Bump the npm group with 13 updates

[dependabot]

Bumps the npm group with 13 updates:

Package	From	To
eslint-plugin-jest	29.9.0	29.10.1
typescript-eslint	8.50.0	8.50.1
@typescript-eslint/eslint-plugin	8.50.0	8.50.1
@typescript-eslint/parser	8.50.0	8.50.1
@typescript-eslint/project-service	8.50.0	8.50.1
@typescript-eslint/scope-manager	8.50.0	8.50.1
@typescript-eslint/tsconfig-utils	8.50.0	8.50.1
@typescript-eslint/type-utils	8.50.0	8.50.1
@typescript-eslint/types	8.50.0	8.50.1
@typescript-eslint/typescript-estree	8.50.0	8.50.1
@typescript-eslint/utils	8.50.0	8.50.1
@typescript-eslint/visitor-keys	8.50.0	8.50.1
chai	6.2.1	6.2.2

Updates eslint-plugin-jest from 29.9.0 to 29.10.1

Release notes

Sourced from eslint-plugin-jest's releases.

v29.10.1

29.10.1 (2025-12-22)

Bug Fixes

• valid-expect-in-promise: don't crash on it.todo (#1896) (5511258)

v29.10.0

29.10.0 (2025-12-22)

Features

• valid-title: ensure printf specifiers in .each titles are valid (#1892) (5db9b3b)

Changelog

Sourced from eslint-plugin-jest's changelog.

29.10.1 (2025-12-22)

Bug Fixes

• valid-expect-in-promise: don't crash on it.todo (#1896) (5511258)

29.10.0 (2025-12-22)

Features

• valid-title: ensure printf specifiers in .each titles are valid (#1892) (5db9b3b)

Commits

• 37ad071 chore(release): 29.10.1 [skip ci]
• 5511258 fix(valid-expect-in-promise): don't crash on it.todo (#1896)
• af94bf1 chore(release): 29.10.0 [skip ci]
• 5db9b3b feat(valid-title): ensure printf specifiers in .each titles are valid (#1892)
• 6d0f038 refactor: don't return the result of void functions (#1895)
• a8f5f33 refactor: remove unneeded optional chains and other conditions (#1894)
• b8b3110 test(no-deprecated-functions): remove unneeded async function (#1893)
• 306c825 test: deduplicate typescript-related code (#1889)
• 97dee23 chore(deps): lock file maintenance (#1885)
• See full diff in compare view

Updates typescript-eslint from 8.50.0 to 8.50.1

Release notes

Sourced from typescript-eslint's releases.

v8.50.1

8.50.1 (2025-12-22)

🩹 Fixes

• eslint-plugin: [method-signature-style] ignore methods that return this (#11813)
• eslint-plugin: [no-unnecessary-type-assertion] correct handling of undefined vs. void (#11826)

❤️ Thank You

• Josh Goldberg ✨
• Tamashoo @​Tamashoo

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from typescript-eslint's changelog.

8.50.1 (2025-12-22)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

Commits

• d520b88 chore(release): publish 8.50.1
• See full diff in compare view

Updates @typescript-eslint/eslint-plugin from 8.50.0 to 8.50.1

Release notes

Sourced from @​typescript-eslint/eslint-plugin's releases.

v8.50.1

8.50.1 (2025-12-22)

🩹 Fixes

• eslint-plugin: [method-signature-style] ignore methods that return this (#11813)
• eslint-plugin: [no-unnecessary-type-assertion] correct handling of undefined vs. void (#11826)

❤️ Thank You

• Josh Goldberg ✨
• Tamashoo @​Tamashoo

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/eslint-plugin's changelog.

8.50.1 (2025-12-22)

🩹 Fixes

• eslint-plugin: [no-unnecessary-type-assertion] correct handling of undefined vs. void (#11826)
• eslint-plugin: [method-signature-style] ignore methods that return this (#11813)

❤️ Thank You

• Josh Goldberg ✨
• Tamashoo @​Tamashoo

You can read about our versioning strategy and releases on our website.

Commits

• d520b88 chore(release): publish 8.50.1
• 46171f0 fix(eslint-plugin): [no-unnecessary-type-assertion] correct handling of undef...
• 6882a09 fix(eslint-plugin): [method-signature-style] ignore methods that return `this...
• See full diff in compare view

Updates @typescript-eslint/parser from 8.50.0 to 8.50.1

Release notes

Sourced from @​typescript-eslint/parser's releases.

v8.50.1

8.50.1 (2025-12-22)

🩹 Fixes

• eslint-plugin: [method-signature-style] ignore methods that return this (#11813)
• eslint-plugin: [no-unnecessary-type-assertion] correct handling of undefined vs. void (#11826)

❤️ Thank You

• Josh Goldberg ✨
• Tamashoo @​Tamashoo

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/parser's changelog.

