This PR contains the following updates:
Release Notes
chaijs/chai-http (chai-http)
Compare Source
What's Changed
Full Changelog: https://github.com/chaijs/chai-http/compare/5.1.0...5.1.1
Compare Source
What's Changed
New Contributors
Full Changelog: https://github.com/chaijs/chai-http/compare/5.0.0...5.1.0
Compare Source
What's Changed
New Contributors
Full Changelog: https://github.com/chaijs/chai-http/compare/4.4.0...5.0.0
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
- [ ] If you want to rebase/retry this PR, check this box
This PR was generated by Mend Renovate. View the repository job log.
Dependency Review
The following issues were found:
- ✅ 0 vulnerable package(s)
- ✅ 0 package(s) with incompatible licenses
- ✅ 0 package(s) with invalid SPDX license definitions
- ⚠️ 1 package(s) with unknown licenses.
See the Details below.
License Issues
package.json
| Package | Version | License | Issue Type |
| chai-http | ^5.0.0 | Null | Unknown License |
Allowed Licenses: MIT, Apache-2.0, BSD-3-Clause, ISC, BSD-2-Clause, Unlicense, CC0-1.0, 0BSD, X11, MPL-2.0, MPL-1.0, MPL-1.1, MPL-2.0, Zlib
Excluded from license check: pkg:npm/caniuse-lite
OpenSSF Scorecard
Scorecard details
| Package | Version | Score | Details |
|---|
| npm/chai-http | 5.1.1 |
:green_circle: 4.5 | Details| Check | Score | Reason |
|---|
| Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Maintained | :warning: 2 | 3 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 2 | | Code-Review | :green_circle: 6 | Found 18/29 approved changesets -- score normalized to 6 | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | Pinned-Dependencies | :green_circle: 3 | dependency not pinned by hash detected -- score normalized to 3 | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Security-Policy | :warning: 0 | security policy file not detected | | License | :warning: 0 | license file not detected | | Fuzzing | :warning: 0 | project is not fuzzed | | Packaging | :green_circle: 10 | packaging workflow detected | | Signed-Releases | :warning: -1 | no releases found | | Branch-Protection | :warning: -1 | internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 | | Vulnerabilities | :green_circle: 6 | 4 existing vulnerabilities detected |
|
| npm/clone-regexp | 3.0.0 |
:green_circle: 4.2 | Details| Check | Score | Reason |
|---|
| Code-Review | :warning: 1 | Found 4/23 approved changesets -- score normalized to 1 | | Maintained | :warning: 0 | 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 | | Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | Packaging | :warning: -1 | packaging workflow not detected | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | Security-Policy | :green_circle: 10 | security policy file detected | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Fuzzing | :warning: 0 | project is not fuzzed | | Vulnerabilities | :green_circle: 10 | 0 existing vulnerabilities detected | | License | :green_circle: 10 | license file detected | | Signed-Releases | :warning: -1 | no releases found | | Branch-Protection | :warning: 0 | branch protection not enabled on development/release branches | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 |
|
| npm/convert-hrtime | 5.0.0 |
:green_circle: 4.2 | Details| Check | Score | Reason |
|---|
| Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | Security-Policy | :green_circle: 10 | security policy file detected | | Code-Review | :warning: 2 | Found 3/14 approved changesets -- score normalized to 2 | | Maintained | :warning: 0 | 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Packaging | :warning: -1 | packaging workflow not detected | | Fuzzing | :warning: 0 | project is not fuzzed | | Vulnerabilities | :green_circle: 10 | 0 existing vulnerabilities detected | | License | :green_circle: 10 | license file detected | | Signed-Releases | :warning: -1 | no releases found | | Branch-Protection | :warning: 0 | branch protection not enabled on development/release branches | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 |
|
| npm/formidable | 3.5.2 |
:green_circle: 4.2 | Details| Check | Score | Reason |
|---|
| Code-Review | :warning: 1 | Found 5/29 approved changesets -- score normalized to 1 | | Packaging | :warning: -1 | packaging workflow not detected | | Maintained | :warning: 2 | 3 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 2 | | Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | License | :green_circle: 10 | license file detected | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | Fuzzing | :warning: 0 | project is not fuzzed | | Signed-Releases | :warning: -1 | no releases found | | Branch-Protection | :warning: -1 | internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | Security-Policy | :green_circle: 10 | security policy file detected | | SAST | :green_circle: 7 | SAST tool detected but not run on all commits | | Vulnerabilities | :warning: 0 | 27 existing vulnerabilities detected |
|
| npm/function-timeout | 0.1.1 |
Unknown | Unknown |
| npm/hexoid | 2.0.0 |
:green_circle: 3.7 | Details| Check | Score | Reason |
|---|
| Maintained | :green_circle: 3 | 2 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 3 | | Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | Packaging | :warning: -1 | packaging workflow not detected | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | Code-Review | :warning: 0 | Found 1/25 approved changesets -- score normalized to 0 | | Security-Policy | :warning: 0 | security policy file not detected | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Vulnerabilities | :green_circle: 10 | 0 existing vulnerabilities detected | | Fuzzing | :warning: 0 | project is not fuzzed | | License | :green_circle: 10 | license file detected | | Signed-Releases | :warning: -1 | no releases found | | Branch-Protection | :warning: 0 | branch protection not enabled on development/release branches | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 |
