chore(deps): update material-ui monorepo (major)

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@mui/icons-material (source)	5.15.3 -> 7.1.0
@mui/material (source)	5.15.3 -> 7.1.0
@mui/x-date-pickers (source)	^7.0.0 -> ^8.0.0

---

Release Notes

mui/material-ui (@​mui/icons-material)

v7.1.0

Compare Source

May 6, 2025

A big thanks to the 21 contributors who made this release possible. Here are some highlights ✨:

• 🎉 Material UI now works with Tailwind CSS v4! Check out the setup guide.

@mui/[email protected]

• [InputBase] Text cursor jumps several lines up when inserting text fragment with new line at the end (#​45246) @​yermartee
• [OutlinedInput] Add missing notchedOutline slot (#​45917) @​siriwatknp
• [Snackbar] Skip default onClickAway behavior when defaultMuiPrevented is provided (#​45629) @​sai6855
• [Avatar] Fix img slot types and add missing slots (#​45483) @​siriwatknp
• [Badge] Replace useSlotProps with useSlot hook (#​45871) @​sai6855
• [BottomNavigationAction] Add slots and slotProps (#​45776) @​sai6855
• [CardActionArea] Add slots and slotProps (#​45866) @​sai6855
• [useMediaQuery] Add warning and docs for using useMediaQuery('print') (#​44790) @​good-jinu
• Remove unnecessary clsx usages (#​46084) @​sai6855
• Corrected generic type definition in SelectChangeEvent (#​45941) @​SuyashShukla0007
• Fix theme object changes between renders (#​45863) @​siriwatknp

@mui/[email protected]

• Add option to enable CSS layers for pages router (#​45596) @​siriwatknp
• Do not wrap @layer order rules in App Router (#​45864) @​Nayeem-XTREME

@mui/[email protected]

• Fix @mui/system types organization (#​45860) @​Janpot

@mui/[email protected]

• Infer ownerState from props in styled (#​46083) @​siriwatknp
• Fix style overrides variants type (#​45478) @​siriwatknp

Docs

• [Avatar] Add avatar upload demo (#​45986) @​Demianeen
• [Dialog] Remove deprecated props usage in demos (#​45923) @​sai6855
• [Menu] Update paper slot JSDoc default from Paper to PopoverPaper (#​45722) @​andreachiera
• [examples] Remove create-react-app usages (#​45426) @​CodeLeom
• Add AccordionSummary to the v5 breaking change migration (#​45947) @​siriwatknp
• Update CSS variable usage in migration guide for Pigment CSS (#​46033) @​sai6855
• Fix docs API dark mode color (#​46086) @​alexfauquette
• Add a guide for extending Material UI classes in Tailwind CSS (#​46039) @​siriwatknp
• Add InitColorSchemeScript docs and API (#​45927) @​siriwatknp
• Add Tailwind CSS v4 integration guide (#​45906) @​siriwatknp
• Fix 301 links to the system v6 (#​45931) @​oliviertassinari
• Add notification for MUI X v8 announcement (#​45942) @​joserodolfofreitas
• Fix som 301 redirections (ae84b35) @​oliviertassinari
• Fix some 301 redirections (057384e) @​oliviertassinari
• Fix logo is not centered on small screens (#​45920) @​crabsim
• Fix line break typo (a2a62d5) @​oliviertassinari
• Fix markdown typo in templates.md (#​45914) @​scyzoryck
• Add Next.js App Router guide for custom classnames (#​45852) @​siriwatknp

Core

• [code-infra] Give a stable name to dev tool app (3889ded) @​oliviertassinari
• [code-infra] Normalize author package in org (8135638) @​oliviertassinari
• [code-infra] Correct some manually curated .d.ts files (#​46054) @​Janpot
• [code-infra] Align deps versions (#​46048) @​Janpot
• [code-infra] Fix dynamic import in imports resolver (#​46046) @​Janpot
• [code-infra] Eliminate @mui/utils deep imports (#​46004) @​Janpot
• [code-infra] Expand renovate.json for react types (#​45935) @​Janpot
• [code-infra] Make Argos upload script reusable (#​45883) @​Janpot
• [code-infra] Disallow redundant window prefixes for globals (#​45880) @​Janpot
• [code-infra] Remove type generation of modern build (#​45912) @​Janpot
• [code-infra] Clean up bundle size checker (#​45622) @​Janpot
• [code-infra] Fix StrictMode effects not being called twice in React 19 tests (#​45812) @​bernardobelchior
• [code-infra] Convert @mui/utils to typescript (#​45671) @​Janpot
• [docs-infra] Improve export into sandbox package.json (#​46044) @​oliviertassinari
• [docs-infra] Update feedback Node.js to v22 (#​46064) @​oliviertassinari
• [docs-infra] Normalize netlify.toml in org (b101d5c) @​oliviertassinari
• [docs-infra] Uniformize Vale between repositories (0f79796) @​oliviertassinari
• [docs-infra] Fix Vale no longer working (#​46029) @​oliviertassinari
• [docs-infra] Remove demo styling switch (#​45926) @​Janpot
• [docs-infra] StackBlitz WebContainer demos (#​45924) @​Janpot
• [docs-infra] Fix feedback management (#​45872) @​alexfauquette
• [test] Replace playwright with @playwright/test (#​45998) @​ZeeshanTamboli
• Fix internal version duplication (#​46051) @​oliviertassinari
• Avoid the need for @mui/material/themeCssVarsAugmentation (#​46053) @​Janpot
• Add security label to dependabot PRs (0a5c027) @​oliviertassinari
• Remove unecessary versions (#​46034) @​oliviertassinari
• Remove redundant overrides resolver (#​45970) @​romgrk
• Fix duplicate branch reference (#​45915) @​oliviertassinari
• Fix outdated <link rel="shortcut icon" (#​45916) @​oliviertassinari
• Fix redirection chains (#​45930) @​oliviertassinari
• Run pnpm docs:sync-team (beee09f) @​oliviertassinari
• Add pkg.pr.new publishing (#​42984) @​Aslemammad
• Remove @​mui/base from the master branch (#​45857) @​mnajdova