8.50.1 (2025-12-22)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

Commits

• d520b88 chore(release): publish 8.50.1
• See full diff in compare view

Updates @typescript-eslint/project-service from 8.50.0 to 8.50.1

Release notes

Sourced from @​typescript-eslint/project-service's releases.

v8.50.1

8.50.1 (2025-12-22)

🩹 Fixes

• eslint-plugin: [method-signature-style] ignore methods that return this (#11813)
• eslint-plugin: [no-unnecessary-type-assertion] correct handling of undefined vs. void (#11826)

❤️ Thank You

• Josh Goldberg ✨
• Tamashoo @​Tamashoo

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/project-service's changelog.

8.50.1 (2025-12-22)

This was a version bump only for project-service to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

Commits

• d520b88 chore(release): publish 8.50.1
• See full diff in compare view

Updates @typescript-eslint/scope-manager from 8.50.0 to 8.50.1

Release notes

Sourced from @​typescript-eslint/scope-manager's releases.

v8.50.1

8.50.1 (2025-12-22)

🩹 Fixes

• eslint-plugin: [method-signature-style] ignore methods that return this (#11813)
• eslint-plugin: [no-unnecessary-type-assertion] correct handling of undefined vs. void (#11826)

❤️ Thank You

• Josh Goldberg ✨
• Tamashoo @​Tamashoo

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/scope-manager's changelog.

8.50.1 (2025-12-22)

This was a version bump only for scope-manager to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

Commits

• d520b88 chore(release): publish 8.50.1
• See full diff in compare view

Updates @typescript-eslint/tsconfig-utils from 8.50.0 to 8.50.1

Release notes

Sourced from @​typescript-eslint/tsconfig-utils's releases.

v8.50.1

8.50.1 (2025-12-22)

🩹 Fixes

• eslint-plugin: [method-signature-style] ignore methods that return this (#11813)
• eslint-plugin: [no-unnecessary-type-assertion] correct handling of undefined vs. void (#11826)

❤️ Thank You

• Josh Goldberg ✨
• Tamashoo @​Tamashoo

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/tsconfig-utils's changelog.

8.50.1 (2025-12-22)

This was a version bump only for tsconfig-utils to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

Commits

• d520b88 chore(release): publish 8.50.1
• See full diff in compare view

Updates @typescript-eslint/type-utils from 8.50.0 to 8.50.1

Release notes

Sourced from @​typescript-eslint/type-utils's releases.

v8.50.1

8.50.1 (2025-12-22)

🩹 Fixes

• eslint-plugin: [method-signature-style] ignore methods that return this (#11813)
• eslint-plugin: [no-unnecessary-type-assertion] correct handling of undefined vs. void (#11826)

❤️ Thank You

• Josh Goldberg ✨
• Tamashoo @​Tamashoo

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/type-utils's changelog.

8.50.1 (2025-12-22)

This was a version bump only for type-utils to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

Commits

• d520b88 chore(release): publish 8.50.1
• See full diff in compare view

Updates @typescript-eslint/types from 8.50.0 to 8.50.1

Release notes

Sourced from @​typescript-eslint/types's releases.

v8.50.1

8.50.1 (2025-12-22)

🩹 Fixes

• eslint-plugin: [method-signature-style] ignore methods that return this (#11813)
• eslint-plugin: [no-unnecessary-type-assertion] correct handling of undefined vs. void (#11826)

❤️ Thank You

• Josh Goldberg ✨
• Tamashoo @​Tamashoo

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/types's changelog.

8.50.1 (2025-12-22)

This was a version bump only for types to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

Commits

• d520b88 chore(release): publish 8.50.1
• See full diff in compare view

Updates @typescript-eslint/typescript-estree from 8.50.0 to 8.50.1

Release notes

Sourced from @​typescript-eslint/typescript-estree's releases.

v8.50.1

8.50.1 (2025-12-22)

🩹 Fixes

• eslint-plugin: [method-signature-style] ignore methods that return this (#11813)
• eslint-plugin: [no-unnecessary-type-assertion] correct handling of undefined vs. void (#11826)

❤️ Thank You

• Josh Goldberg ✨
• Tamashoo @​Tamashoo

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/typescript-estree's changelog.

8.50.1 (2025-12-22)

This was a version bump only for typescript-estree to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

Commits

• d520b88 chore(release): publish 8.50.1
• See full diff in compare view

Updates @typescript-eslint/utils from 8.50.0 to 8.50.1

Release notes

Sourced from @​typescript-eslint/utils's releases.

v8.50.1

8.50.1 (2025-12-22)

🩹 Fixes

• eslint-plugin: [method-signature-style] ignore methods that return this (#11813)
• eslint-plugin: [no-unnecessary-type-assertion] correct handling of undefined vs. void (#11826)

❤️ Thank You

• Josh Goldberg ✨
• Tamashoo @​Tamashoo

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/utils's changelog.

8.50.1 (2025-12-22)

This was a version bump only for utils to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

Commits

• d520b88 chore(release): publish 8.50.1
• See full diff in compare view

Updates @typescript-eslint/visitor-keys from 8.50.0 to 8.50.1

Release notes

Sourced from @​typescript-eslint/visitor-keys's releases.

v8.50.1

8.50.1 (2025-12-22)

🩹 Fixes

• eslint-plugin: [method-signature-style] ignore methods that return this (#11813)
• eslint-plugin: [no-unnecessary-type-assertion] correct handling of undefined vs. void (#11826)

❤️ Thank You

• Josh Goldberg ✨
• Tamashoo @​Tamashoo

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/visitor-keys's changelog.

