Bump the development-dependencies group across 1 directory with 5 updates

[dependabot]

Bumps the development-dependencies group with 5 updates in the /backend directory:

Package	From	To
@eslint/js	9.17.0	9.19.0
@types/express	4.17.21	5.0.0
@types/node	22.10.5	22.13.1
eslint	9.16.0	9.19.0
typescript-eslint	8.19.1	8.23.0

Updates @eslint/js from 9.17.0 to 9.19.0

Release notes

Sourced from @​eslint/js's releases.

v9.19.0

Features

• 1637b8e feat: add --report-unused-inline-configs (#19201) (Josh Goldberg ✨)

Bug Fixes

• aae6717 fix: sync rule type header comments automatically (#19276) (Francesco Trotta)

Documentation

• cfea9ab docs: Clarify overrideConfig option (#19370) (Nicholas C. Zakas)
• 2b84f66 docs: Update README (#19362) (Nicholas C. Zakas)
• 044f93c docs: clarify frozen rule description (#19351) (Pavel)
• 797ee7c docs: fix Bluesky links (#19368) (Milos Djermanovic)
• 81a9c0e docs: Update README (GitHub Actions Bot)
• 093fb3d docs: replace var with let and const in rule examples (#19365) (Tanuj Kanti)
• 417de32 docs: replace var with const in rule examples (#19352) (jj)
• 17f2aae docs: update getting-started config to match default generated config (#19308) (0xDev)
• 8a0a5a8 docs: better global ignores instruction (#19297) (Jacopo Marrone)
• 6671a2c docs: Update README (GitHub Actions Bot)
• e39d3f2 docs: fix divider for rule category (#19264) (Tanuj Kanti)
• e0cf53f docs: fix search result box position for small screens (#19328) (Tanuj Kanti)
• f92a680 docs: replace var with let or const in rule examples (#19331) (Ravi Teja Kolla)
• b04b84b docs: revert accidental changes in TS config files docs (#19336) (Francesco Trotta)

Chores

• 9b9cb05 chore: upgrade @​eslint/js@​9.19.0 (#19371) (Milos Djermanovic)
• 58560e7 chore: package.json update for @​eslint/js release (Jenkins)
• 2089707 test: fix failing test in Node.js v22.13.0 (#19345) (Francesco Trotta)

v9.18.0

Features

• e84e6e2 feat: Report allowed methods for no-console rule (#19306) (Anna Bocharova)
• 8efc2d0 feat: unflag TypeScript config files (#19266) (Francesco Trotta)
• 87a9352 feat: check imports and class names in no-shadow-restricted-names (#19272) (Milos Djermanovic)

Bug Fixes

• da768d4 fix: correct overrideConfigFile type (#19289) (Francesco Trotta)

Documentation

• d9c23c5 docs: replace var with const in rule examples (#19325) (Tanuj Kanti)
• 8e1a898 docs: add tabs to cli code blocks (#18784) (Jay)
• f3aeefb docs: rewrite using let and const in rule examples (#19320) (PoloSpark)
• 0b680b3 docs: Update README (GitHub Actions Bot)
• 98c86a9 docs: Edit this page button link to different branches (#19228) (Tanuj Kanti)
• 6947901 docs: remove hardcoded edit link (#19323) (Milos Djermanovic)
• 03f2f44 docs: rewrite var with const in rules examples (#19317) (Thiago)
• 26c3003 docs: Clarify dangers of eslint:all (#19318) (Nicholas C. Zakas)
• c038257 docs: add eqeqeq in related rules to no-eq-null (#19310) (루밀LuMir)
• 89c8fc5 docs: rewrite examples with var using let and const (#19315) (Amaresh S M)
• db574c4 docs: add missing backticks to no-void (#19313) (루밀LuMir)
• 8d943c3 docs: add missing backticks to default-case-last (#19311) (루밀LuMir)

... (truncated)

Changelog

Sourced from @​eslint/js's changelog.