|
| npm/ip-regex | 5.0.0 |
:green_circle: 4.2 | Details| Check | Score | Reason |
|---|
| Packaging | :warning: -1 | packaging workflow not detected | | Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Maintained | :warning: 0 | 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 | | Code-Review | :warning: 2 | Found 8/30 approved changesets -- score normalized to 2 | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | Security-Policy | :green_circle: 10 | security policy file detected | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Fuzzing | :warning: 0 | project is not fuzzed | | License | :green_circle: 10 | license file detected | | Vulnerabilities | :green_circle: 10 | 0 existing vulnerabilities detected | | Signed-Releases | :warning: -1 | no releases found | | Branch-Protection | :warning: 0 | branch protection not enabled on development/release branches | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 |
|
| npm/is-ip | 5.0.1 |
:green_circle: 4.2 | Details| Check | Score | Reason |
|---|
| Maintained | :warning: 0 | 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 | | Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | Packaging | :warning: -1 | packaging workflow not detected | | Security-Policy | :green_circle: 10 | security policy file detected | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | Code-Review | :warning: 1 | Found 4/24 approved changesets -- score normalized to 1 | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Fuzzing | :warning: 0 | project is not fuzzed | | License | :green_circle: 10 | license file detected | | Vulnerabilities | :green_circle: 10 | 0 existing vulnerabilities detected | | Signed-Releases | :warning: -1 | no releases found | | Branch-Protection | :warning: 0 | branch protection not enabled on development/release branches | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 |
|
| npm/is-regexp | 3.1.0 |
:green_circle: 4.2 | Details| Check | Score | Reason |
|---|
| Maintained | :warning: 0 | 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | Packaging | :warning: -1 | packaging workflow not detected | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Code-Review | :warning: 2 | Found 3/15 approved changesets -- score normalized to 2 | | Security-Policy | :green_circle: 10 | security policy file detected | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Fuzzing | :warning: 0 | project is not fuzzed | | Vulnerabilities | :green_circle: 10 | 0 existing vulnerabilities detected | | License | :green_circle: 10 | license file detected | | Signed-Releases | :warning: -1 | no releases found | | Branch-Protection | :warning: 0 | branch protection not enabled on development/release branches | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 |
|
| npm/super-regex | 0.2.0 |
Unknown | Unknown |
| npm/superagent | 9.0.2 |
Unknown | Unknown |
| npm/time-span | 5.1.0 |
:green_circle: 4.2 | Details| Check | Score | Reason |
|---|
| Code-Review | :warning: 2 | Found 5/19 approved changesets -- score normalized to 2 | | Security-Policy | :green_circle: 10 | security policy file detected | | Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Packaging | :warning: -1 | packaging workflow not detected | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | Maintained | :warning: 0 | 1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Fuzzing | :warning: 0 | project is not fuzzed | | Vulnerabilities | :green_circle: 10 | 0 existing vulnerabilities detected | | License | :green_circle: 10 | license file detected | | Signed-Releases | :warning: -1 | no releases found | | Branch-Protection | :warning: 0 | branch protection not enabled on development/release branches | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 |
|
| npm/chai-http | ^5.0.0 |
:green_circle: 4.5 | Details| Check | Score | Reason |
|---|
| Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Maintained | :warning: 2 | 3 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 2 | | Code-Review | :green_circle: 6 | Found 18/29 approved changesets -- score normalized to 6 | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | Pinned-Dependencies | :green_circle: 3 | dependency not pinned by hash detected -- score normalized to 3 | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Security-Policy | :warning: 0 | security policy file not detected | | License | :warning: 0 | license file not detected | | Fuzzing | :warning: 0 | project is not fuzzed | | Packaging | :green_circle: 10 | packaging workflow detected | | Signed-Releases | :warning: -1 | no releases found | | Branch-Protection | :warning: -1 | internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 | | Vulnerabilities | :green_circle: 6 | 4 existing vulnerabilities detected |
|
Scanned Files
- package-lock.json
- package.json
There are breaking changes in chai v5, revisit this in the future.
Renovate Ignore Notification
Because you closed this PR without merging, Renovate will ignore this update. You will not get PRs for any future 5.x releases. But if you manually upgrade to 5.x then Renovate will re-enable minor and patch updates automatically.
If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR.
git-proxy copied to clipboard
finos
![renovate[bot] avatar](https://avatars.githubusercontent.com/in/2740?v=4 "Published by a pub.dev verified publisher"){kind=small}
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
![netlify[bot] avatar](https://avatars.githubusercontent.com/in/13473?v=4 "Published by a pub.dev verified publisher"){kind=small}