8.50.1 (2025-12-22)

This was a version bump only for visitor-keys to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

Commits

• d520b88 chore(release): publish 8.50.1
• See full diff in compare view

Updates chai from 6.2.1 to 6.2.2

Release notes

Sourced from chai's releases.

v6.2.2

What's Changed

• build(deps-dev): bump js-yaml from 4.1.0 to 4.1.1 by @​dependabot[bot] in chaijs/chai#1745
• chore(deps): update dependency eslint-plugin-jsdoc to v61.2.1 by @​renovate[bot] in chaijs/chai#1746
• build(deps): bump glob from 10.4.5 to 10.5.0 by @​dependabot[bot] in chaijs/chai#1747
• chore(deps): update actions/checkout action to v6 by @​renovate[bot] in chaijs/chai#1749
• fix: avoid BigInt literal in closeTo for runtime compat by @​bheemreddy-samsara in chaijs/chai#1748
• chore(deps): update dependency eslint-plugin-jsdoc to v61.4.1 by @​renovate[bot] in chaijs/chai#1751
• chore(deps): update dependency prettier to v3.7.3 by @​renovate[bot] in chaijs/chai#1754
• chore(deps): update dependencies by @​renovate[bot] in chaijs/chai#1755
• chore(deps): update dependencies to v9.39.2 by @​renovate[bot] in chaijs/chai#1757
• chore: add --legal-comments=none option by @​hyperz111 in chaijs/chai#1756
• chore(deps): update dependency esbuild to v0.27.2 by @​renovate[bot] in chaijs/chai#1759

New Contributors

• @​bheemreddy-samsara made their first contribution in chaijs/chai#1748
• @​hyperz111 made their first contribution in chaijs/chai#1756

Full Changelog: chaijs/chai@v6.2.1...v6.2.2

Commits

• 814172d chore(deps): update dependency esbuild to v0.27.2 (#1759)
• b38c22b chore: add legal-comments=none option (#1756)
• 180d4cc chore(deps): update dependencies to v9.39.2 (#1757)
• 678cd00 chore(deps): update dependencies (#1755)
• c8fb100 chore(deps): update dependency prettier to v3.7.3 (#1754)
• d63c74e chore(deps): update dependency eslint-plugin-jsdoc to v61.4.1 (#1751)
• 243bf86 fix: avoid BigInt literal in closeTo for runtime compat (#1748)
• d8b0395 chore(deps): update actions/checkout action to v6 (#1749)
• 7e1e247 build(deps): bump glob from 10.4.5 to 10.5.0 (#1747)
• b25e5d8 chore(deps): update dependency eslint-plugin-jsdoc to v61.2.1 (#1746)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
npm/@typescript-eslint/eslint-plugin	8.50.1	🟢 5.2	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 7 Found 15/20 approved changesets -- score normalized to 7 License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 37 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/@typescript-eslint/parser	8.50.1	🟢 5.2	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 7 Found 15/20 approved changesets -- score normalized to 7 License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 37 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/@typescript-eslint/project-service	8.50.1	🟢 5.2	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 7 Found 15/20 approved changesets -- score normalized to 7 License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 37 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/@typescript-eslint/scope-manager	8.50.1	🟢 5.2	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 7 Found 15/20 approved changesets -- score normalized to 7 License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 37 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/@typescript-eslint/tsconfig-utils	8.50.1	🟢 5.2	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 7 Found 15/20 approved changesets -- score normalized to 7 License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 37 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/@typescript-eslint/type-utils	8.50.1	🟢 5.2	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 7 Found 15/20 approved changesets -- score normalized to 7 License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 37 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/@typescript-eslint/types	8.50.1	🟢 5.2	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 7 Found 15/20 approved changesets -- score normalized to 7 License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 37 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/@typescript-eslint/typescript-estree	8.50.1	🟢 5.2	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 7 Found 15/20 approved changesets -- score normalized to 7 License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 37 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/@typescript-eslint/utils	8.50.1	🟢 5.2	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 7 Found 15/20 approved changesets -- score normalized to 7 License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 37 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/@typescript-eslint/visitor-keys	8.50.1	🟢 5.2	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 7 Found 15/20 approved changesets -- score normalized to 7 License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 37 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/chai	6.2.2	🟢 5.6	Details Check Score Reason Code-Review 🟢 6 Found 4/6 approved changesets -- score normalized to 6 Maintained 🟢 10 30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Security-Policy ⚠️ 0 security policy file not detected License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Packaging 🟢 10 packaging workflow detected Vulnerabilities 🟢 7 3 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/eslint-plugin-jest	29.10.1	🟢 5.4	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 Code-Review ⚠️ 0 Found 1/30 approved changesets -- score normalized to 0 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 Security-Policy ⚠️ 0 security policy file not detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/typescript-eslint	8.50.1	🟢 5.2	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 7 Found 15/20 approved changesets -- score normalized to 7 License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 37 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0

Scanned Files

• pnpm-lock.yaml