chore(deps): bump the frontend-utils group across 1 directory with 6 updates #115

dependabot · 2025-12-15T04:25:24Z

Bumps the frontend-utils group with 6 updates in the / directory:

Package	From	To
three	`0.180.0`	`0.182.0`
@eslint/eslintrc	`3.3.1`	`3.3.3`
@tailwindcss/vite	`4.1.17`	`4.1.18`
dotenv-cli	`10.0.0`	`11.0.0`
eslint	`9.39.1`	`9.39.2`
lint-staged	`16.2.6`	`16.2.7`

Updates three from 0.180.0 to 0.182.0

Commits

See full diff in compare view

Updates @eslint/eslintrc from 3.3.1 to 3.3.3

Release notes

Sourced from @eslint/eslintrc's releases.

eslintrc: v3.3.3

3.3.3 (2025-11-28)

Bug Fixes

release v3.3.3 because publishing v3.3.2 failed (#211) (8aa555a)

eslintrc: v3.3.2

3.3.2 (2025-11-25)

Bug Fixes

Remove name property from all and recommended configs (#200) (344da49)

Changelog

Sourced from @eslint/eslintrc's changelog.

3.3.3 (2025-11-28)

Bug Fixes

release v3.3.3 because publishing v3.3.2 failed (#211) (8aa555a)

3.3.2 (2025-11-25)

Bug Fixes

Remove name property from all and recommended configs (#200) (344da49)

Commits

fdb5298 chore: release 3.3.3 🚀 (#212)
8aa555a fix: release v3.3.3 because publishing v3.3.2 failed (#211)
a8b773d chore: release 3.3.2 🚀 (#204)
85244bb chore: switch to googleapis/release-please-action (#208)
d356360 docs: Update README sponsors
116bf03 chore: update js-yaml to version 4.1.1 (#207)
16e8d20 docs: Update README sponsors
3b089ac chore: update .gitignore to exclude shared workflows (#206)
1f6e2d1 docs: Update README sponsors
785c00b docs: Update README sponsors
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @eslint/eslintrc since your current version.

Updates @tailwindcss/vite from 4.1.17 to 4.1.18

Release notes

Sourced from @tailwindcss/vite's releases.

v4.1.18

Fixed

Ensure validation of source(…) happens relative to the file it is in (#19274)

Include filename and line numbers in CSS parse errors (#19282)

Skip comments in Ruby files when checking for class names (#19243)

Skip over arbitrary property utilities with a top-level ! in the value (#19243)

Support environment API in @tailwindcss/vite (#18970)

Preserve case of theme keys from JS configs and plugins (#19337)

Write source maps correctly on the CLI when using --watch (#19373)

Handle special defaults (like ringColor.DEFAULT) in JS configs (#19348)

Improve backwards compatibility for content theme key from JS configs (#19381)

Upgrade: Handle future and experimental config keys (#19344)

Try to canonicalize any arbitrary utility to a bare value (#19379)

Validate candidates similarly to Oxide (#19397)

Canonicalization: combine text-* and leading-* classes (#19396)

Correctly handle duplicate CLI arguments (#19416)

Don’t emit color-mix fallback rules inside @keyframes (#19419)

CLI: Don't hang when output is /dev/stdout (#19421)

Changelog

Sourced from @tailwindcss/vite's changelog.

[4.1.18] - 2025-12-11

Fixed

Ensure validation of source(…) happens relative to the file it is in (#19274)

Include filename and line numbers in CSS parse errors (#19282)

Skip comments in Ruby files when checking for class names (#19243)

Skip over arbitrary property utilities with a top-level ! in the value (#19243)

Support environment API in @tailwindcss/vite (#18970)

Preserve case of theme keys from JS configs and plugins (#19337)

Write source maps correctly on the CLI when using --watch (#19373)

Handle special defaults (like ringColor.DEFAULT) in JS configs (#19348)

Improve backwards compatibility for content theme key from JS configs (#19381)

Upgrade: Handle future and experimental config keys (#19344)

Try to canonicalize any arbitrary utility to a bare value (#19379)

Validate candidates similarly to Oxide (#19397)

