build(deps-dev): bump eslint-config-next from 15.1.3 to 16.1.6 by dependabot[bot] · Pull Request #216 · rsksmart/rbtc-faucet

dependabot · 2026-01-30T01:42:46Z

Bumps eslint-config-next from 15.1.3 to 16.1.6.

Release notes

Sourced from eslint-config-next's releases.

v16.1.6

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

Upgrade to swc 54 (#88207)

implement LRU cache with invocation ID scoping for minimal mode response cache (#88509)

tweak LRU sentinel key (#89123)

Credits

Huge thanks to @mischnic, @wyattjoh, and @ztanner for helping!

v16.1.5

Please refer the following changelogs for more information about this security release:

https://vercel.com/changelog/summaries-of-cve-2025-59471-and-cve-2025-59472 https://vercel.com/changelog/summary-of-cve-2026-23864

v16.1.4

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

Only filter next config if experimental flag is enabled (#88733)

Credits

Huge thanks to @mischnic for helping!

v16.1.3

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

Fix linked list bug in LRU deleteFromLru (#88652)

Fix relative same host redirects in node middleware (#88253)

Credits

Huge thanks to @acdlite and @ijjk for helping!

v16.1.2

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

... (truncated)

Commits

adf8c61 v16.1.6
acba4a6 v16.1.5
60de6c2 v16.1.4
f01cf07 v16.1.3
cb436b3 v16.1.2
3aa5398 v16.1.1
3491676 v16.1.0
58e8f8c v16.1.0-canary.34
3284587 v16.1.0-canary.33
04290ab v16.1.0-canary.32
Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

Bumps [eslint-config-next](https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next) from 15.1.3 to 16.1.6. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/commits/v16.1.6/packages/eslint-config-next) --- updated-dependencies: - dependency-name: eslint-config-next dependency-version: 16.1.6 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>

github-actions · 2026-01-30T01:43:03Z

Dependency Review

The following issues were found:

✅ 0 vulnerable package(s)
✅ 0 package(s) with incompatible licenses
✅ 0 package(s) with invalid SPDX license definitions
✅ 0 package(s) with unknown licenses.
⚠️ 2 packages with OpenSSF Scorecard issues.

See the Details below.

OpenSSF Scorecard

Scorecard details

Package

Version

Score

Details

npm/@babel/code-frame

7.28.6

🟢 6.2

Details

Check	Score	Reason
Code-Review	🟢 7	Found 23/30 approved changesets -- score normalized to 7
Maintained	🟢 10	30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Security-Policy	🟢 10	security policy file detected
CII-Best-Practices	⚠️ 2	badge detected: InProgress
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	🟢 9	detected GitHub workflow tokens with excessive permissions
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases	⚠️ -1	no releases found
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	⚠️ 0	38 existing vulnerabilities detected

npm/@babel/compat-data

7.28.6

🟢 6.2

Details

Check	Score	Reason
Code-Review	🟢 7	Found 23/30 approved changesets -- score normalized to 7
Maintained	🟢 10	30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Security-Policy	🟢 10	security policy file detected
CII-Best-Practices	⚠️ 2	badge detected: InProgress
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	🟢 9	detected GitHub workflow tokens with excessive permissions
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases	⚠️ -1	no releases found
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	⚠️ 0	38 existing vulnerabilities detected

npm/@babel/core

7.28.6

🟢 6.2

Details

Check	Score	Reason
Code-Review	🟢 7	Found 23/30 approved changesets -- score normalized to 7
Maintained	🟢 10	30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Security-Policy	🟢 10	security policy file detected
CII-Best-Practices	⚠️ 2	badge detected: InProgress
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	🟢 9	detected GitHub workflow tokens with excessive permissions
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases	⚠️ -1	no releases found
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	⚠️ 0	38 existing vulnerabilities detected

npm/@babel/generator

7.28.6

🟢 6.2

Details

Check	Score	Reason
Code-Review	🟢 7	Found 23/30 approved changesets -- score normalized to 7
Maintained	🟢 10	30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Security-Policy	🟢 10	security policy file detected
CII-Best-Practices	⚠️ 2	badge detected: InProgress
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	🟢 9	detected GitHub workflow tokens with excessive permissions
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases	⚠️ -1	no releases found
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	⚠️ 0	38 existing vulnerabilities detected

