1c build(deps): Update dependency semver to ^7.7.3
• 4a06f8c build(deps): Update github/codeql-action digest to a8d1ac4
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ✅ 0 package(s) with unknown licenses.
• ⚠️ 1 packages with OpenSSF Scorecard issues.

See the Details below.

OpenSSF Scorecard

Package	Version	Score	Details
npm/handlebars	4.7.8	🟢 4.3	Details Check Score Reason Code-Review 🟢 4 Found 10/25 approved changesets -- score normalized to 4 Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 3 1 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 3 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 2 dependency not pinned by hash detected -- score normalized to 2 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 0 58 existing vulnerabilities detected
npm/neo-async	2.6.2	⚠️ 2.1	Details Check Score Reason Dangerous-Workflow ⚠️ -1 no workflows found Code-Review 🟢 3 Found 9/23 approved changesets -- score normalized to 3 Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 Token-Permissions ⚠️ -1 No tokens found Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Pinned-Dependencies ⚠️ -1 no dependencies found Security-Policy ⚠️ 0 security policy file not detected License 🟢 9 license file detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Vulnerabilities ⚠️ 0 61 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/semver	7.7.3	🟢 6.8	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Maintained 🟢 7 4 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 7 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md SAST 🟢 8 SAST tool detected but not run on all commits
npm/ts-jest	29.4.5	🟢 6.3	Details Check Score Reason Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 10 30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 Code-Review ⚠️ -1 Found no human activity in the last 30 changesets CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Security-Policy ⚠️ 0 security policy file not detected Pinned-Dependencies 🟢 7 dependency not pinned by hash detected -- score normalized to 7 License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md SAST 🟢 10 SAST tool is run on all commits Vulnerabilities 🟢 7 3 existing vulnerabilities detected
npm/type-fest	4.41.0	🟢 5.7	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 20 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 7 Found 22/30 approved changesets -- score normalized to 7 Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/uglify-js	3.19.3	🟢 3.4	Details Check Score Reason Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review ⚠️ 0 Found 2/30 approved changesets -- score normalized to 0 Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Security-Policy ⚠️ 0 security policy file not detected License 🟢 9 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/wordwrap	1.0.0	🟢 4.8	Details Check Score Reason Maintained ⚠️ 0 0 commit(s) out of 15 and 0 issue activity out of 12 found in the last 90 days -- score normalized to 0 Code-Review ⚠️ 0 no reviews found CII-Best-Practices ⚠️ 0 no badge detected Vulnerabilities 🟢 10 no vulnerabilities detected Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo License 🟢 10 license file detected Packaging ⚠️ -1 no published package detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Pinned-Dependencies 🟢 10 all dependencies are pinned Token-Permissions 🟢 10 tokens are read-only in GitHub workflows Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 no SAST tool detected Dependency-Update-Tool ⚠️ 0 no update tool detected Fuzzing ⚠️ -1 internal error: internal error: Client.Search.Code: Search.Code: GET https://api.github.com/search/code?q=github.com+substack+node-wordwrap+repo%3Agoogle%2Foss-fuzz+in%3Afile+filename%3Aproject.yaml: 400 []

Scanned Files

• package-lock.json