Canonicalization: combine text-* and leading-* classes (#19396)

Correctly handle duplicate CLI arguments (#19416)

Don’t emit color-mix fallback rules inside @keyframes (#19419)

CLI: Don't hang when output is /dev/stdout (#19421)

[3.4.19] - 2025-12-10

Fixed

Don’t break sibling-*() functions when used inside calc(…) (#19335)

Commits

9b32f7c Release v4.1.18 (#19431)
5f107e2 Fix typo
e4b6c67 Support Vite Environment API (#18970)
21f2bf9 perf(vite): add plugin hook filter (#19308)
See full diff in compare view

Updates dotenv-cli from 10.0.0 to 11.0.0

Commits

5ddbe98 v11.0.0
04aa586 chore: bump dotenv-expand to ^12
a4b18d9 chore: prettify README.md
a979e9a chore: update README.md
See full diff in compare view

Updates eslint from 9.39.1 to 9.39.2

Release notes

Sourced from eslint's releases.

v9.39.2

Bug Fixes

5705833 fix: warn when eslint-env configuration comments are found (#20381) (sethamus)

Build Related

506f154 build: add .scss files entry to knip (#20391) (Milos Djermanovic)

Chores

7ca0af7 chore: upgrade to @eslint/[email protected] (#20394) (Francesco Trotta)

c43ce24 chore: package.json update for @eslint/js release (Jenkins)

4c9858e ci: add v9.x-dev branch (#20382) (Milos Djermanovic)

Commits

9278324 9.39.2
542266a Build: changelog update for 9.39.2
7ca0af7 chore: upgrade to @eslint/[email protected] (#20394)
c43ce24 chore: package.json update for @eslint/js release
5705833 fix: warn when eslint-env configuration comments are found (#20381)
506f154 build: add .scss files entry to knip (#20391)
4c9858e ci: add v9.x-dev branch (#20382)
See full diff in compare view

Updates lint-staged from 16.2.6 to 16.2.7

Release notes

Sourced from lint-staged's releases.

v16.2.7

Patch Changes

#1711 ef74c8d Thanks @iiroj! - Do not display a "failed to spawn" error message when a task fails normally. This message is reserved for when the task didn't run because spawning it failed.

Changelog

Sourced from lint-staged's changelog.

16.2.7

Patch Changes

#1711 ef74c8d Thanks @iiroj! - Do not display a "failed to spawn" error message when a task fails normally. This message is reserved for when the task didn't run because spawning it failed.

Commits

0c1b000 chore(changeset): release
595b202 build(deps): update dependencies
ef74c8d fix: do display "failed to spawn" message when task fails normally
5cf2a1e style: do not autofix when running lint-staged
ba40012 chore: drop npx from commit-msg hook
d67de9a chore: fix pre-push hook usage with changeset
8017d1d build(deps): update dependencies
922d7f4 ci: remove dependabot integration, it's not useful
6aeeef1 docs: add PR template
a5728b5 docs: add AGENTS.md
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

dependabot · 2025-12-15T04:25:25Z

Labels

The following labels could not be found: vite. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

github-actions · 2025-12-15T04:25:39Z

⚠️ Deprecation Warning: The deny-licenses option is deprecated for possible removal in the next major release. For more information, see issue 997.

Dependency Review

The following issues were found:

✅ 0 vulnerable package(s)
✅ 0 package(s) with incompatible licenses
✅ 0 package(s) with invalid SPDX license definitions
✅ 0 package(s) with unknown licenses.
⚠️ 1 packages with OpenSSF Scorecard issues.

See the Details below.