npm/@babel/helper-compilation-targets

7.28.6

🟢 6.2

Details

Check	Score	Reason
Code-Review	🟢 7	Found 23/30 approved changesets -- score normalized to 7
Maintained	🟢 10	30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Security-Policy	🟢 10	security policy file detected
CII-Best-Practices	⚠️ 2	badge detected: InProgress
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	🟢 9	detected GitHub workflow tokens with excessive permissions
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases	⚠️ -1	no releases found
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	⚠️ 0	38 existing vulnerabilities detected

npm/@babel/helper-globals

7.28.0

🟢 6.2

Details

Check	Score	Reason
Code-Review	🟢 7	Found 23/30 approved changesets -- score normalized to 7
Maintained	🟢 10	30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Security-Policy	🟢 10	security policy file detected
CII-Best-Practices	⚠️ 2	badge detected: InProgress
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	🟢 9	detected GitHub workflow tokens with excessive permissions
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases	⚠️ -1	no releases found
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	⚠️ 0	38 existing vulnerabilities detected

npm/@babel/helper-module-imports

7.28.6

🟢 6.2

Details

Check	Score	Reason
Code-Review	🟢 7	Found 23/30 approved changesets -- score normalized to 7
Maintained	🟢 10	30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Security-Policy	🟢 10	security policy file detected
CII-Best-Practices	⚠️ 2	badge detected: InProgress
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	🟢 9	detected GitHub workflow tokens with excessive permissions
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases	⚠️ -1	no releases found
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	⚠️ 0	38 existing vulnerabilities detected

npm/@babel/helper-module-transforms

7.28.6

🟢 6.2

Details

Check	Score	Reason
Code-Review	🟢 7	Found 23/30 approved changesets -- score normalized to 7
Maintained	🟢 10	30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Security-Policy	🟢 10	security policy file detected
CII-Best-Practices	⚠️ 2	badge detected: InProgress
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	🟢 9	detected GitHub workflow tokens with excessive permissions
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases	⚠️ -1	no releases found
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	⚠️ 0	38 existing vulnerabilities detected

npm/@babel/helper-string-parser

7.27.1

🟢 6.2

Details

Check	Score	Reason
Code-Review	🟢 7	Found 23/30 approved changesets -- score normalized to 7
Maintained	🟢 10	30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Security-Policy	🟢 10	security policy file detected
CII-Best-Practices	⚠️ 2	badge detected: InProgress
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	🟢 9	detected GitHub workflow tokens with excessive permissions
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases	⚠️ -1	no releases found
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	⚠️ 0	38 existing vulnerabilities detected

npm/@babel/helper-validator-identifier

7.28.5

🟢 6.2

Details

Check	Score	Reason
Code-Review	🟢 7	Found 23/30 approved changesets -- score normalized to 7
Maintained	🟢 10	30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Security-Policy	🟢 10	security policy file detected
CII-Best-Practices	⚠️ 2	badge detected: InProgress
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	🟢 9	detected GitHub workflow tokens with excessive permissions
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases	⚠️ -1	no releases found
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	⚠️ 0	38 existing vulnerabilities detected

npm/@babel/helper-validator-option

7.27.1

🟢 6.2

Details

Check	Score	Reason
Code-Review	🟢 7	Found 23/30 approved changesets -- score normalized to 7
Maintained	🟢 10	30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Security-Policy	🟢 10	security policy file detected
CII-Best-Practices	⚠️ 2	badge detected: InProgress
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	🟢 9	detected GitHub workflow tokens with excessive permissions
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases	⚠️ -1	no releases found
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	⚠️ 0	38 existing vulnerabilities detected

npm/@babel/helpers

7.28.6

🟢 6.2

Details

Check	Score	Reason
Code-Review	🟢 7	Found 23/30 approved changesets -- score normalized to 7
Maintained	🟢 10	30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Security-Policy	🟢 10	security policy file detected
CII-Best-Practices	⚠️ 2	badge detected: InProgress
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	🟢 9	detected GitHub workflow tokens with excessive permissions
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases	⚠️ -1	no releases found
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	⚠️ 0	38 existing vulnerabilities detected

