chore(deps-dev): bump eslint-config-love from 119.0.0 to 133.0.0 by dependabot[bot] · Pull Request #154 · rsksmart/flyover-sdk

dependabot · 2025-10-09T08:18:32Z

Bumps eslint-config-love from 119.0.0 to 133.0.0.

Release notes

Sourced from eslint-config-love's releases.

v133.0.0

133.0.0 (2025-10-09)

⚠ BREAKING CHANGES

strict

Features

strict (946f09f)

v132.0.0

132.0.0 (2025-10-09)

⚠ BREAKING CHANGES

radix

Features

radix (d586d7d)

v131.0.0

131.0.0 (2025-10-09)

⚠ BREAKING CHANGES

no-promise-executor-return

Features

no-promise-executor-return (28b4565)

v130.0.0

130.0.0 (2025-09-25)

⚠ BREAKING CHANGES

no-plusplus

Features

no-plusplus (69a9d17)

v129.0.0

129.0.0 (2025-09-25)

⚠ BREAKING CHANGES

no-param-reassign

... (truncated)

Changelog

Sourced from eslint-config-love's changelog.

133.0.0 (2025-10-09)

⚠ BREAKING CHANGES

strict

Features

strict (946f09f)

132.0.0 (2025-10-09)

⚠ BREAKING CHANGES

radix

Features

radix (d586d7d)

131.0.0 (2025-10-09)

⚠ BREAKING CHANGES

no-promise-executor-return

Features

no-promise-executor-return (28b4565)

130.0.0 (2025-09-25)

⚠ BREAKING CHANGES

no-plusplus

Features

no-plusplus (69a9d17)

129.0.0 (2025-09-25)

⚠ BREAKING CHANGES

no-param-reassign

Features

no-param-reassign (ed78d8b)

... (truncated)

Commits

e20d1b5 chore(release): 133.0.0 [skip ci]
946f09f feat!: strict
7ab9828 chore(release): 132.0.0 [skip ci]
d586d7d feat!: radix
2467437 chore: intentionally no no-undef
d40565d chore: intentionally no no-restricted-syntax
92140e0 chore: intentionally no no-setter-return
c7da4e3 chore(release): 131.0.0 [skip ci]
28b4565 feat!: no-promise-executor-return
354b20e Merge pull request #2215 from mightyiam/no-restricted-
Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

github-actions · 2025-10-09T08:18:48Z

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Scorecard details

Package

Version

Score

Details

npm/@eslint-community/eslint-utils

4.9.0

Unknown

npm/@eslint/config-helpers

0.4.0

Unknown

npm/@eslint/core

0.16.0

Unknown

npm/@eslint/js

9.37.0

🟢 6.8

Details

Check	Score	Reason
Maintained	🟢 10	30 commit(s) and 26 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Code-Review	🟢 7	Found 21/27 approved changesets -- score normalized to 7
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
License	🟢 10	license file detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Signed-Releases	⚠️ -1	no releases found
Security-Policy	🟢 10	security policy file detected
Branch-Protection	🟢 5	branch protection is not maximal on development and all release branches
Fuzzing	⚠️ 0	project is not fuzzed
SAST	🟢 10	SAST tool is run on all commits

npm/@eslint/plugin-kit

0.4.0

Unknown

npm/@typescript-eslint/eslint-plugin

8.46.1

🟢 5.2

Details

Check	Score	Reason
Code-Review	🟢 7	Found 23/29 approved changesets -- score normalized to 7
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
Maintained	🟢 10	30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Security-Policy	🟢 10	security policy file detected
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases	⚠️ -1	no releases found
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Binary-Artifacts	🟢 10	no binaries found in the repo
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	⚠️ 0	35 existing vulnerabilities detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/@typescript-eslint/parser

8.46.1

🟢 5.2

Details

Check	Score	Reason
Code-Review	🟢 7	Found 23/29 approved changesets -- score normalized to 7
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
Maintained	🟢 10	30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Security-Policy	🟢 10	security policy file detected
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases	⚠️ -1	no releases found
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Binary-Artifacts	🟢 10	no binaries found in the repo
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	⚠️ 0	35 existing vulnerabilities detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/@typescript-eslint/project-service