All contributors of this release in alphabetical order: @​alexfauquette, @​andreachiera, @​Aslemammad, @​bernardobelchior, @​CodeLeom, @​crabsim, @​Demianeen, @​good-jinu, @​Janpot, @​joserodolfofreitas, @​mnajdova, @​Nayeem-XTREME, @​oliviertassinari, @​renovate[bot], @​romgrk, @​sai6855, @​scyzoryck, @​siriwatknp, @​SuyashShukla0007, @​yermartee, @​ZeeshanTamboli

v7.0.2

Compare Source

Apr 9, 2025

A big thanks to the 12 contributors who made this release possible.

@mui/[email protected]

• [Autocomplete] Add ability to render custom single value (#​45387) @​ZeeshanTamboli
• [Autocomplete] Prevent shrink animation in controlled Autocomplete when initial value is provided (#​45734) @​imadx
• [AvatarGroup] Fix spacing prop ignoring value 0 (#​45799) @​Kartik-Murthy
• [Dialog] Deprecate composed classes (#​45418) @​sai6855

@mui/[email protected]

• Fix nonce issues (#​45794) @​Janpot
• Add warnings to nextjs router integration (#​45778) @​Janpot

@mui/[email protected]

• Added caching to StyledEngineProvider to improve performance for running tests with Jest (#​45846) @​siriwatknp

Core

• [blog] Improve upvote video (0646444) @​oliviertassinari
• [code-infra] Remove webpack aliases (#​45841) @​Janpot
• [code-infra] Remove .tsbuildinfo from build folder (#​45727) @​Janpot
• [code-infra] Stabilize theme viewer screenshot tests (#​45768) @​Janpot
• [code-infra] Remove modern bundles (#​45808) @​Janpot
• Update buildTypes script to optionally remove css imports (#​45835) @​brijeshb42
• Allow repo to be accepted as an argument for releaseTag (#​45801) @​brijeshb42
• Update scripts to support base-ui (#​45784) @​brijeshb42
• Sync scorecards.yml across codebase (4de5076) @​oliviertassinari
• Remove baseUrl and skipLibCheck (#​45806) @​Janpot
• [docs-infra] Fix redirect styles pages (#​45848) @​siriwatknp
• [docs-infra] Remove false-positive Vale rules (#​45843) @​oliviertassinari
• [docs-infra] Make sure Next.js can find package.json through its aliases (#​45840) @​Janpot
• [docs-infra] Fix Next.js brand name coverage (6915f8d) @​oliviertassinari
• [docs-infra] Fix layout shift between MIT and commercial pages (#​45760) @​oliviertassinari
• [docs-infra] Non breaking space for ESM (#​45758) @​oliviertassinari
• [support-infra] Remove dead 'workflow_call:' (#​45736) @​oliviertassinari
• [utils] Support cleanup callbacks in useForkRef (#​45621) @​DiegoAndai

Docs

• Fix pigment vite integration example (#​44746) @​brijeshb42
• Update migration instructions and codemod references for deprecated APIs (#​45793) @​sai6855
• Add TanStack Router routing example (#​44930) @​vetledv
• Fix layout shifting in icons page (#​45779) @​sai6855
• Fix migration instructions (#​45762) @​oliviertassinari
• Fix wrong TypeScript support version (#​45761) @​oliviertassinari
• Fix link to mui-joy/src/styles/components.d.ts (#​45763) @​oliviertassinari
• Fix 301 link (ae94c40) @​oliviertassinari
• Fix 301 links (abd8f63) @​oliviertassinari
• Fix 301 redirection (c7658de) @​oliviertassinari
• [nextjs] Migrate from deprecated "legacyBehavior" prop (#​44871) @​oliviertassinari
• [nextjs] Document CSP for Next.js Pages Router (#​45798) @​Grohden

All contributors of this release in alphabetical order: @​brijeshb42, @​DiegoAndai, @​Grohden, @​imadx, @​Janpot, @​Kartik-Murthy, @​oliviertassinari, @​renovate[bot], @​sai6855, @​siriwatknp, @​vetledv, @​ZeeshanTamboli

v7.0.1

Compare Source

Mar 28, 2025

A big thanks to the 7 contributors who made this release possible.