npm/@babel/parser

7.28.6

🟢 6.2

Details

Check	Score	Reason
Code-Review	🟢 7	Found 23/30 approved changesets -- score normalized to 7
Maintained	🟢 10	30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Security-Policy	🟢 10	security policy file detected
CII-Best-Practices	⚠️ 2	badge detected: InProgress
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	🟢 9	detected GitHub workflow tokens with excessive permissions
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases	⚠️ -1	no releases found
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	⚠️ 0	38 existing vulnerabilities detected

npm/@babel/template

7.28.6

🟢 6.2

Details

Check	Score	Reason
Code-Review	🟢 7	Found 23/30 approved changesets -- score normalized to 7
Maintained	🟢 10	30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Security-Policy	🟢 10	security policy file detected
CII-Best-Practices	⚠️ 2	badge detected: InProgress
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	🟢 9	detected GitHub workflow tokens with excessive permissions
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases	⚠️ -1	no releases found
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	⚠️ 0	38 existing vulnerabilities detected

npm/@babel/traverse

7.28.6

🟢 6.2

Details

Check	Score	Reason
Code-Review	🟢 7	Found 23/30 approved changesets -- score normalized to 7
Maintained	🟢 10	30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Security-Policy	🟢 10	security policy file detected
CII-Best-Practices	⚠️ 2	badge detected: InProgress
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	🟢 9	detected GitHub workflow tokens with excessive permissions
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases	⚠️ -1	no releases found
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	⚠️ 0	38 existing vulnerabilities detected

npm/@babel/types

7.28.6

🟢 6.2

Details

Check	Score	Reason
Code-Review	🟢 7	Found 23/30 approved changesets -- score normalized to 7
Maintained	🟢 10	30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Security-Policy	🟢 10	security policy file detected
CII-Best-Practices	⚠️ 2	badge detected: InProgress
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	🟢 9	detected GitHub workflow tokens with excessive permissions
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases	⚠️ -1	no releases found
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	⚠️ 0	38 existing vulnerabilities detected

npm/@jridgewell/remapping

2.3.5

Unknown

npm/@next/eslint-plugin-next

16.1.6

🟢 5.3

Details

Check	Score	Reason
Code-Review	🟢 8	Found 24/30 approved changesets -- score normalized to 8
Maintained	🟢 10	30 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Security-Policy	🟢 10	security policy file detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Signed-Releases	⚠️ -1	no releases found
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Packaging	🟢 10	packaging workflow detected
Binary-Artifacts	⚠️ 0	binaries present in source code
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities	⚠️ 0	257 existing vulnerabilities detected
Fuzzing	🟢 10	project is fuzzed
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/browserslist

4.28.1

🟢 5

Details

Check	Score	Reason
Maintained	🟢 10	14 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
Code-Review	⚠️ 1	Found 3/26 approved changesets -- score normalized to 1
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	🟢 10	all dependencies are pinned
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	⚠️ 0	security policy file not detected
License	🟢 10	license file detected
Fuzzing	⚠️ 0	project is not fuzzed
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
Vulnerabilities	🟢 9	1 existing vulnerabilities detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/convert-source-map

2.0.0

🟢 4.4

Details

Check	Score	Reason
Code-Review	🟢 4	Found 12/30 approved changesets -- score normalized to 4
Maintained	⚠️ 0	0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Security-Policy	🟢 10	security policy file detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
License	🟢 10	license file detected
Fuzzing	⚠️ 0	project is not fuzzed
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/electron-to-chromium

1.5.282

Unknown

npm/escalade

3.2.0

🟢 3.5

Details

Check	Score	Reason
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Code-Review	⚠️ 1	Found 3/30 approved changesets -- score normalized to 1
Maintained	⚠️ 0	0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	⚠️ 0	security policy file not detected
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
Fuzzing	⚠️ 0	project is not fuzzed
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/eslint-config-next