OpenSSF Scorecard

Scorecard details

Package

Version

Score

Details

npm/@emnapi/core

1.7.1

🟢 4.3

Details

Check	Score	Reason
Code-Review	⚠️ 0	Found 1/30 approved changesets -- score normalized to 0
Maintained	🟢 10	16 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Security-Policy	⚠️ 0	security policy file not detected
License	🟢 10	license file detected
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
Fuzzing	⚠️ 0	project is not fuzzed
Signed-Releases	⚠️ 0	Project has not signed or included provenance with any releases.
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
Packaging	🟢 10	packaging workflow detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/@emnapi/runtime

1.7.1

🟢 4.3

Details

Check	Score	Reason
Code-Review	⚠️ 0	Found 1/30 approved changesets -- score normalized to 0
Maintained	🟢 10	16 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Security-Policy	⚠️ 0	security policy file not detected
License	🟢 10	license file detected
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
Fuzzing	⚠️ 0	project is not fuzzed
Signed-Releases	⚠️ 0	Project has not signed or included provenance with any releases.
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
Packaging	🟢 10	packaging workflow detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/@emnapi/wasi-threads

1.1.0

🟢 4.3

Details

Check	Score	Reason
Code-Review	⚠️ 0	Found 1/30 approved changesets -- score normalized to 0
Maintained	🟢 10	16 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Security-Policy	⚠️ 0	security policy file not detected
License	🟢 10	license file detected
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
Fuzzing	⚠️ 0	project is not fuzzed
Signed-Releases	⚠️ 0	Project has not signed or included provenance with any releases.
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
Packaging	🟢 10	packaging workflow detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/@eslint/eslintrc

3.3.3

🟢 6.3

Details

Check	Score	Reason
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Code-Review	🟢 6	Found 17/26 approved changesets -- score normalized to 6
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Maintained	🟢 10	20 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Binary-Artifacts	🟢 10	no binaries found in the repo
License	🟢 10	license file detected
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
Fuzzing	⚠️ 0	project is not fuzzed
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	🟢 5	branch protection is not maximal on development and all release branches
Security-Policy	🟢 10	security policy file detected
Packaging	🟢 10	packaging workflow detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/@eslint/js

9.39.2

🟢 6.8

Details

Check	Score	Reason
Maintained	🟢 10	30 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Code-Review	🟢 8	Found 24/29 approved changesets -- score normalized to 8
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
License	🟢 10	license file detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
Branch-Protection	🟢 5	branch protection is not maximal on development and all release branches
Security-Policy	🟢 10	security policy file detected
Signed-Releases	⚠️ -1	no releases found
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
SAST	🟢 10	SAST tool is run on all commits

npm/@napi-rs/wasm-runtime

1.1.0

🟢 5.3

Details

Check	Score	Reason
Maintained	🟢 10	30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Code-Review	⚠️ 2	Found 4/20 approved changesets -- score normalized to 2
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Security-Policy	⚠️ 0	security policy file not detected
Binary-Artifacts	🟢 10	no binaries found in the repo
License	🟢 9	license file detected
Fuzzing	⚠️ 0	project is not fuzzed
Signed-Releases	⚠️ -1	no releases found
Packaging	🟢 10	packaging workflow detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/@tailwindcss/node

4.1.18

🟢 5.8

Details

Check	Score	Reason
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Maintained	🟢 10	30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
Code-Review	🟢 6	Found 11/17 approved changesets -- score normalized to 6
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Security-Policy	⚠️ 0	security policy file not detected
License	🟢 10	license file detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Fuzzing	🟢 10	project is fuzzed
Signed-Releases	⚠️ 0	Project has not signed or included provenance with any releases.
Packaging	🟢 10	packaging workflow detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	⚠️ 0	14 existing vulnerabilities detected

npm/@tailwindcss/oxide

4.1.18

🟢 5.8

Details

Check	Score	Reason
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Maintained	🟢 10	30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
Code-Review	🟢 6	Found 11/17 approved changesets -- score normalized to 6
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Security-Policy	⚠️ 0	security policy file not detected
License	🟢 10	license file detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Fuzzing	🟢 10	project is fuzzed
Signed-Releases	⚠️ 0	Project has not signed or included provenance with any releases.
Packaging	🟢 10	packaging workflow detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	⚠️ 0	14 existing vulnerabilities detected

npm/@tailwindcss/oxide-android-arm64

4.1.18

🟢 5.8

Details

Check	Score	Reason
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Maintained	🟢 10	30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
Code-Review	🟢 6	Found 11/17 approved changesets -- score normalized to 6
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Security-Policy	⚠️ 0	security policy file not detected
License	🟢 10	license file detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Fuzzing	🟢 10	project is fuzzed
Signed-Releases	⚠️ 0	Project has not signed or included provenance with any releases.
Packaging	🟢 10	packaging workflow detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	⚠️ 0	14 existing vulnerabilities detected