@mui/[email protected]

• Export ThemeProviderProps (#​45701) @​aarongarciah
• [Fab] Fix default variant text color when using CSS vars (#​45714) @​aarongarciah
• Remove mention of v7 in deprecation messages (#​45708) @​DiegoAndai
• [Popover] Allow null in anchorEl function return type (#​45045) @​eduter
• Fix missing CSSProperties/MixinOptions types (#​45706) @​Janpot

@mui/[email protected]

• [code-infra] Fix icon-material type resolution under moduleResolution: "node" (#​45704) @​Janpot
• Bring back individual icon dts (#​45711) @​Janpot

Core

• Improve the release instructions (#​45688) @​mnajdova

Docs

• Fix Masonry and Toolpad dark mode demos (#​45721) @​siriwatknp
• Update v7 related copy (#​45716) @​aarongarciah
• Avoid unwanted undefined in page title (#​45718) @​aarongarciah
• Fix joy templates error (#​45715) @​siriwatknp
• Rename GitHub icon import (#​45709) @​micttyoid
• Fix Safari issue in dark mode (#​45696) @​mnajdova
• Fix Grid, GridLegacy, Stack, Badge, Select, Autocomplete demos CSS variables (#​45693) @​DiegoAndai
• Add "Material UI v7 is here" to the notifications (#​45694) @​DiegoAndai
• Fix Breadcrumbs, List, Divider, and Typography dark mode demos (#​45692) @​siriwatknp
• Fix Material Icons page in dark mode (#​45691) @​mnajdova

All contributors of this release in alphabetical order: @​aarongarciah, @​DiegoAndai, @​eduter, @​Janpot, @​micttyoid, @​mnajdova, @​siriwatknp

v7.0.0

Compare Source

Mar 26, 2025

🎉 We're happy to announce the stable release of v7.

• Read the blog post about the announcement.
• Check out the v7 upgrade guide.

@mui/[email protected]

• [Autocomplete] Fix when onHighlightChange is called (#​45438) @​ZeeshanTamboli
• [Tabs] Fix modifier keys + Left/Right Arrow key from being consumed by tab navigation (#​45345) @​mushfiqbh
• Update minimum TypeScript support to 4.9 (#​45535) @​siriwatknp

@mui/[email protected]

• [system] Fix palette mode does not change when not using CSS vars (#​45660) @​siriwatknp

@mui/[email protected]

• [lab] Remove @​mui/base dependency (#​45602) @​mnajdova

Docs

• [docs] Fix unnecessary redirects for v7 (#​45677) @​Janpot
• [docs] Fix new React project link, CRA deprecated (#​45362) @​oliviertassinari
• [docs] Prepare the v7 upgrade guide for stable release (#​45624) @​DiegoAndai
• [docs] Fix grammatical errors in support.md (#​45631) @​letianpailove
• [docs] Update nextjs font optimization guide (#​45600) @​IshfaqAhmedProg
• [docs] Deprecate Toolpad Studio (#​45613) @​Janpot
• [docs] Sync the mode from page to demos #​45661 @​siriwatknp

Core

• [blog] v7 stable release (#​45623) @​DiegoAndai
• [code-infra] Disable flaky masonry screenshot (#​45678) @​Janpot
• [code-infra] Migrate regression tests to vite (#​44964) @​Janpot
• [code-infra] Update rollup (#​45666) @​Janpot
• [code-infra] Support React.ComponentType in proptypes generation (#​45664) @​Janpot
• [code-infra] Ensure translations.json is present in all @mui/docs package builds (#​45626) @​LukasTy
• [code-infra] Improve Argos script debuggability (#​45619) @​Janpot
• [code-infra] Reconfigure react-remove-properties babel plugin (#​45218) @​Janpot
• [core] Prepare master for v7 stable (#​45674) @​DiegoAndai
• [core] Improve instructions on changing domain (#​45637) @​mnajdova
• [core] Deprecate ponyfillGlobal (#​45606) @​Janpot
• [docs-infra] Restructure docs theme context to CSS variables (#​45386) @​siriwatknp
• [styles] Remove code & docs (#​45633) @​mnajdova

All contributors of this release in alphabetical order: @​DiegoAndai, @​IshfaqAhmedProg, @​Janpot, @​letianpailove, @​LukasTy, @​mnajdova, @​mushfiqbh, @​oliviertassinari, @​siriwatknp, @​ZeeshanTamboli

v6.4.11

Compare Source

Apr 9, 2025

A big thanks to the 4 contributors who made this release possible.