8.46.1

🟢 5.2

Details

Check	Score	Reason
Code-Review	🟢 7	Found 23/29 approved changesets -- score normalized to 7
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
Maintained	🟢 10	30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Security-Policy	🟢 10	security policy file detected
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases	⚠️ -1	no releases found
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Binary-Artifacts	🟢 10	no binaries found in the repo
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	⚠️ 0	35 existing vulnerabilities detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/@typescript-eslint/scope-manager

8.46.1

🟢 5.2

Details

Check	Score	Reason
Code-Review	🟢 7	Found 23/29 approved changesets -- score normalized to 7
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
Maintained	🟢 10	30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Security-Policy	🟢 10	security policy file detected
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases	⚠️ -1	no releases found
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Binary-Artifacts	🟢 10	no binaries found in the repo
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	⚠️ 0	35 existing vulnerabilities detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/@typescript-eslint/tsconfig-utils

8.46.1

🟢 5.2

Details

Check	Score	Reason
Code-Review	🟢 7	Found 23/29 approved changesets -- score normalized to 7
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
Maintained	🟢 10	30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Security-Policy	🟢 10	security policy file detected
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases	⚠️ -1	no releases found
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Binary-Artifacts	🟢 10	no binaries found in the repo
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	⚠️ 0	35 existing vulnerabilities detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/@typescript-eslint/type-utils

8.46.1

🟢 5.2

Details

Check	Score	Reason
Code-Review	🟢 7	Found 23/29 approved changesets -- score normalized to 7
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
Maintained	🟢 10	30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Security-Policy	🟢 10	security policy file detected
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases	⚠️ -1	no releases found
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Binary-Artifacts	🟢 10	no binaries found in the repo
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	⚠️ 0	35 existing vulnerabilities detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/@typescript-eslint/types

8.46.1

🟢 5.2

Details

Check	Score	Reason
Code-Review	🟢 7	Found 23/29 approved changesets -- score normalized to 7
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
Maintained	🟢 10	30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Security-Policy	🟢 10	security policy file detected
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases	⚠️ -1	no releases found
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Binary-Artifacts	🟢 10	no binaries found in the repo
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	⚠️ 0	35 existing vulnerabilities detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/@typescript-eslint/typescript-estree

8.46.1

🟢 5.2

Details

Check	Score	Reason
Code-Review	🟢 7	Found 23/29 approved changesets -- score normalized to 7
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
Maintained	🟢 10	30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Security-Policy	🟢 10	security policy file detected
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases	⚠️ -1	no releases found
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Binary-Artifacts	🟢 10	no binaries found in the repo
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	⚠️ 0	35 existing vulnerabilities detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/@typescript-eslint/utils

8.46.1

🟢 5.2

Details

Check	Score	Reason
Code-Review	🟢 7	Found 23/29 approved changesets -- score normalized to 7
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
Maintained	🟢 10	30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Security-Policy	🟢 10	security policy file detected
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases	⚠️ -1	no releases found
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Binary-Artifacts	🟢 10	no binaries found in the repo
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	⚠️ 0	35 existing vulnerabilities detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/@typescript-eslint/visitor-keys

8.46.1

🟢 5.2

Details

Check	Score	Reason
Code-Review	🟢 7	Found 23/29 approved changesets -- score normalized to 7
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
Maintained	🟢 10	30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Security-Policy	🟢 10	security policy file detected
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases	⚠️ -1	no releases found
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Binary-Artifacts	🟢 10	no binaries found in the repo
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	⚠️ 0	35 existing vulnerabilities detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/array-includes