npm/@tailwindcss/oxide-darwin-arm64

4.1.18

🟢 5.8

Details

Check	Score	Reason
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Maintained	🟢 10	30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
Code-Review	🟢 6	Found 11/17 approved changesets -- score normalized to 6
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Security-Policy	⚠️ 0	security policy file not detected
License	🟢 10	license file detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Fuzzing	🟢 10	project is fuzzed
Signed-Releases	⚠️ 0	Project has not signed or included provenance with any releases.
Packaging	🟢 10	packaging workflow detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	⚠️ 0	14 existing vulnerabilities detected

npm/@tailwindcss/oxide-darwin-x64

4.1.18

🟢 5.8

Details

Check	Score	Reason
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Maintained	🟢 10	30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
Code-Review	🟢 6	Found 11/17 approved changesets -- score normalized to 6
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Security-Policy	⚠️ 0	security policy file not detected
License	🟢 10	license file detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Fuzzing	🟢 10	project is fuzzed
Signed-Releases	⚠️ 0	Project has not signed or included provenance with any releases.
Packaging	🟢 10	packaging workflow detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	⚠️ 0	14 existing vulnerabilities detected

npm/@tailwindcss/oxide-freebsd-x64

4.1.18

🟢 5.8

Details

Check	Score	Reason
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Maintained	🟢 10	30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
Code-Review	🟢 6	Found 11/17 approved changesets -- score normalized to 6
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Security-Policy	⚠️ 0	security policy file not detected
License	🟢 10	license file detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Fuzzing	🟢 10	project is fuzzed
Signed-Releases	⚠️ 0	Project has not signed or included provenance with any releases.
Packaging	🟢 10	packaging workflow detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	⚠️ 0	14 existing vulnerabilities detected

npm/@tailwindcss/oxide-linux-arm-gnueabihf

4.1.18

🟢 5.8

Details

Check	Score	Reason
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Maintained	🟢 10	30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
Code-Review	🟢 6	Found 11/17 approved changesets -- score normalized to 6
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Security-Policy	⚠️ 0	security policy file not detected
License	🟢 10	license file detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Fuzzing	🟢 10	project is fuzzed
Signed-Releases	⚠️ 0	Project has not signed or included provenance with any releases.
Packaging	🟢 10	packaging workflow detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	⚠️ 0	14 existing vulnerabilities detected

npm/@tailwindcss/oxide-linux-arm64-gnu

4.1.18

🟢 5.8

Details

Check	Score	Reason
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Maintained	🟢 10	30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
Code-Review	🟢 6	Found 11/17 approved changesets -- score normalized to 6
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Security-Policy	⚠️ 0	security policy file not detected
License	🟢 10	license file detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Fuzzing	🟢 10	project is fuzzed
Signed-Releases	⚠️ 0	Project has not signed or included provenance with any releases.
Packaging	🟢 10	packaging workflow detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	⚠️ 0	14 existing vulnerabilities detected

npm/@tailwindcss/oxide-linux-arm64-musl

4.1.18

🟢 5.8

Details

Check	Score	Reason
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Maintained	🟢 10	30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
Code-Review	🟢 6	Found 11/17 approved changesets -- score normalized to 6
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Security-Policy	⚠️ 0	security policy file not detected
License	🟢 10	license file detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Fuzzing	🟢 10	project is fuzzed
Signed-Releases	⚠️ 0	Project has not signed or included provenance with any releases.
Packaging	🟢 10	packaging workflow detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	⚠️ 0	14 existing vulnerabilities detected

npm/@tailwindcss/oxide-linux-x64-gnu

4.1.18

🟢 5.8

Details

Check	Score	Reason
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Maintained	🟢 10	30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
Code-Review	🟢 6	Found 11/17 approved changesets -- score normalized to 6
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Security-Policy	⚠️ 0	security policy file not detected
License	🟢 10	license file detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Fuzzing	🟢 10	project is fuzzed
Signed-Releases	⚠️ 0	Project has not signed or included provenance with any releases.
Packaging	🟢 10	packaging workflow detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	⚠️ 0	14 existing vulnerabilities detected