@mui/[email protected]

• [AvatarGroup] Fix spacing prop ignoring value 0 (#​45845) @​Kartik-Murthy
• [Dialog] Deprecate composed classes (#​45814) @​sai6855

@mui/[email protected]

• Add caching to improve performance for running tests with Jest (#​45855)

Docs

• Add missing v7 docs banner (#​45842) @​DiegoAndai
• Add v7 is here banner (#​45838) @​DiegoAndai
• Fix lab version install instructions (#​45770) @​DiegoAndai

All contributors of this release in alphabetical order: @​DiegoAndai, @​Kartik-Murthy, @​sai6855, @​siriwatknp

v6.4.10

Compare Source

A big thanks to the 4 contributors who made this release possible.

@mui/[email protected]

• [Autocomplete] Prevent shrink animation in controlled Autocomplete when initial value is provided (#​45735) @​imadx
• [Popover] Allow null in anchorEl function return type (#​45723) @​eduter

Docs

• Fix new React project link, CRA deprecated (#​45669) @​oliviertassinari

Core

• [utils] Support cleanup callbacks in useForkRef (#​45733) @​DiegoAndai

All contributors of this release in alphabetical order: @​DiegoAndai, @​eduter, @​imadx, @​oliviertassinari

v6.4.9

Compare Source

Mar 25, 2025

A big thanks to the 7 contributors who made this release possible.

@mui/[email protected]

• [Autocomplete] Fix when onHighlightChange is called (@​ZeeshanTamboli) (#​45635) @​ZeeshanTamboli
• [StepLabel] Add missing root slot (#​45607) @​sai6855
• [Switch] Add slots and slotProps (#​45628) @​siriwatknp
• [TextField] Add root slot (#​45616) @​sai6855
• [Tabs] Fix modifier keys + Left/Right Arrow key from being consumed by tab navigation (#​45620) @​mushfiqbh

@mui/[email protected]

• Add missing deprecations in deprecations-all file (#​45508) @​sai6855

Docs

• [docs] Fix grammatical errors in support.md (#​45636) @​letianpailove
• [docs] Restore utility component docs from MUI Base to Material UI (#​45240) @​mapache-salvaje

Core

• [core] Prepare v6 branch for v7 stable release (#​45668) @​DiegoAndai

All contributors of this release in alphabetical order: @​DiegoAndai, @​letianpailove, @​mapache-salvaje, @​mushfiqbh, @​sai6855, @​siriwatknp, @​ZeeshanTamboli

v6.4.8

Compare Source

Mar 17, 2025

A big thanks to the 9 contributors who made this release possible.

@mui/[email protected]

• [ListItemText] Add missing root slot (#​45552) @​sai6855
• [SpeedDial] Add missing root slot (#​45551) @​sai6855
• [Tooltip] Allow auto placement on tooltip (#​45536) @​Jtaks
• [useScrollTrigger] Do nothing if target is null (#​45553) @​vipierozan99
• [Accordion] Add missing root slot (#​45534) @​sai6855
• [AccordionSummary] Add slots and slotProps (#​45560) @​sai6855
• [TextareaAutosize] Fix ResizeObserver causing infinite selectionchange loop (#​45351) (#​45498) @​mj12albert

@mui/[email protected]

• Add enableCssLayer prop to StyledEngineProvider (#​45563) @​siriwatknp

@mui/[email protected]

• [system] Prevent nested non-vars theme inheritance (#​45564) @​siriwatknp

@mui/[email protected]

• Use correct iri-reference homepage format (#​45511) @​dahiro

Core

• [test] Fix React 18 tests (#​45161) (#​45496) @​DiegoAndai

Docs

• [Backdrop] Fix component name in migration guide (#​45507) @​sai6855
• Fix broken links to MUI X docs (cherry-pick of #​45145) (#​45481) @​mapache-salvaje
• [examples] Fix the invalid argument to extract examples (#​45493) @​ovtn
• Add overriding-component-structure doc to Material UI (#​45570) @​siriwatknp

All contributors of this release in alphabetical order: @​dahiro, @​DiegoAndai, @​Jtaks, @​mapache-salvaje, @​mj12albert, @​ovtn, @​sai6855, @​siriwatknp, @​vipierozan99

v6.4.7

Compare Source

Mar 5, 2025

A big thanks to the 2 contributors who made this release possible.