3.1.9

🟢 4.4

Details

Check	Score	Reason
Packaging	⚠️ -1	packaging workflow not detected
Code-Review	⚠️ 0	Found 0/30 approved changesets -- score normalized to 0
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Maintained	⚠️ 0	0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
SAST	⚠️ 0	no SAST tool detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
Fuzzing	⚠️ 0	project is not fuzzed
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Security-Policy	🟢 9	security policy file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md

npm/array.prototype.findlastindex

1.2.6

🟢 4.4

Details

Check	Score	Reason
Code-Review	⚠️ 0	Found 0/30 approved changesets -- score normalized to 0
Maintained	⚠️ 0	0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Binary-Artifacts	🟢 10	no binaries found in the repo
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Packaging	⚠️ -1	packaging workflow not detected
SAST	⚠️ 0	no SAST tool detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
Fuzzing	⚠️ 0	project is not fuzzed
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Security-Policy	🟢 9	security policy file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md

npm/async-function

1.0.0

Unknown

npm/call-bind-apply-helpers

1.0.2

Unknown

npm/call-bound

1.0.4

Unknown

npm/es-abstract

1.24.0

🟢 5

Details

Check	Score	Reason
Code-Review	⚠️ 0	Found 1/23 approved changesets -- score normalized to 0
Maintained	⚠️ 0	0 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 0
Packaging	⚠️ -1	packaging workflow not detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
License	🟢 10	license file detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Binary-Artifacts	🟢 10	no binaries found in the repo
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Security-Policy	🟢 10	security policy file detected
Fuzzing	⚠️ 0	project is not fuzzed
SAST	🟢 7	SAST tool detected but not run on all commits

npm/es-shim-unscopables

1.1.0

🟢 4.5

Details

Check	Score	Reason
Code-Review	⚠️ 0	Found 0/22 approved changesets -- score normalized to 0
Binary-Artifacts	🟢 10	no binaries found in the repo
Maintained	⚠️ 0	0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
SAST	⚠️ 0	no SAST tool detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Fuzzing	⚠️ 0	project is not fuzzed
License	🟢 10	license file detected
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
Signed-Releases	⚠️ -1	no releases found
Security-Policy	🟢 10	security policy file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md

npm/eslint

9.37.0

🟢 6.8

Details

Check	Score	Reason
Maintained	🟢 10	30 commit(s) and 26 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Code-Review	🟢 7	Found 21/27 approved changesets -- score normalized to 7
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
License	🟢 10	license file detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Signed-Releases	⚠️ -1	no releases found
Security-Policy	🟢 10	security policy file detected
Branch-Protection	🟢 5	branch protection is not maximal on development and all release branches
Fuzzing	⚠️ 0	project is not fuzzed
SAST	🟢 10	SAST tool is run on all commits

npm/eslint-config-love

133.0.0

Unknown

npm/eslint-module-utils

2.12.1

🟢 6.1

Details

Check	Score	Reason
Packaging	⚠️ -1	packaging workflow not detected
Maintained	🟢 10	0 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10
Code-Review	🟢 6	Found 19/30 approved changesets -- score normalized to 6
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Security-Policy	🟢 10	security policy file detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
License	🟢 10	license file detected
Fuzzing	⚠️ 0	project is not fuzzed
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/eslint-plugin-import

2.32.0

🟢 6.1

Details

Check	Score	Reason
Packaging	⚠️ -1	packaging workflow not detected
Maintained	🟢 10	0 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10
Code-Review	🟢 6	Found 19/30 approved changesets -- score normalized to 6
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Security-Policy	🟢 10	security policy file detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
License	🟢 10	license file detected
Fuzzing	⚠️ 0	project is not fuzzed
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/for-each

0.3.5

🟢 4

Details

Check	Score	Reason
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Code-Review	⚠️ 0	Found 0/30 approved changesets -- score normalized to 0
Security-Policy	🟢 9	security policy file detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Maintained	⚠️ 0	0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Packaging	⚠️ -1	packaging workflow not detected
SAST	⚠️ 0	no SAST tool detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
Fuzzing	⚠️ 0	project is not fuzzed
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches

npm/generator-function

2.0.1

🟢 3.9

Details

Check	Score	Reason
Maintained	🟢 5	6 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5
Code-Review	⚠️ 0	Found 0/8 approved changesets -- score normalized to 0
Packaging	⚠️ -1	packaging workflow not detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
SAST	⚠️ 0	no SAST tool detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	⚠️ 0	security policy file not detected
Fuzzing	⚠️ 0	project is not fuzzed
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches

npm/get-intrinsic

1.3.0

🟢 5

Details

Check	Score	Reason
Maintained	🟢 5	3 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 5
Code-Review	⚠️ 0	Found 0/30 approved changesets -- score normalized to 0
Binary-Artifacts	🟢 10	no binaries found in the repo
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
SAST	⚠️ 0	no SAST tool detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
Fuzzing	⚠️ 0	project is not fuzzed
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Security-Policy	🟢 10	security policy file detected

npm/ignore

7.0.5

🟢 3.5

Details

Check	Score	Reason
Packaging	⚠️ -1	packaging workflow not detected
Maintained	⚠️ 1	0 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 1
Code-Review	⚠️ 0	Found 1/15 approved changesets -- score normalized to 0
Binary-Artifacts	🟢 10	no binaries found in the repo
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	⚠️ 0	security policy file not detected
Fuzzing	⚠️ 0	project is not fuzzed
License	🟢 9	license file detected
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
Signed-Releases	⚠️ -1	no releases found
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/is-async-function

2.1.1

🟢 4.4

Details

Check	Score	Reason
Packaging	⚠️ -1	packaging workflow not detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Maintained	⚠️ 0	0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Code-Review	⚠️ 0	Found 0/24 approved changesets -- score normalized to 0
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
SAST	⚠️ 0	no SAST tool detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Security-Policy	🟢 9	security policy file detected

npm/is-boolean-object

1.2.2

🟢 4.4

Details

Check	Score	Reason
Packaging	⚠️ -1	packaging workflow not detected
Code-Review	⚠️ 0	Found 0/30 approved changesets -- score normalized to 0
Maintained	⚠️ 0	0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Binary-Artifacts	🟢 10	no binaries found in the repo
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
SAST	⚠️ 0	no SAST tool detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
License	🟢 10	license file detected
Fuzzing	⚠️ 0	project is not fuzzed
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Security-Policy	🟢 9	security policy file detected

npm/is-generator-function

1.1.2

🟢 5.1

Details

Check	Score	Reason
Maintained	🟢 7	6 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 7
Code-Review	⚠️ 0	Found 0/30 approved changesets -- score normalized to 0
Binary-Artifacts	🟢 10	no binaries found in the repo
Packaging	⚠️ -1	packaging workflow not detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
SAST	⚠️ 0	no SAST tool detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
Fuzzing	⚠️ 0	project is not fuzzed
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Security-Policy	🟢 9	security policy file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md

npm/is-negative-zero

2.0.3

🟢 4.4

Details

Check	Score	Reason
Maintained	⚠️ 0	0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Binary-Artifacts	🟢 10	no binaries found in the repo
Code-Review	⚠️ 0	Found 0/30 approved changesets -- score normalized to 0
Packaging	⚠️ -1	packaging workflow not detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
SAST	⚠️ 0	no SAST tool detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
Fuzzing	⚠️ 0	project is not fuzzed
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Security-Policy	🟢 9	security policy file detected

npm/is-weakref

1.1.1

🟢 4.4

Details

Check	Score	Reason
Packaging	⚠️ -1	packaging workflow not detected
Code-Review	⚠️ 0	Found 0/30 approved changesets -- score normalized to 0
Binary-Artifacts	🟢 10	no binaries found in the repo
Maintained	⚠️ 0	0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
SAST	⚠️ 0	no SAST tool detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
Fuzzing	⚠️ 0	project is not fuzzed
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Security-Policy	🟢 9	security policy file detected

npm/object-inspect

1.13.4

🟢 4.4

Details

Check	Score	Reason
Code-Review	⚠️ 0	Found 1/30 approved changesets -- score normalized to 0
Packaging	⚠️ -1	packaging workflow not detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Maintained	⚠️ 0	1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 10	license file detected
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Security-Policy	🟢 9	security policy file detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/possible-typed-array-names