v9.19.0 - January 24, 2025

• 9b9cb05 chore: upgrade @​eslint/js@​9.19.0 (#19371) (Milos Djermanovic)
• 58560e7 chore: package.json update for @​eslint/js release (Jenkins)
• cfea9ab docs: Clarify overrideConfig option (#19370) (Nicholas C. Zakas)
• 2b84f66 docs: Update README (#19362) (Nicholas C. Zakas)
• 044f93c docs: clarify frozen rule description (#19351) (Pavel)
• 797ee7c docs: fix Bluesky links (#19368) (Milos Djermanovic)
• 81a9c0e docs: Update README (GitHub Actions Bot)
• 093fb3d docs: replace var with let and const in rule examples (#19365) (Tanuj Kanti)
• 417de32 docs: replace var with const in rule examples (#19352) (jj)
• 17f2aae docs: update getting-started config to match default generated config (#19308) (0xDev)
• aae6717 fix: sync rule type header comments automatically (#19276) (Francesco Trotta)
• 8a0a5a8 docs: better global ignores instruction (#19297) (Jacopo Marrone)
• 2089707 test: fix failing test in Node.js v22.13.0 (#19345) (Francesco Trotta)
• 6671a2c docs: Update README (GitHub Actions Bot)
• 1637b8e feat: add --report-unused-inline-configs (#19201) (Josh Goldberg ✨)
• e39d3f2 docs: fix divider for rule category (#19264) (Tanuj Kanti)
• e0cf53f docs: fix search result box position for small screens (#19328) (Tanuj Kanti)
• f92a680 docs: replace var with let or const in rule examples (#19331) (Ravi Teja Kolla)
• b04b84b docs: revert accidental changes in TS config files docs (#19336) (Francesco Trotta)

v9.18.0 - January 10, 2025

• c52be85 chore: upgrade to @eslint/[email protected] (#19330) (Francesco Trotta)
• 362099c chore: package.json update for @​eslint/js release (Jenkins)
• 9486141 deps: upgrade @eslint/core and @eslint/plugin-kit (#19329) (Francesco Trotta)
• d9c23c5 docs: replace var with const in rule examples (#19325) (Tanuj Kanti)
• 8e1a898 docs: add tabs to cli code blocks (#18784) (Jay)
• f3aeefb docs: rewrite using let and const in rule examples (#19320) (PoloSpark)
• 0b680b3 docs: Update README (GitHub Actions Bot)
• 98c86a9 docs: Edit this page button link to different branches (#19228) (Tanuj Kanti)
• 6947901 docs: remove hardcoded edit link (#19323) (Milos Djermanovic)
• 03f2f44 docs: rewrite var with const in rules examples (#19317) (Thiago)
• 26c3003 docs: Clarify dangers of eslint:all (#19318) (Nicholas C. Zakas)
• c038257 docs: add eqeqeq in related rules to no-eq-null (#19310) (루밀LuMir)
• 89c8fc5 docs: rewrite examples with var using let and const (#19315) (Amaresh S M)
• 495aa49 chore: extract package name from package.json for public interface (#19314) (루밀LuMir)
• db574c4 docs: add missing backticks to no-void (#19313) (루밀LuMir)
• 8d943c3 docs: add missing backticks to default-case-last (#19311) (루밀LuMir)
• 36ef8bb docs: rewrite examples with var using let and const (#19298) (Amaresh S M)
• 1610c9e docs: add missing backticks to no-else-return (#19309) (루밀LuMir)
• df409d8 docs: Update README (GitHub Actions Bot)
• e84e6e2 feat: Report allowed methods for no-console rule (#19306) (Anna Bocharova)
• 2e84213 docs: Fix Horizontal Scroll Overflow in Rule Description on Mobile View (#19304) (Amaresh S M)
• 6e7361b docs: replace var with let and const in rule example (#19302) (Tanuj Kanti)
• 069af5e docs: rewrite var using const in rule examples (#19303) (Kim GyeonWon)
• 064e35d docs: remove 'I hope to' comments from scope-manager-interface (#19300) (Josh Goldberg ✨)
• 8e00305 docs: replace var with const in rule examples (#19299) (Tanuj Kanti)
• a559009 docs: Add warning about extending core rules (#19295) (Nicholas C. Zakas)

... (truncated)