@mui/[email protected]

• [ThemeProvider] Add storageManager prop to ThemeProvider (@​siriwatknp) (#​45437) @​siriwatknp
• [Rating] Deprecate *Props and complete slots, slotProps (#​45295) (#​45398) @​DiegoAndai
• [Radio] Fix inputProps not forwarded (@​siriwatknp) (#​4547

v6.4.6

Compare Source

A big thanks to the 4 contributors who made this release possible.

@mui/[email protected]

• [Checkbox] Add slots and slotProps (#​45361) @​siriwatknp
• [Drawer] Deprecate *Props and complete slots, slotProps (#​45377) @​siriwatknp
• [Grid] Improve Grid2 upgrade experience (#​45372) @​DiegoAndai
• [InputBase] Deprecate composed classes (#​45366) @​siriwatknp
• Fix slotProps.transition types (#​45367) @​siriwatknp
• Allow nested theme creation with vars (#​45368) @​siriwatknp
• Fix wrong slotProps of DetailsHTMLAttributes types (#​45356) @​siriwatknp
• [Popover] Deprecate *Props and complete slots, slotProps (#​45337) @​siriwatknp
• [Radio] Add slots and slotProps (#​45364) @​siriwatknp
• [Slider] Fix css class selector in migration guide (#​45409) @​sai6855
• [Slider] Fix spacings in .md files (#​45393) @​sai6855
• [Snackbar] Add Slots and SlotProps (#​45103) (#​45352) @​siriwatknp
• [SpeedDialAction] Add slots and slotProps (#​45365) @​siriwatknp
• [SwitchBase] Deprecate inputProps and complete slots, slotProps (#​45338) @​siriwatknp
• [Tabs] Deprecate *Props and complete slots, slotProps (#​45012) (#​45355) @​siriwatknp
• [Menu] Deprecate *Props and complete slots, slotProps (#​45369) @​siriwatknp

Docs

• [Autocomplete] Remove unnecessary renderTags prop from Sizes demo (#​45403) @​ZeeshanTamboli
• Fix typo in slider docs (#​45392) @​sai6855

Core

• [test] Remove unused renderTags prop and fix key warning in Autocomplete regression test (#​45412) @​ZeeshanTamboli

All contributors of this release in alphabetical order: @​DiegoAndai, @​sai6855, @​siriwatknp, @​ZeeshanTamboli

v6.4.5

Compare Source

A big thanks to the 5 contributors who made this release possible.

@mui/[email protected]

• [Autocomplete] Remove legacy aria-owns attribute for combobox (#​45303) @​ZeeshanTamboli
• [Button] Apply id only if loading indicator is present (#​45339) @​aarongarciah

Docs

• [icons] Fix typo in material-icons.md (#​45336) @​a-s-russo
• [Menu] Add Grouped Menu demo (#​45292) @​noobDev31

Core

• [blog] Consistent Base UI terminology (#​45342) @​aarongarciah
• Fix double redirection to Base UI (#​45146) @​oliviertassinari

All contributors of this release in alphabetical order: @​a-s-russo, @​aarongarciah, @​noobDev31, @​oliviertassinari, @​ZeeshanTamboli

v6.4.4

Compare Source

Feb 11, 2025

A big thanks to the 3 contributors who made this release possible.

@mui/[email protected]

• [MobileStepper] deprecate LinearProgressProps and complete slots, slotProps (@​siriwatknp) (#​45242) @​siriwatknp
• [Slider] Deprecate composed classes (@​sai6855) (#​45223) @​sai6855
• [utils] Merge sx instead of override when using mergeSlotProps (#​45129) @​siriwatknp

Docs

• [Autocomplete] Improve Google Maps search example (#​44708) @​oliviertassinari
• [Dialog] Removes deprecated PaperProps from docs (#​45217) @​sai6855
• A quick first step to update docs for Tailwind v4 (#​45221) @​oliviertassinari

Core

• Fix missing store contributor renaming (527222d) @​oliviertassinari
• Fix MUI Base vale rule (#​45140) @​oliviertassinari
• Fix 404 errors (#​45137) @​oliviertassinari
• [docs] Sync active sponsors (#​45204) @​oliviertassinari
• [docs-infra] Move Ukraine banner to the bottom (#​45135) @​oliviertassinari

All contributors of this release in alphabetical order: @​oliviertassinari, @​sai6855, @​siriwatknp

v6.4.3

Compare Source

Feb 4, 2025

A big thanks to the 3 contributors who made this release possible.

@mui/[email protected]

• [LinearProgress][CircularProgress] Add variant overrides for module augmentation (#​45191) @​ZeeshanTamboli
• [TextField] Remove deprecated props from documentation (#​45200) @​sai6855

Core

• Fix corepack and pnpm installation in CircleCI (#​45194) @​DiegoAndai

All contributors of this release in alphabetical order: @​DiegoAndai, @​sai6855, @​ZeeshanTamboli

v6.4.2

Compare Source

Jan 29, 2025

A big thanks to the 5 contributors who made this release possible.