1.1.0

Unknown

npm/stop-iteration-iterator

1.1.0

🟢 4.5

Details

Check	Score	Reason
Maintained	⚠️ 0	0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Packaging	⚠️ -1	packaging workflow not detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Code-Review	⚠️ 0	Found 0/17 approved changesets -- score normalized to 0
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
SAST	⚠️ 0	no SAST tool detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
Fuzzing	⚠️ 0	project is not fuzzed
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Security-Policy	🟢 10	security policy file detected

npm/typescript-eslint

8.46.1

🟢 5.2

Details

Check	Score	Reason
Code-Review	🟢 7	Found 23/29 approved changesets -- score normalized to 7
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
Maintained	🟢 10	30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Security-Policy	🟢 10	security policy file detected
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases	⚠️ -1	no releases found
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Binary-Artifacts	🟢 10	no binaries found in the repo
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	⚠️ 0	35 existing vulnerabilities detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/which-typed-array

1.1.19

🟢 4.4

Details

Check	Score	Reason
Code-Review	⚠️ 0	Found 0/30 approved changesets -- score normalized to 0
Packaging	⚠️ -1	packaging workflow not detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Binary-Artifacts	🟢 10	no binaries found in the repo
Maintained	⚠️ 0	0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
SAST	⚠️ 0	no SAST tool detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
Fuzzing	⚠️ 0	project is not fuzzed
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Security-Policy	🟢 9	security policy file detected

npm/eslint-config-love

^133.0.0

Unknown

Scanned Files

package-lock.json
package.json

Bumps [eslint-config-love](https://github.com/mightyiam/eslint-config-love) from 119.0.0 to 133.0.0. - [Release notes](https://github.com/mightyiam/eslint-config-love/releases) - [Changelog](https://github.com/mightyiam/eslint-config-love/blob/main/CHANGELOG.md) - [Commits](mightyiam/eslint-config-love@v119.0.0...v133.0.0) --- updated-dependencies: - dependency-name: eslint-config-love dependency-version: 133.0.0 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Oct 9, 2025

dependabot bot requested a review from a team as a code owner October 9, 2025 08:18

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Oct 9, 2025

dependabot bot mentioned this pull request Oct 9, 2025

chore(deps-dev): bump eslint-config-love from 119.0.0 to 130.0.0 #145

Closed

dependabot bot force-pushed the dependabot/npm_and_yarn/eslint-config-love-133.0.0 branch from 096bf92 to 5360a06 Compare October 15, 2025 15:00

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps-dev): bump eslint-config-love from 119.0.0 to 133.0.0#154

chore(deps-dev): bump eslint-config-love from 119.0.0 to 133.0.0#154
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/eslint-config-love-133.0.0

dependabot bot commented on behalf of github Oct 9, 2025 •

edited

Loading

Uh oh!

github-actions bot commented Oct 9, 2025 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot bot commented on behalf of github Oct 9, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v133.0.0

133.0.0 (2025-10-09)

⚠ BREAKING CHANGES

Features

v132.0.0

132.0.0 (2025-10-09)

⚠ BREAKING CHANGES

Features

v131.0.0

131.0.0 (2025-10-09)

⚠ BREAKING CHANGES

Features

v130.0.0

130.0.0 (2025-09-25)

⚠ BREAKING CHANGES

Features

v129.0.0

129.0.0 (2025-09-25)

⚠ BREAKING CHANGES

133.0.0 (2025-10-09)

⚠ BREAKING CHANGES

Features

132.0.0 (2025-10-09)

⚠ BREAKING CHANGES

Features

131.0.0 (2025-10-09)

⚠ BREAKING CHANGES

Features

130.0.0 (2025-09-25)

⚠ BREAKING CHANGES

Features

129.0.0 (2025-09-25)

⚠ BREAKING CHANGES

Features

Uh oh!

github-actions bot commented Oct 9, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Dependency Review

OpenSSF Scorecard

Scanned Files

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

dependabot bot commented on behalf of github Oct 9, 2025 •

edited

Loading

github-actions bot commented Oct 9, 2025 •

edited

Loading