Commits

• 58560e7 chore: package.json update for @​eslint/js release
• 362099c chore: package.json update for @​eslint/js release
• 495aa49 chore: extract package name from package.json for public interface (#19314)
• See full diff in compare view

Updates @types/express from 4.17.21 to 5.0.0

Commits

• See full diff in compare view

Updates @types/node from 22.10.5 to 22.13.1

Commits

• See full diff in compare view

Updates eslint from 9.16.0 to 9.19.0

Release notes

Sourced from eslint's releases.

v9.19.0

Features

• 1637b8e feat: add --report-unused-inline-configs (#19201) (Josh Goldberg ✨)

Bug Fixes

• aae6717 fix: sync rule type header comments automatically (#19276) (Francesco Trotta)

Documentation

• cfea9ab docs: Clarify overrideConfig option (#19370) (Nicholas C. Zakas)
• 2b84f66 docs: Update README (#19362) (Nicholas C. Zakas)
• 044f93c docs: clarify frozen rule description (#19351) (Pavel)
• 797ee7c docs: fix Bluesky links (#19368) (Milos Djermanovic)
• 81a9c0e docs: Update README (GitHub Actions Bot)
• 093fb3d docs: replace var with let and const in rule examples (#19365) (Tanuj Kanti)
• 417de32 docs: replace var with const in rule examples (#19352) (jj)
• 17f2aae docs: update getting-started config to match default generated config (#19308) (0xDev)
• 8a0a5a8 docs: better global ignores instruction (#19297) (Jacopo Marrone)
• 6671a2c docs: Update README (GitHub Actions Bot)
• e39d3f2 docs: fix divider for rule category (#19264) (Tanuj Kanti)
• e0cf53f docs: fix search result box position for small screens (#19328) (Tanuj Kanti)
• f92a680 docs: replace var with let or const in rule examples (#19331) (Ravi Teja Kolla)
• b04b84b docs: revert accidental changes in TS config files docs (#19336) (Francesco Trotta)

Chores

• 9b9cb05 chore: upgrade @​eslint/js@​9.19.0 (#19371) (Milos Djermanovic)
• 58560e7 chore: package.json update for @​eslint/js release (Jenkins)
• 2089707 test: fix failing test in Node.js v22.13.0 (#19345) (Francesco Trotta)

v9.18.0

Features

• e84e6e2 feat: Report allowed methods for no-console rule (#19306) (Anna Bocharova)
• 8efc2d0 feat: unflag TypeScript config files (#19266) (Francesco Trotta)
• 87a9352 feat: check imports and class names in no-shadow-restricted-names (#19272) (Milos Djermanovic)

Bug Fixes

• da768d4 fix: correct overrideConfigFile type (#19289) (Francesco Trotta)

Documentation

• d9c23c5 docs: replace var with const in rule examples (#19325) (Tanuj Kanti)
• 8e1a898 docs: add tabs to cli code blocks (#18784) (Jay)
• f3aeefb docs: rewrite using let and const in rule examples (#19320) (PoloSpark)
• 0b680b3 docs: Update README (GitHub Actions Bot)
• 98c86a9 docs: Edit this page button link to different branches (#19228) (Tanuj Kanti)
• 6947901 docs: remove hardcoded edit link (#19323) (Milos Djermanovic)
• 03f2f44 docs: rewrite var with const in rules examples (#19317) (Thiago)
• 26c3003 docs: Clarify dangers of eslint:all (#19318) (Nicholas C. Zakas)
• c038257 docs: add eqeqeq in related rules to no-eq-null (#19310) (루밀LuMir)
• 89c8fc5 docs: rewrite examples with var using let and const (#19315) (Amaresh S M)
• db574c4 docs: add missing backticks to no-void (#19313) (루밀LuMir)
• 8d943c3 docs: add missing backticks to default-case-last (#19311) (루밀LuMir)

... (truncated)

Changelog

Sourced from eslint's changelog.