npm/@tailwindcss/oxide-linux-x64-musl

4.1.18

🟢 5.8

Details

Check	Score	Reason
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Maintained	🟢 10	30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
Code-Review	🟢 6	Found 11/17 approved changesets -- score normalized to 6
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Security-Policy	⚠️ 0	security policy file not detected
License	🟢 10	license file detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Fuzzing	🟢 10	project is fuzzed
Signed-Releases	⚠️ 0	Project has not signed or included provenance with any releases.
Packaging	🟢 10	packaging workflow detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	⚠️ 0	14 existing vulnerabilities detected

npm/@tailwindcss/oxide-wasm32-wasi

4.1.18

🟢 5.8

Details

Check	Score	Reason
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Maintained	🟢 10	30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
Code-Review	🟢 6	Found 11/17 approved changesets -- score normalized to 6
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Security-Policy	⚠️ 0	security policy file not detected
License	🟢 10	license file detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Fuzzing	🟢 10	project is fuzzed
Signed-Releases	⚠️ 0	Project has not signed or included provenance with any releases.
Packaging	🟢 10	packaging workflow detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	⚠️ 0	14 existing vulnerabilities detected

npm/@tailwindcss/oxide-win32-arm64-msvc

4.1.18

🟢 5.8

Details

Check	Score	Reason
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Maintained	🟢 10	30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
Code-Review	🟢 6	Found 11/17 approved changesets -- score normalized to 6
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Security-Policy	⚠️ 0	security policy file not detected
License	🟢 10	license file detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Fuzzing	🟢 10	project is fuzzed
Signed-Releases	⚠️ 0	Project has not signed or included provenance with any releases.
Packaging	🟢 10	packaging workflow detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	⚠️ 0	14 existing vulnerabilities detected

npm/@tailwindcss/oxide-win32-x64-msvc

4.1.18

🟢 5.8

Details

Check	Score	Reason
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Maintained	🟢 10	30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
Code-Review	🟢 6	Found 11/17 approved changesets -- score normalized to 6
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Security-Policy	⚠️ 0	security policy file not detected
License	🟢 10	license file detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Fuzzing	🟢 10	project is fuzzed
Signed-Releases	⚠️ 0	Project has not signed or included provenance with any releases.
Packaging	🟢 10	packaging workflow detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	⚠️ 0	14 existing vulnerabilities detected

npm/@tailwindcss/vite

4.1.18

🟢 5.8

Details

Check	Score	Reason
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Maintained	🟢 10	30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
Code-Review	🟢 6	Found 11/17 approved changesets -- score normalized to 6
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Security-Policy	⚠️ 0	security policy file not detected
License	🟢 10	license file detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Fuzzing	🟢 10	project is fuzzed
Signed-Releases	⚠️ 0	Project has not signed or included provenance with any releases.
Packaging	🟢 10	packaging workflow detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	⚠️ 0	14 existing vulnerabilities detected

npm/@tybys/wasm-util

0.10.1

Unknown

npm/dotenv-cli

11.0.0

🟢 3.6

Details

Check	Score	Reason
Dangerous-Workflow	⚠️ -1	no workflows found
Packaging	⚠️ -1	packaging workflow not detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Code-Review	🟢 3	Found 11/30 approved changesets -- score normalized to 3
Pinned-Dependencies	⚠️ -1	no dependencies found
Token-Permissions	⚠️ -1	No tokens found
Maintained	🟢 3	2 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 3
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	⚠️ 0	security policy file not detected
Fuzzing	⚠️ 0	project is not fuzzed
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
Vulnerabilities	🟢 8	2 existing vulnerabilities detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/dotenv-expand