16.1.6

🟢 5.3

Details

Check	Score	Reason
Code-Review	🟢 8	Found 24/30 approved changesets -- score normalized to 8
Maintained	🟢 10	30 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Security-Policy	🟢 10	security policy file detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Signed-Releases	⚠️ -1	no releases found
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Packaging	🟢 10	packaging workflow detected
Binary-Artifacts	⚠️ 0	binaries present in source code
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities	⚠️ 0	257 existing vulnerabilities detected
Fuzzing	🟢 10	project is fuzzed
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/eslint-plugin-react-hooks

7.0.1

🟢 5.7

Details

Check	Score	Reason
Code-Review	🟢 7	Found 22/30 approved changesets -- score normalized to 7
Security-Policy	🟢 10	security policy file detected
Maintained	🟢 10	30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
CII-Best-Practices	⚠️ 2	badge detected: InProgress
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Binary-Artifacts	🟢 9	binaries present in source code
Pinned-Dependencies	⚠️ 1	dependency not pinned by hash detected -- score normalized to 1
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
Fuzzing	⚠️ 0	project is not fuzzed
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	⚠️ 0	244 existing vulnerabilities detected

npm/gensync

1.0.0-beta.2

⚠️ 1.9

Details

Check	Score	Reason
Packaging	⚠️ -1	packaging workflow not detected
Dangerous-Workflow	⚠️ -1	no workflows found
Token-Permissions	⚠️ -1	No tokens found
Maintained	⚠️ 0	0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Pinned-Dependencies	⚠️ -1	no dependencies found
Binary-Artifacts	🟢 10	no binaries found in the repo
Code-Review	⚠️ 1	Found 2/14 approved changesets -- score normalized to 1
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	⚠️ 0	security policy file not detected
License	🟢 10	license file detected
Fuzzing	⚠️ 0	project is not fuzzed
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	⚠️ 0	77 existing vulnerabilities detected

npm/globals

16.4.0

🟢 5.6

Details

Check	Score	Reason
Code-Review	🟢 6	Found 18/26 approved changesets -- score normalized to 6
Security-Policy	🟢 10	security policy file detected
Packaging	⚠️ -1	packaging workflow not detected
Maintained	🟢 10	18 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Fuzzing	⚠️ 0	project is not fuzzed
License	🟢 10	license file detected
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/hermes-estree

0.25.1

🟢 5

Details

Check	Score	Reason
Code-Review	🟢 10	all changesets reviewed
Maintained	🟢 10	30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
License	🟢 10	license file detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Signed-Releases	⚠️ 0	Project has not signed or included provenance with any releases.
Security-Policy	🟢 9	security policy file detected
SAST	⚠️ 0	no SAST tool detected
Binary-Artifacts	🟢 9	binaries present in source code
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Fuzzing	🟢 10	project is fuzzed
Vulnerabilities	⚠️ 0	30 existing vulnerabilities detected

npm/hermes-parser

0.25.1

🟢 5

Details

Check	Score	Reason
Code-Review	🟢 10	all changesets reviewed
Maintained	🟢 10	30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
License	🟢 10	license file detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Signed-Releases	⚠️ 0	Project has not signed or included provenance with any releases.
Security-Policy	🟢 9	security policy file detected
SAST	⚠️ 0	no SAST tool detected
Binary-Artifacts	🟢 9	binaries present in source code
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Fuzzing	🟢 10	project is fuzzed
Vulnerabilities	⚠️ 0	30 existing vulnerabilities detected

npm/jsesc

3.1.0

🟢 3.2

Details

Check	Score	Reason
Dangerous-Workflow	⚠️ -1	no workflows found
Token-Permissions	⚠️ -1	No tokens found
Packaging	⚠️ -1	packaging workflow not detected
Code-Review	⚠️ 1	Found 5/30 approved changesets -- score normalized to 1
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ -1	no dependencies found
Maintained	⚠️ 0	0 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 0
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
Security-Policy	⚠️ 0	security policy file not detected
Fuzzing	⚠️ 0	project is not fuzzed
License	🟢 10	license file detected
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
Signed-Releases	⚠️ -1	no releases found
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/json5