v9.19.0 - January 24, 2025

• 9b9cb05 chore: upgrade @​eslint/js@​9.19.0 (#19371) (Milos Djermanovic)
• 58560e7 chore: package.json update for @​eslint/js release (Jenkins)
• cfea9ab docs: Clarify overrideConfig option (#19370) (Nicholas C. Zakas)
• 2b84f66 docs: Update README (#19362) (Nicholas C. Zakas)
• 044f93c docs: clarify frozen rule description (#19351) (Pavel)
• 797ee7c docs: fix Bluesky links (#19368) (Milos Djermanovic)
• 81a9c0e docs: Update README (GitHub Actions Bot)
• 093fb3d docs: replace var with let and const in rule examples (#19365) (Tanuj Kanti)
• 417de32 docs: replace var with const in rule examples (#19352) (jj)
• 17f2aae docs: update getting-started config to match default generated config (#19308) (0xDev)
• aae6717 fix: sync rule type header comments automatically (#19276) (Francesco Trotta)
• 8a0a5a8 docs: better global ignores instruction (#19297) (Jacopo Marrone)
• 2089707 test: fix failing test in Node.js v22.13.0 (#19345) (Francesco Trotta)
• 6671a2c docs: Update README (GitHub Actions Bot)
• 1637b8e feat: add --report-unused-inline-configs (#19201) (Josh Goldberg ✨)
• e39d3f2 docs: fix divider for rule category (#19264) (Tanuj Kanti)
• e0cf53f docs: fix search result box position for small screens (#19328) (Tanuj Kanti)
• f92a680 docs: replace var with let or const in rule examples (#19331) (Ravi Teja Kolla)
• b04b84b docs: revert accidental changes in TS config files docs (#19336) (Francesco Trotta)

v9.18.0 - January 10, 2025

• c52be85 chore: upgrade to @eslint/[email protected] (#19330) (Francesco Trotta)
• 362099c chore: package.json update for @​eslint/js release (Jenkins)
• 9486141 deps: upgrade @eslint/core and @eslint/plugin-kit (#19329) (Francesco Trotta)
• d9c23c5 docs: replace var with const in rule examples (#19325) (Tanuj Kanti)
• 8e1a898 docs: add tabs to cli code blocks (#18784) (Jay)
• f3aeefb docs: rewrite using let and const in rule examples (#19320) (PoloSpark)
• 0b680b3 docs: Update README (GitHub Actions Bot)
• 98c86a9 docs: Edit this page button link to different branches (#19228) (Tanuj Kanti)
• 6947901 docs: remove hardcoded edit link (#19323) (Milos Djermanovic)
• 03f2f44 docs: rewrite var with const in rules examples (#19317) (Thiago)
• 26c3003 docs: Clarify dangers of eslint:all (#19318) (Nicholas C. Zakas)
• c038257 docs: add eqeqeq in related rules to no-eq-null (#19310) (루밀LuMir)
• 89c8fc5 docs: rewrite examples with var using let and const (#19315) (Amaresh S M)
• 495aa49 chore: extract package name from package.json for public interface (#19314) (루밀LuMir)
• db574c4 docs: add missing backticks to no-void (#19313) (루밀LuMir)
• 8d943c3 docs: add missing backticks to default-case-last (#19311) (루밀LuMir)
• 36ef8bb docs: rewrite examples with var using let and const (#19298) (Amaresh S M)
• 1610c9e docs: add missing backticks to no-else-return (#19309) (루밀LuMir)
• df409d8 docs: Update README (GitHub Actions Bot)
• e84e6e2 feat: Report allowed methods for no-console rule (#19306) (Anna Bocharova)
• 2e84213 docs: Fix Horizontal Scroll Overflow in Rule Description on Mobile View (#19304) (Amaresh S M)
• 6e7361b docs: replace var with let and const in rule example (#19302) (Tanuj Kanti)
• 069af5e docs: rewrite var using const in rule examples (#19303) (Kim GyeonWon)
• 064e35d docs: remove 'I hope to' comments from scope-manager-interface (#19300) (Josh Goldberg ✨)
• 8e00305 docs: replace var with const in rule examples (#19299) (Tanuj Kanti)
• a559009 docs: Add warning about extending core rules (#19295) (Nicholas C. Zakas)

... (truncated)

