fix(deps): update npm - li-cli - experimental/li-cli/package.json

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@inquirer/prompts (source)	^7.5.0 -> ^7.5.3
@types/node (source)	^22.15.12 -> ^22.15.32
ts-jest (source)	^29.3.2 -> ^29.4.0
yaml (source)	^2.7.1 -> ^2.8.0
zod (source)	^3.24.4 -> ^3.25.67

---

Release Notes

SBoudrias/Inquirer.js (@​inquirer/prompts)

v7.5.3

Compare Source

• Fix #​1743: pagination logic of the select, checkbox and search prompts was fully rewritten to handle edge cases around rendering multi-line choices and pointer positioning.

v7.5.2

Compare Source

• Chore: dependencies bump

v7.5.1

Compare Source

kulshekhar/ts-jest (ts-jest)

v29.4.0

Compare Source

Features

• feat: support Jest 30 (84e093e)

v29.3.4

Compare Source

Bug Fixes

• fix: fix TsJestTransformerOptions type (3b11e29), closes #​4247
• fix(cli): fix wrong path for preset creator fns (249eb2c)
• fix(config): disable rewriteRelativeImportExtensions always (9b1f472), closes #​4855

v29.3.3

Compare Source

Bug Fixes

• fix(cli): init config with preset creator functions (cdd3039), closes #​4840
• fix(config): disable isolatedDeclarations (5d6b35f), closes #​4847

eemeli/yaml (yaml)

v2.8.0

Compare Source

• Add node cache for faster alias resolution (#​612)
• Re-introduce compatibility with Node.js 14.6 (#​614)
• Add --merge option to CLI tool (#​611)
• Improve error for tag resolution error on null value (#​616)
• Allow empty string as plain scalar representation, for failsafe schema (#​616)
• docs: include cli example (#​617)

colinhacks/zod (zod)

v3.25.67

Compare Source

Commits:

• 7afe790 Make $ZodLiteralDef generic
• 91274c3 3.25.67
• c22944b Fix race condition

v3.25.66

Compare Source

v3.25.65

Compare Source

v3.25.64

Compare Source

Commits:

• b142ea8 Fix $strip
• b6e59c3 Check for existence of Error.captureStackTrace
• 0c686af Remove type from mime issue path
• af88d74 Fix test

v3.25.63

Compare Source

v3.25.62

Compare Source

v3.25.61

Compare Source

v3.25.60

Compare Source

v3.25.59

Compare Source

v3.25.58

Compare Source

v3.25.57

Compare Source

v3.25.56

Compare Source

v3.25.55

Compare Source

v3.25.54

Compare Source

v3.25.53

Compare Source

Commits:

• a6adb14 zod mini internals (#​4631)
• da4f921 3.25.53

v3.25.52

Compare Source

Commits:

• 2954f40 Fix json (#​4630)
• 51dc6f9 3.25.52
• e479ea7 Add test cast for deferred self-recursion

v3.25.51

Compare Source

v3.25.50

Compare Source

v3.25.49

Compare Source

v3.25.48

Compare Source

v3.25.47

Compare Source

v3.25.46

Compare Source

v3.25.45

Compare Source

Commits:

• dc2c0b0 minor grammar typo fix (#​4584)
• 6fd3b39 fix(JSONSchema): add type for enum (#​4577)
• 6be478b Fix ZodType assignability issues
• 69ccb67 3.25.45

v3.25.44

Compare Source

v3.25.43

Compare Source

Commits:

• 508e306 Fix type inference in ZodMiniType check method (#​4568)
• f8fef45 Ecosystem: Add Express Zod API (#​4579)
• 289cba3 Fix type inference in ZodMiniType check method (#​4568)
• 011623a Fix dts files

v3.25.42

Compare Source

v3.25.41

Compare Source

v3.25.40

Compare Source

v3.25.39

Compare Source

v3.25.38

Compare Source

Commits:

• 11477ae Add test
• 1574d2e 3.25.38

v3.25.37

Compare Source

Commits:

• abc13de Add major version section
• d6cc999 Improve inference in z.function implement
• c00ca42 3.25.37

v3.25.36

Compare Source

v3.25.35

Compare Source

Commits:

