This PR contains the following updates:
Release Notes
mochajs/mocha (mocha)
Compare Source
:tada: Enhancements
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
- [ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
Dependency Review
The following issues were found:
- ✅ 0 vulnerable package(s)
- ✅ 0 package(s) with incompatible licenses
- ✅ 0 package(s) with invalid SPDX license definitions
- ✅ 0 package(s) with unknown licenses.
- ⚠️ 1 packages with OpenSSF Scorecard issues.
See the Details below.
OpenSSF Scorecard
| Package | Version | Score | Details |
|---|
| npm/ansi-colors | 4.1.3 |
:green_circle: 3.2 | Details| Check | Score | Reason |
|---|
| Code-Review | :warning: 1 | Found 4/23 approved changesets -- score normalized to 1 | | Maintained | :warning: 0 | 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | License | :green_circle: 10 | license file detected | | Signed-Releases | :warning: -1 | no releases found | | Token-Permissions | :warning: -1 | No tokens found | | Dangerous-Workflow | :warning: -1 | no workflows found | | Packaging | :warning: -1 | packaging workflow not detected | | Pinned-Dependencies | :warning: -1 | no dependencies found | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | Branch-Protection | :warning: 0 | branch protection not enabled on development/release branches | | Vulnerabilities | :green_circle: 10 | 0 existing vulnerabilities detected | | Fuzzing | :warning: 0 | project is not fuzzed | | Security-Policy | :warning: 0 | security policy file not detected | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 |
|
| npm/debug | 4.3.5 |
:green_circle: 3.8 | Details| Check | Score | Reason |
|---|
| Code-Review | :green_circle: 3 | Found 11/28 approved changesets -- score normalized to 3 | | Maintained | :green_circle: 3 | 3 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 3 | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | License | :green_circle: 10 | license file detected | | Dangerous-Workflow | :warning: -1 | no workflows found | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | Token-Permissions | :warning: -1 | No tokens found | | Packaging | :warning: -1 | packaging workflow not detected | | Pinned-Dependencies | :warning: -1 | no dependencies found | | Branch-Protection | :warning: 0 | branch protection not enabled on development/release branches | | Vulnerabilities | :green_circle: 10 | 0 existing vulnerabilities detected | | Fuzzing | :warning: 0 | project is not fuzzed | | Security-Policy | :warning: 0 | security policy file not detected | | Signed-Releases | :warning: -1 | no releases found | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 |
|
| npm/diff | 5.2.0 |
:green_circle: 3.4 | Details| Check | Score | Reason |
|---|
| Code-Review | :warning: 0 | Found 1/25 approved changesets -- score normalized to 0 | | Maintained | :green_circle: 10 | 8 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | License | :green_circle: 10 | license file detected | | Dangerous-Workflow | :warning: -1 | no workflows found | | Packaging | :warning: -1 | packaging workflow not detected | | Token-Permissions | :warning: -1 | No tokens found | | Branch-Protection | :warning: 0 | branch protection not enabled on development/release branches | | Pinned-Dependencies | :warning: -1 | no dependencies found | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | Signed-Releases | :warning: -1 | no releases found | | Fuzzing | :warning: 0 | project is not fuzzed | | Security-Policy | :warning: 0 | security policy file not detected | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 | | Vulnerabilities | :green_circle: 3 | 7 existing vulnerabilities detected |
|
| npm/minimatch | 5.1.6 |
:green_circle: 4.9 | Details| Check | Score | Reason |
|---|
| Code-Review | :warning: 1 | Found 3/30 approved changesets -- score normalized to 1 | | Maintained | :green_circle: 10 | 8 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10 | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | License | :green_circle: 10 | license file detected | | Branch-Protection | :warning: -1 | internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration | | Signed-Releases | :warning: -1 | no releases found | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Packaging | :warning: -1 | packaging workflow not detected | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | Fuzzing | :warning: 0 | project is not fuzzed | | Security-Policy | :warning: 0 | security policy file not detected | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 | | Vulnerabilities | :green_circle: 10 | 0 existing vulnerabilities detected |
|
| npm/mocha | 10.6.0 |
:warning: 2.9 | Details| Check | Score | Reason |
|---|