Commits

• 208e0b1 9.19.0
• 196dfda Build: changelog update for 9.19.0
• 9b9cb05 chore: upgrade @​eslint/js@​9.19.0 (#19371)
• 58560e7 chore: package.json update for @​eslint/js release
• cfea9ab docs: Clarify overrideConfig option (#19370)
• 2b84f66 docs: Update README (#19362)
• 044f93c docs: clarify frozen rule description (#19351)
• 797ee7c docs: fix Bluesky links (#19368)
• 81a9c0e docs: Update README
• 093fb3d docs: replace var with let and const in rule examples (#19365)
• Additional commits viewable in compare view

Updates typescript-eslint from 8.19.1 to 8.23.0

Release notes

Sourced from typescript-eslint's releases.

v8.23.0

8.23.0 (2025-02-03)

🚀 Features

• eslint-plugin: [no-unnecessary-boolean-literal-compare] enforce strictNullChecks (#10712)
• types: add strict parent types for function-declaration, default-export and named-export nodes (#10685)

🩹 Fixes

• bump ts-api-utils to ^2.0.1 (#10761)
• deps: update eslint monorepo to v9.19.0 (#10752)
• eslint-plugin: [no-unnecessary-type-assertion] should report readonly class properties with a literal initializer (#10618)
• eslint-plugin: [switch-exhaustiveness-check] suggest with qualified name (#10697)
• eslint-plugin: [no-unnecessary-template-expression] allow interpolating type parameter in type context (#10739)
• eslint-plugin: [prefer-nullish-coalescing] fix missing return (#10732)
• eslint-plugin: [dot-notation] handle noPropertyAccessFromIndexSignature true (#10644)
• eslint-plugin: [no-restricted-imports] support regex option (#10699)
• eslint-plugin: [no-shadow] ignore declare variables in definition files shadowing global variables (#10710)

❤️ Thank You

• Josh Goldberg ✨
• Olivier Zalmanski @​OlivierZal
• Ronen Amiel
• Ryan Poon @​sopa301
• YeonJuan @​yeonjuan
• Yukihiro Hasegawa @​y-hsgw

You can read about our versioning strategy and releases on our website.

v8.22.0

8.22.0 (2025-01-27)

🚀 Features

• parser: add standalone isolatedDeclarations option (#10499)

🩹 Fixes

• eslint-plugin: [prefer-nullish-coalescing] doesn't report on ternary but on equivalent || (#10517)
• eslint-plugin: [no-duplicate-type-constituents] handle nested types (#10638)
• eslint-plugin: [no-shadow] don't report unnecessarily on valid ways of using module augmentation (#10616)
• eslint-plugin: [no-extraneous-class] handle accessor keyword (#10678)
• eslint-plugin: [prefer-readonly] autofixer doesn't add type to property that is mutated in the constructor (#10552)
• eslint-plugin: [no-unnecessary-template-expression] handle template literal type (#10612)
• type-utils: support matching intersection types in TypeOrValueSpecifier with a PackageSpecifier (#10667)

❤️ Thank You

... (truncated)

Changelog

Sourced from typescript-eslint's changelog.

8.23.0 (2025-02-03)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.22.0 (2025-01-27)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.21.0 (2025-01-20)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.20.0 (2025-01-13)

🚀 Features

• eslint-plugin: [no-misused-spread] add new rule (#10551)

❤️ Thank You

• Josh Goldberg ✨

You can read about our versioning strategy and releases on our website.