12.0.3

⚠️ 2.7

Details

Check	Score	Reason
Code-Review	⚠️ 0	Found 0/24 approved changesets -- score normalized to 0
Maintained	⚠️ 0	0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Packaging	⚠️ -1	packaging workflow not detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	⚠️ 0	security policy file not detected
Fuzzing	⚠️ 0	project is not fuzzed
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	⚠️ 2	8 existing vulnerabilities detected

npm/enhanced-resolve

5.18.4

🟢 6.9

Details

Check	Score	Reason
Code-Review	🟢 3	Found 7/21 approved changesets -- score normalized to 3
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Maintained	🟢 10	6 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Pinned-Dependencies	🟢 3	dependency not pinned by hash detected -- score normalized to 3
Binary-Artifacts	🟢 10	no binaries found in the repo
License	🟢 10	license file detected
Fuzzing	⚠️ 0	project is not fuzzed
Branch-Protection	🟢 5	branch protection is not maximal on development and all release branches
Signed-Releases	⚠️ -1	no releases found
Security-Policy	🟢 10	security policy file detected
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/eslint

9.39.2

🟢 6.8

Details

Check	Score	Reason
Maintained	🟢 10	30 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Code-Review	🟢 8	Found 24/29 approved changesets -- score normalized to 8
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
License	🟢 10	license file detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
Branch-Protection	🟢 5	branch protection is not maximal on development and all release branches
Security-Policy	🟢 10	security policy file detected
Signed-Releases	⚠️ -1	no releases found
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
SAST	🟢 10	SAST tool is run on all commits

npm/lint-staged

16.2.7

Unknown

npm/tailwindcss

4.1.18

🟢 5.8

Details

Check	Score	Reason
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Maintained	🟢 10	30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
Code-Review	🟢 6	Found 11/17 approved changesets -- score normalized to 6
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Security-Policy	⚠️ 0	security policy file not detected
License	🟢 10	license file detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Fuzzing	🟢 10	project is fuzzed
Signed-Releases	⚠️ 0	Project has not signed or included provenance with any releases.
Packaging	🟢 10	packaging workflow detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	⚠️ 0	14 existing vulnerabilities detected

npm/three

0.182.0

🟢 6.9

Details

Check	Score	Reason
Code-Review	🟢 3	Found 9/28 approved changesets -- score normalized to 3
Maintained	🟢 10	30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Packaging	⚠️ -1	packaging workflow not detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Security-Policy	🟢 10	security policy file detected
Token-Permissions	🟢 9	detected GitHub workflow tokens with excessive permissions
License	🟢 10	license file detected
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
Signed-Releases	⚠️ -1	no releases found
Binary-Artifacts	🟢 5	binaries present in source code
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
SAST	🟢 10	SAST tool is run on all commits
Fuzzing	⚠️ 0	project is not fuzzed
Pinned-Dependencies	🟢 10	all dependencies are pinned

Scanned Files

package-lock.json

deepsource-io · 2025-12-15T04:25:46Z

Here's the code health analysis summary for commits 312c6a9..c4955ee. View details on DeepSource ↗.

Analysis Summary

Analyzer	Status	Link
PHP	✅ Success	View Check ↗
JavaScript	✅ Success	View Check ↗
Shell	✅ Success	View Check ↗

💡 If you’re a repository administrator, you can configure the quality gates from the settings.