| Code-Review | :green_circle: 3 | Found 11/29 approved changesets -- score normalized to 3 | | Maintained | :green_circle: 10 | 27 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10 | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | License | :green_circle: 10 | license file detected | | Branch-Protection | :warning: -1 | internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration | | Signed-Releases | :warning: -1 | no releases found | | Packaging | :warning: -1 | packaging workflow not detected | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | Dangerous-Workflow | :warning: 0 | dangerous workflow patterns detected | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | Security-Policy | :warning: 0 | security policy file not detected | | Pinned-Dependencies | :warning: 2 | dependency not pinned by hash detected -- score normalized to 2 | | Fuzzing | :warning: 0 | project is not fuzzed | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 | | Vulnerabilities | :warning: 0 | 34 existing vulnerabilities detected |
|
| npm/serialize-javascript | 6.0.2 |
:green_circle: 4.2 | Details| Check | Score | Reason |
|---|
| Code-Review | :green_circle: 5 | Found 5/9 approved changesets -- score normalized to 5 | | Maintained | :warning: 0 | 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | License | :green_circle: 9 | license file detected | | Pinned-Dependencies | :green_circle: 3 | dependency not pinned by hash detected -- score normalized to 3 | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | Packaging | :warning: -1 | packaging workflow not detected | | Branch-Protection | :warning: -1 | internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration | | Signed-Releases | :warning: -1 | no releases found | | Fuzzing | :warning: 0 | project is not fuzzed | | Security-Policy | :warning: 0 | security policy file not detected | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 | | Vulnerabilities | :green_circle: 7 | 3 existing vulnerabilities detected |
|
| npm/workerpool | 6.5.1 |
:green_circle: 5.3 | Details| Check | Score | Reason |
|---|
| Code-Review | :green_circle: 3 | Found 8/24 approved changesets -- score normalized to 3 | | Maintained | :green_circle: 10 | 9 commit(s) and 10 issue activity found in the last 90 days -- score normalized to 10 | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | License | :green_circle: 10 | license file detected | | Signed-Releases | :warning: -1 | no releases found | | Packaging | :warning: -1 | packaging workflow not detected | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Pinned-Dependencies | :green_circle: 3 | dependency not pinned by hash detected -- score normalized to 3 | | Branch-Protection | :warning: -1 | internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration | | Fuzzing | :warning: 0 | project is not fuzzed | | Security-Policy | :warning: 0 | security policy file not detected | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 | | Vulnerabilities | :green_circle: 10 | 0 existing vulnerabilities detected |
|
| npm/yargs-parser | 20.2.9 |
:green_circle: 4.3 | Details| Check | Score | Reason |
|---|
| Code-Review | :green_circle: 5 | Found 8/15 approved changesets -- score normalized to 5 | | Maintained | :warning: 0 | 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | License | :green_circle: 10 | license file detected | | Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Packaging | :warning: -1 | packaging workflow not detected | | Branch-Protection | :warning: -1 | internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | Vulnerabilities | :green_circle: 10 | 0 existing vulnerabilities detected | | Fuzzing | :warning: 0 | project is not fuzzed | | Signed-Releases | :warning: -1 | no releases found | | Security-Policy | :warning: 0 | security policy file not detected | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 |
|
Scanned Manifest Files
package-lock.json
All modified and coverable lines are covered by tests :white_check_mark:
Project coverage is 57.39%. Comparing base (bc801ab) to head (61b1a25).
Additional details and impacted files
@@ Coverage Diff @@
## main #634 +/- ##
=======================================
Coverage 57.39% 57.39%
=======================================
Files 46 46
Lines 1582 1582
=======================================
Hits 908 908
Misses 674 674
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
git-proxy copied to clipboard
finos
![renovate[bot] avatar](https://avatars.githubusercontent.com/in/2740?v=4 "Published by a pub.dev verified publisher"){kind=small}
![netlify[bot] avatar](https://avatars.githubusercontent.com/in/13473?v=4 "Published by a pub.dev verified publisher"){kind=small}
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
![codecov[bot] avatar](https://avatars.githubusercontent.com/in/254?v=4 "Published by a pub.dev verified publisher"){kind=small}