Commits

• 2a96020 chore(release): publish 8.23.0
• 94e8098 chore(release): publish 8.22.0
• 79af426 chore(release): publish 8.21.0
• a157fd4 chore: standardized on inline named exports (mostly) (#10596)
• ea6fbea chore(release): publish 8.20.0
• a175189 docs(typescript-eslint): make jsdoc for config helper function consistent (#1...
• 04166e0 feat(eslint-plugin): [no-misused-spread] add new rule (#10551)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
npm/@eslint/core	0.10.0	Unknown	Unknown
npm/@eslint/js	9.19.0	🟢 7	Details Check Score Reason Code-Review 🟢 8 Found 24/29 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 25 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits
npm/@eslint/plugin-kit	0.2.5	Unknown	Unknown
npm/@types/node	22.13.1	🟢 6.9	Details Check Score Reason Code-Review 🟢 8 Found 26/30 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected License 🟢 9 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing ⚠️ 0 project is not fuzzed
npm/@types/qs	6.9.18	🟢 6.9	Details Check Score Reason Code-Review 🟢 8 Found 26/30 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected License 🟢 9 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing ⚠️ 0 project is not fuzzed
npm/@typescript-eslint/eslint-plugin	8.23.0	🟢 5.3	Details Check Score Reason Code-Review 🟢 8 Found 20/25 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging ⚠️ -1 packaging workflow not detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 0 24 existing vulnerabilities detected
npm/@typescript-eslint/parser	8.23.0	🟢 5.3	Details Check Score Reason Code-Review 🟢 8 Found 20/25 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging ⚠️ -1 packaging workflow not detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 0 24 existing vulnerabilities detected
npm/@typescript-eslint/scope-manager	8.23.0	🟢 5.3	Details Check Score Reason Code-Review 🟢 8 Found 20/25 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging ⚠️ -1 packaging workflow not detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 0 24 existing vulnerabilities detected
npm/@typescript-eslint/type-utils	8.23.0	🟢 5.3	Details Check Score Reason Code-Review 🟢 8 Found 20/25 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging ⚠️ -1 packaging workflow not detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 0 24 existing vulnerabilities detected
npm/@typescript-eslint/types	8.23.0	🟢 5.3	Details Check Score Reason Code-Review 🟢 8 Found 20/25 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging ⚠️ -1 packaging workflow not detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 0 24 existing vulnerabilities detected
npm/@typescript-eslint/typescript-estree	8.23.0	🟢 5.3	Details Check Score Reason Code-Review 🟢 8 Found 20/25 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging ⚠️ -1 packaging workflow not detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 0 24 existing vulnerabilities detected
npm/@typescript-eslint/utils	8.23.0	🟢 5.3	Details Check Score Reason Code-Review 🟢 8 Found 20/25 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging ⚠️ -1 packaging workflow not detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 0 24 existing vulnerabilities detected
npm/@typescript-eslint/visitor-keys	8.23.0	🟢 5.3	Details Check Score Reason Code-Review 🟢 8 Found 20/25 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging ⚠️ -1 packaging workflow not detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 0 24 existing vulnerabilities detected
npm/eslint	9.19.0	🟢 7	Details Check Score Reason Code-Review 🟢 8 Found 24/29 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 25 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits
npm/fastq	1.19.0	🟢 4.9	Details Check Score Reason Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Maintained 🟢 5 4 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 5 Code-Review 🟢 4 Found 13/28 approved changesets -- score normalized to 4 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/semver	7.7.1	🟢 7	Details Check Score Reason Maintained 🟢 8 7 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 8 Security-Policy 🟢 10 security policy file detected Code-Review 🟢 10 all changesets reviewed CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Binary-Artifacts 🟢 10 no binaries found in the repo License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST 🟢 9 SAST tool detected but not run on all commits
npm/ts-api-utils	2.0.1	Unknown	Unknown
npm/typescript-eslint	8.23.0	🟢 5.3	Details Check Score Reason Code-Review 🟢 8 Found 20/25 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging ⚠️ -1 packaging workflow not detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 0 24 existing vulnerabilities detected
npm/@eslint/js	^9.19.0	🟢 7	Details Check Score Reason Code-Review 🟢 8 Found 24/29 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 25 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits
npm/@types/node	^22.13.1	🟢 6.9	Details Check Score Reason Code-Review 🟢 8 Found 26/30 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected License 🟢 9 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing ⚠️ 0 project is not fuzzed
npm/eslint	9.19	🟢 7	Details Check Score Reason Code-Review 🟢 8 Found 24/29 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 25 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits
npm/typescript-eslint	^8.23.0	🟢 5.3	Details Check Score Reason Code-Review 🟢 8 Found 20/25 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging ⚠️ -1 packaging workflow not detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 0 24 existing vulnerabilities detected

Scanned Files

• backend/package-lock.json
• backend/package.json

[austenstone]

@dependabot recreate