@mui/[email protected]

• [Autocomplete] Prevent shrink animation in uncontrolled Autocomplete when default value is set (#​44873) @​ZeeshanTamboli
• [Slider] Fix arrow keys past the end for Slider with custom marks (#​45050) @​joshkel
• [TextareaAutosize] Temporarily disconnect ResizeObserver to avoid loop error (#​44540) @​mj12albert

Core

• [code-infra] a few fixes uncovered during ESM updates (@​Janpot) (#​45100) @​Janpot
• [code-infra] Remove rsc-builder (#​45079) @​Janpot
• [code-infra] Remove commonjs imports in docs (#​44976) @​Janpot
• Prepare stable release from the v6.x branch (#​45133) @​DiegoAndai

Docs

• Fix /base-ui redirect and prune links (#​45083) @​mj12albert

All contributors of this release in alphabetical order: @​DiegoAndai, @​Janpot, @​joshkel, [@​m

---

Configuration

📅 Schedule: Branch creation - "after 7pm every weekday,before 5am every weekday" in timezone Europe/Madrid, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
unleash-monorepo-frontend	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	May 6, 2025 9:26am

1 Skipped Deployment

Name	Status	Preview	Comments	Updated (UTC)
unleash-docs	⬜️ Ignored (Inspect)	Visit Preview		May 6, 2025 9:26am