…updates Bumps the frontend-utils group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [three](https://github.com/mrdoob/three.js) | `0.180.0` | `0.182.0` | | [@eslint/eslintrc](https://github.com/eslint/eslintrc) | `3.3.1` | `3.3.3` | | [@tailwindcss/vite](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-vite) | `4.1.17` | `4.1.18` | | [dotenv-cli](https://github.com/entropitor/dotenv-cli) | `10.0.0` | `11.0.0` | | [eslint](https://github.com/eslint/eslint) | `9.39.1` | `9.39.2` | | [lint-staged](https://github.com/lint-staged/lint-staged) | `16.2.6` | `16.2.7` | Updates `three` from 0.180.0 to 0.182.0 - [Release notes](https://github.com/mrdoob/three.js/releases) - [Commits](https://github.com/mrdoob/three.js/commits) Updates `@eslint/eslintrc` from 3.3.1 to 3.3.3 - [Release notes](https://github.com/eslint/eslintrc/releases) - [Changelog](https://github.com/eslint/eslintrc/blob/main/CHANGELOG.md) - [Commits](eslint/eslintrc@v3.3.1...eslintrc-v3.3.3) Updates `@tailwindcss/vite` from 4.1.17 to 4.1.18 - [Release notes](https://github.com/tailwindlabs/tailwindcss/releases) - [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.1.18/packages/@tailwindcss-vite) Updates `dotenv-cli` from 10.0.0 to 11.0.0 - [Release notes](https://github.com/entropitor/dotenv-cli/releases) - [Commits](entropitor/dotenv-cli@v10.0.0...v11.0.0) Updates `eslint` from 9.39.1 to 9.39.2 - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](eslint/eslint@v9.39.1...v9.39.2) Updates `lint-staged` from 16.2.6 to 16.2.7 - [Release notes](https://github.com/lint-staged/lint-staged/releases) - [Changelog](https://github.com/lint-staged/lint-staged/blob/main/CHANGELOG.md) - [Commits](lint-staged/lint-staged@v16.2.6...v16.2.7) --- updated-dependencies: - dependency-name: three dependency-version: 0.182.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: frontend-utils - dependency-name: "@eslint/eslintrc" dependency-version: 3.3.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: frontend-utils - dependency-name: "@tailwindcss/vite" dependency-version: 4.1.18 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: frontend-utils - dependency-name: dotenv-cli dependency-version: 11.0.0 dependency-type: direct:development update-type: version-update:semver-major dependency-group: frontend-utils - dependency-name: eslint dependency-version: 9.39.2 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: frontend-utils - dependency-name: lint-staged dependency-version: 16.2.7 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: frontend-utils ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Dec 15, 2025

umaarov force-pushed the master branch from 86c3923 to f2afc5c Compare December 15, 2025 07:57

dependabot bot force-pushed the dependabot/npm_and_yarn/frontend-utils-bd63089b44 branch 4 times, most recently from 2bc8d48 to 162366e Compare December 19, 2025 04:19

dependabot bot force-pushed the dependabot/npm_and_yarn/frontend-utils-bd63089b44 branch 2 times, most recently from 7333688 to c98b511 Compare December 25, 2025 04:21

dependabot bot force-pushed the dependabot/npm_and_yarn/frontend-utils-bd63089b44 branch from c98b511 to c4955ee Compare December 26, 2025 04:21

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore(deps): bump the frontend-utils group across 1 directory with 6 updates #115

chore(deps): bump the frontend-utils group across 1 directory with 6 updates #115

dependabot bot commented on behalf of github Dec 15, 2025 •

edited

Loading

Uh oh!

dependabot bot commented on behalf of github Dec 15, 2025

Uh oh!

github-actions bot commented Dec 15, 2025 •

edited

Loading

Uh oh!

deepsource-io bot commented Dec 15, 2025 •

edited

Loading

Analysis Summary

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

chore(deps): bump the frontend-utils group across 1 directory with 6 updates #115

Are you sure you want to change the base?

chore(deps): bump the frontend-utils group across 1 directory with 6 updates #115

Conversation

dependabot bot commented on behalf of github Dec 15, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

eslintrc: v3.3.3

3.3.3 (2025-11-28)

Bug Fixes

eslintrc: v3.3.2

3.3.2 (2025-11-25)

Bug Fixes

3.3.3 (2025-11-28)

Bug Fixes

3.3.2 (2025-11-25)

Bug Fixes

v4.1.18

Fixed

[4.1.18] - 2025-12-11

Fixed

[3.4.19] - 2025-12-10

Fixed

v9.39.2

Bug Fixes

Build Related

Chores

v16.2.7

Patch Changes

16.2.7

Patch Changes

Uh oh!

dependabot bot commented on behalf of github Dec 15, 2025

Labels

Uh oh!

github-actions bot commented Dec 15, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Dependency Review

OpenSSF Scorecard

Scanned Files

Uh oh!

deepsource-io bot commented Dec 15, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Analysis Summary

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

dependabot bot commented on behalf of github Dec 15, 2025 •

edited

Loading

github-actions bot commented Dec 15, 2025 •

edited

Loading

deepsource-io bot commented Dec 15, 2025 •

edited

Loading