2.2.3

🟢 3.2

Details

Check	Score	Reason
Code-Review	⚠️ 2	Found 6/27 approved changesets -- score normalized to 2
Token-Permissions	⚠️ -1	No tokens found
Dangerous-Workflow	⚠️ -1	no workflows found
Packaging	⚠️ -1	packaging workflow not detected
Pinned-Dependencies	⚠️ -1	no dependencies found
Security-Policy	🟢 10	security policy file detected
Maintained	⚠️ 0	0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Binary-Artifacts	🟢 10	no binaries found in the repo
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Fuzzing	⚠️ 0	project is not fuzzed
License	🟢 9	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases	⚠️ -1	no releases found
Vulnerabilities	⚠️ 0	53 existing vulnerabilities detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/lru-cache

5.1.1

🟢 4.1

Details

Check	Score	Reason
Binary-Artifacts	🟢 10	no binaries found in the repo
Code-Review	⚠️ 0	Found 1/29 approved changesets -- score normalized to 0
Maintained	🟢 10	10 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Packaging	⚠️ -1	packaging workflow not detected
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 10	license file detected
Fuzzing	⚠️ 0	project is not fuzzed
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Security-Policy	⚠️ 0	security policy file not detected
Vulnerabilities	🟢 3	7 existing vulnerabilities detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/node-releases

2.0.27

🟢 4.3

Details

Check	Score	Reason
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Code-Review	⚠️ 0	Found 1/26 approved changesets -- score normalized to 0
Binary-Artifacts	🟢 10	no binaries found in the repo
Packaging	⚠️ -1	packaging workflow not detected
Maintained	🟢 8	10 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 8
Pinned-Dependencies	⚠️ 2	dependency not pinned by hash detected -- score normalized to 2
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
Fuzzing	⚠️ 0	project is not fuzzed
Security-Policy	⚠️ 0	security policy file not detected
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/typescript-eslint

8.54.0

🟢 5.3

Details

Check	Score	Reason
Code-Review	🟢 8	Found 16/19 approved changesets -- score normalized to 8
Maintained	🟢 10	30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Security-Policy	🟢 10	security policy file detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases	⚠️ -1	no releases found
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	⚠️ 0	41 existing vulnerabilities detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/update-browserslist-db

1.2.3

🟢 4.2

Details

Check	Score	Reason
Code-Review	⚠️ 1	Found 4/25 approved changesets -- score normalized to 1
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Maintained	🟢 10	19 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies	🟢 10	all dependencies are pinned
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	⚠️ 0	security policy file not detected
Fuzzing	⚠️ 0	project is not fuzzed
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
Vulnerabilities	⚠️ 1	9 existing vulnerabilities detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/yallist

3.1.1

⚠️ 2.5

Details

Check	Score	Reason
Code-Review	⚠️ 0	Found 0/30 approved changesets -- score normalized to 0
Maintained	⚠️ 0	0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Packaging	⚠️ -1	packaging workflow not detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
SAST	⚠️ 0	no SAST tool detected
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Fuzzing	⚠️ 0	project is not fuzzed
License	🟢 9	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
Security-Policy	⚠️ 0	security policy file not detected
Vulnerabilities	⚠️ 0	11 existing vulnerabilities detected

npm/zod-validation-error

4.0.2

Unknown

Scanned Files

package-lock.json

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jan 30, 2026

dependabot Bot mentioned this pull request Jan 30, 2026

build(deps-dev): bump eslint-config-next from 15.1.3 to 16.0.1 #206

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps-dev): bump eslint-config-next from 15.1.3 to 16.1.6#216

build(deps-dev): bump eslint-config-next from 15.1.3 to 16.1.6#216
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/eslint-config-next-16.1.6

dependabot Bot commented on behalf of github Jan 30, 2026 •

edited

Loading

Uh oh!

github-actions Bot commented Jan 30, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Jan 30, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v16.1.6

Core Changes

Credits

v16.1.5

v16.1.4

Core Changes

Credits

v16.1.3

Core Changes

Credits

v16.1.2

Core Changes

Uh oh!

github-actions Bot commented Jan 30, 2026

Dependency Review

OpenSSF Scorecard

Scanned Files

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

dependabot Bot commented on behalf of github Jan 30, 2026 •

edited

Loading