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
npm/@mui/icons-material	7.1.0	🟢 7.7	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 6 Found 11/16 approved changesets -- score normalized to 6 Packaging ⚠️ -1 packaging workflow not detected Dependency-Update-Tool 🟢 10 update tool detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected CII-Best-Practices 🟢 5 badge detected: Passing Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 9 dependency not pinned by hash detected -- score normalized to 9 License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found SAST 🟢 7 SAST tool detected but not run on all commits Branch-Protection 🟢 4 branch protection is not maximal on development and all release branches Fuzzing ⚠️ 0 project is not fuzzed CI-Tests 🟢 10 25 out of 25 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 35 contributing companies or organizations Vulnerabilities 🟢 3 7 existing vulnerabilities detected
npm/@mui/material	7.1.0	🟢 7.7	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 6 Found 11/16 approved changesets -- score normalized to 6 Packaging ⚠️ -1 packaging workflow not detected Dependency-Update-Tool 🟢 10 update tool detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected CII-Best-Practices 🟢 5 badge detected: Passing Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 9 dependency not pinned by hash detected -- score normalized to 9 License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found SAST 🟢 7 SAST tool detected but not run on all commits Branch-Protection 🟢 4 branch protection is not maximal on development and all release branches Fuzzing ⚠️ 0 project is not fuzzed CI-Tests 🟢 10 25 out of 25 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 35 contributing companies or organizations Vulnerabilities 🟢 3 7 existing vulnerabilities detected
npm/@mui/x-date-pickers	^8.0.0	🟢 8.2	Details Check Score Reason Dependency-Update-Tool 🟢 10 update tool detected Maintained 🟢 10 30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Code-Review 🟢 7 Found 18/25 approved changesets -- score normalized to 7 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 10 all dependencies are pinned Signed-Releases ⚠️ -1 no releases found CII-Best-Practices 🟢 5 badge detected: Passing Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 7 SAST tool detected but not run on all commits License ⚠️ 0 license file not detected Branch-Protection 🟢 4 branch protection is not maximal on development and all release branches CI-Tests 🟢 10 28 out of 28 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 15 contributing companies or organizations Vulnerabilities 🟢 10 0 existing vulnerabilities detected
npm/@babel/runtime	7.27.1	🟢 6.4	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 10 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 9 Found 28/29 approved changesets -- score normalized to 9 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 2 badge detected: InProgress License 🟢 10 license file detected Security-Policy 🟢 10 security policy file detected Signed-Releases ⚠️ -1 no releases found Token-Permissions 🟢 9 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 25 existing vulnerabilities detected
npm/@emotion/cache	11.14.0	🟢 5.4	Details Check Score Reason Packaging ⚠️ -1 packaging workflow not detected Code-Review 🟢 8 Found 18/21 approved changesets -- score normalized to 8 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 5 0 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 5 Security-Policy 🟢 4 security policy file detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 0 156 existing vulnerabilities detected
npm/@emotion/hash	0.9.2	🟢 5.4	Details Check Score Reason Packaging ⚠️ -1 packaging workflow not detected Code-Review 🟢 8 Found 18/21 approved changesets -- score normalized to 8 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 5 0 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 5 Security-Policy 🟢 4 security policy file detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 0 156 existing vulnerabilities detected
npm/@emotion/memoize	0.9.0	🟢 5.4	Details Check Score Reason Packaging ⚠️ -1 packaging workflow not detected Code-Review 🟢 8 Found 18/21 approved changesets -- score normalized to 8 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 5 0 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 5 Security-Policy 🟢 4 security policy file detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 0 156 existing vulnerabilities detected
npm/@emotion/serialize	1.3.3	🟢 5.4	Details Check Score Reason Packaging ⚠️ -1 packaging workflow not detected Code-Review 🟢 8 Found 18/21 approved changesets -- score normalized to 8 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 5 0 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 5 Security-Policy 🟢 4 security policy file detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 0 156 existing vulnerabilities detected
npm/@emotion/sheet	1.4.0	🟢 5.4	Details Check Score Reason Packaging ⚠️ -1 packaging workflow not detected Code-Review 🟢 8 Found 18/21 approved changesets -- score normalized to 8 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 5 0 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 5 Security-Policy 🟢 4 security policy file detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 0 156 existing vulnerabilities detected
npm/@emotion/unitless	0.10.0	🟢 5.4	Details Check Score Reason Packaging ⚠️ -1 packaging workflow not detected Code-Review 🟢 8 Found 18/21 approved changesets -- score normalized to 8 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 5 0 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 5 Security-Policy 🟢 4 security policy file detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 0 156 existing vulnerabilities detected
npm/@emotion/utils	1.4.2	🟢 5.4	Details Check Score Reason Packaging ⚠️ -1 packaging workflow not detected Code-Review 🟢 8 Found 18/21 approved changesets -- score normalized to 8 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 5 0 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 5 Security-Policy 🟢 4 security policy file detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 0 156 existing vulnerabilities detected
npm/@emotion/weak-memoize	0.4.0	🟢 5.4	Details Check Score Reason Packaging ⚠️ -1 packaging workflow not detected Code-Review 🟢 8 Found 18/21 approved changesets -- score normalized to 8 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 5 0 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 5 Security-Policy 🟢 4 security policy file detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 0 156 existing vulnerabilities detected
npm/@mui/core-downloads-tracker	7.1.0	🟢 7.7	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 6 Found 11/16 approved changesets -- score normalized to 6 Packaging ⚠️ -1 packaging workflow not detected Dependency-Update-Tool 🟢 10 update tool detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected CII-Best-Practices 🟢 5 badge detected: Passing Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 9 dependency not pinned by hash detected -- score normalized to 9 License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found SAST 🟢 7 SAST tool detected but not run on all commits Branch-Protection 🟢 4 branch protection is not maximal on development and all release branches Fuzzing ⚠️ 0 project is not fuzzed CI-Tests 🟢 10 25 out of 25 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 35 contributing companies or organizations Vulnerabilities 🟢 3 7 existing vulnerabilities detected
npm/@mui/icons-material	7.1.0	🟢 7.7	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 6 Found 11/16 approved changesets -- score normalized to 6 Packaging ⚠️ -1 packaging workflow not detected Dependency-Update-Tool 🟢 10 update tool detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected CII-Best-Practices 🟢 5 badge detected: Passing Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 9 dependency not pinned by hash detected -- score normalized to 9 License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found SAST 🟢 7 SAST tool detected but not run on all commits Branch-Protection 🟢 4 branch protection is not maximal on development and all release branches Fuzzing ⚠️ 0 project is not fuzzed CI-Tests 🟢 10 25 out of 25 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 35 contributing companies or organizations Vulnerabilities 🟢 3 7 existing vulnerabilities detected
npm/@mui/material	7.1.0	🟢 7.7	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 6 Found 11/16 approved changesets -- score normalized to 6 Packaging ⚠️ -1 packaging workflow not detected Dependency-Update-Tool 🟢 10 update tool detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected CII-Best-Practices 🟢 5 badge detected: Passing Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 9 dependency not pinned by hash detected -- score normalized to 9 License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found SAST 🟢 7 SAST tool detected but not run on all commits Branch-Protection 🟢 4 branch protection is not maximal on development and all release branches Fuzzing ⚠️ 0 project is not fuzzed CI-Tests 🟢 10 25 out of 25 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 35 contributing companies or organizations Vulnerabilities 🟢 3 7 existing vulnerabilities detected
npm/@mui/private-theming	7.1.0	🟢 7.7	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 6 Found 11/16 approved changesets -- score normalized to 6 Packaging ⚠️ -1 packaging workflow not detected Dependency-Update-Tool 🟢 10 update tool detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected CII-Best-Practices 🟢 5 badge detected: Passing Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 9 dependency not pinned by hash detected -- score normalized to 9 License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found SAST 🟢 7 SAST tool detected but not run on all commits Branch-Protection 🟢 4 branch protection is not maximal on development and all release branches Fuzzing ⚠️ 0 project is not fuzzed CI-Tests 🟢 10 25 out of 25 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 35 contributing companies or organizations Vulnerabilities 🟢 3 7 existing vulnerabilities detected
npm/@mui/styled-engine	7.1.0	🟢 7.7	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 6 Found 11/16 approved changesets -- score normalized to 6 Packaging ⚠️ -1 packaging workflow not detected Dependency-Update-Tool 🟢 10 update tool detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected CII-Best-Practices 🟢 5 badge detected: Passing Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 9 dependency not pinned by hash detected -- score normalized to 9 License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found SAST 🟢 7 SAST tool detected but not run on all commits Branch-Protection 🟢 4 branch protection is not maximal on development and all release branches Fuzzing ⚠️ 0 project is not fuzzed CI-Tests 🟢 10 25 out of 25 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 35 contributing companies or organizations Vulnerabilities 🟢 3 7 existing vulnerabilities detected
npm/@mui/system	7.1.0	🟢 7.7	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 6 Found 11/16 approved changesets -- score normalized to 6 Packaging ⚠️ -1 packaging workflow not detected Dependency-Update-Tool 🟢 10 update tool detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected CII-Best-Practices 🟢 5 badge detected: Passing Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 9 dependency not pinned by hash detected -- score normalized to 9 License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found SAST 🟢 7 SAST tool detected but not run on all commits Branch-Protection 🟢 4 branch protection is not maximal on development and all release branches Fuzzing ⚠️ 0 project is not fuzzed CI-Tests 🟢 10 25 out of 25 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 35 contributing companies or organizations Vulnerabilities 🟢 3 7 existing vulnerabilities detected
npm/@mui/types	7.4.2	🟢 7.7	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 6 Found 11/16 approved changesets -- score normalized to 6 Packaging ⚠️ -1 packaging workflow not detected Dependency-Update-Tool 🟢 10 update tool detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected CII-Best-Practices 🟢 5 badge detected: Passing Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 9 dependency not pinned by hash detected -- score normalized to 9 License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found SAST 🟢 7 SAST tool detected but not run on all commits Branch-Protection 🟢 4 branch protection is not maximal on development and all release branches Fuzzing ⚠️ 0 project is not fuzzed CI-Tests 🟢 10 25 out of 25 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 35 contributing companies or organizations Vulnerabilities 🟢 3 7 existing vulnerabilities detected
npm/@mui/utils	7.1.0	🟢 7.7	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 6 Found 11/16 approved changesets -- score normalized to 6 Packaging ⚠️ -1 packaging workflow not detected Dependency-Update-Tool 🟢 10 update tool detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected CII-Best-Practices 🟢 5 badge detected: Passing Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 9 dependency not pinned by hash detected -- score normalized to 9 License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found SAST 🟢 7 SAST tool detected but not run on all commits Branch-Protection 🟢 4 branch protection is not maximal on development and all release branches Fuzzing ⚠️ 0 project is not fuzzed CI-Tests 🟢 10 25 out of 25 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 35 contributing companies or organizations Vulnerabilities 🟢 3 7 existing vulnerabilities detected
npm/@mui/x-date-pickers	8.2.0	🟢 8.2	Details Check Score Reason Dependency-Update-Tool 🟢 10 update tool detected Maintained 🟢 10 30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Code-Review 🟢 7 Found 18/25 approved changesets -- score normalized to 7 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 10 all dependencies are pinned Signed-Releases ⚠️ -1 no releases found CII-Best-Practices 🟢 5 badge detected: Passing Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 7 SAST tool detected but not run on all commits License ⚠️ 0 license file not detected Branch-Protection 🟢 4 branch protection is not maximal on development and all release branches CI-Tests 🟢 10 28 out of 28 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 15 contributing companies or organizations Vulnerabilities 🟢 10 0 existing vulnerabilities detected
npm/@mui/x-internals	8.2.0	🟢 8.2	Details Check Score Reason Dependency-Update-Tool 🟢 10 update tool detected Maintained 🟢 10 30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Code-Review 🟢 7 Found 18/25 approved changesets -- score normalized to 7 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 10 all dependencies are pinned Signed-Releases ⚠️ -1 no releases found CII-Best-Practices 🟢 5 badge detected: Passing Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 7 SAST tool detected but not run on all commits License ⚠️ 0 license file not detected Branch-Protection 🟢 4 branch protection is not maximal on development and all release branches CI-Tests 🟢 10 28 out of 28 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 15 contributing companies or organizations Vulnerabilities 🟢 10 0 existing vulnerabilities detected
npm/@types/react-transition-group	4.4.12	🟢 7.1	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Packaging ⚠️ -1 packaging workflow not detected Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 9 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 10 security policy file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing ⚠️ 0 project is not fuzzed
npm/react-is	19.1.0	🟢 6.3	Details Check Score Reason Code-Review 🟢 8 Found 24/30 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10 License 🟢 10 license file detected CII-Best-Practices ⚠️ 2 badge detected: InProgress Security-Policy 🟢 10 security policy file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts 🟢 9 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 210 existing vulnerabilities detected

Scanned Files

• frontend/package.json
• frontend/yarn.lock