• 5e31fd0 Update readme
• fe75806 Improve discriminated union implementation (#​4556)
• caee693 Tweak readme
• 02f2389 Fix lint
• 056e3f8 Improve homepage
• 33495d5 Fix isPlainObject
• 3a42469 Remove defaults from JSON Schema for transforming schemas (#​4557)
• edc3477 3.25.35

v3.25.34

Compare Source

v3.25.33

Compare Source

Commits:

• 80cfd3a Improve runtime error for non-schema values in shape
• 741be37 chore: fix comment for packages/docs/content/v4/index.mdx (#​4533)
• 74662e3 chore: Update README to specify TypeScript syntax highlighting for schema example (#​4443)
• 3c5ffd2 Add Khmer locale support to Zod and update documentation (#​4447)
• 8e827b1 docs: Add conform to the ecosystem page (#​4415)
• 7918973 add Swedish locale (#​4451)
• 33d3bb9 Fix issue #​4454: Updating the contribution.md file (#​4455)
• 4d8cb5d Update bronze.tsx (#​4472)
• bc15379 Fix typo in changelog (#​4496)
• 010bbe4 type in error-customization.mdx (#​4514)
• f3b4630 Add inheritance diagram to docs
• b97e218 fix: Add check for requiredKeys before assigning to json.required (#​4525)
• b650a48 nit (#​4520)
• 56ae81b fix v4 docs typo (#​4414)
• efbcd7a feat(locales): add nl (#​4425)
• 1ba8ddc Standardize casing for locales
• 5cb48f7 3.25.33
• 345864f Improve library docs
• 9379c0c Improve stringbool docs
• 0828c93 Fix CI
• d1e0876 Rename
• 494b944 Undo rename
• 4e44e61 Add zh-TW
• 5a6d986 docs: fix typos in "Per-parse error customization" (#​4549)

v3.25.32

Compare Source

v3.25.31

Compare Source

v3.25.30

Compare Source

v3.25.29

Compare Source

v3.25.28

Compare Source

Commits:

• e012bd2 Improve override docs
• 7bd15ed fix: add missing re-exports files and add new entries the published files (#​4500)
• b588d2c Improve z.function typing. Add .def
• 5ac95df 3.25.28
• 7aecb61 Clean up ZodFunction
• ed48cbb bugfix: Small typo in V4 docs (#​4435)
• 5e4ff20 fix: JSON Schema > override section typo (#​4428)

v3.25.27

Compare Source

v3.25.26

Compare Source

v3.25.25

Compare Source

v3.25.24

Compare Source

v3.25.23

Compare Source

v3.25.22

Compare Source

v3.25.21

Compare Source

v3.25.20

Compare Source

Commits:

• 709dfe3 Add global File fallback

v3.25.18

Compare Source

Commits:

• 17ee03e v3.25.18

v3.25.17

Compare Source

v3.25.16

Compare Source

v3.25.15

Compare Source

v3.25.14

Compare Source

v3.25.13

Compare Source

v3.25.12

Compare Source

v3.25.11

Compare Source

v3.25.10

Compare Source

Commits:

• c172c19 Fix module resolution issue

v3.25.9

Compare Source

v3.25.8

Compare Source

v3.25.7

Compare Source

v3.25.6

Compare Source

v3.25.5

Compare Source

v3.25.4

Compare Source

v3.25.3

Compare Source

v3.25.1

Compare Source

v3.25.0

Compare Source

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[netlify]

✅ Deploy Preview for endearing-brigadeiros-63f9d0 canceled.

Name	Link
🔨 Latest commit	6471e11
🔍 Latest deploy log	https://app.netlify.com/projects/endearing-brigadeiros-63f9d0/deploys/6850aa4ce435ff000813c7fe

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 1 package(s) with unknown licenses.

See the Details below.

License Issues

experimental/li-cli/package.json

Package	Version	License	Issue Type
@types/node	^22.15.32	Null	Unknown License

Allowed Licenses: MIT, MIT-0, Apache-2.0, BSD-3-Clause, BSD-3-Clause-Clear, ISC, BSD-2-Clause, Unlicense, CC0-1.0, 0BSD, X11, MPL-2.0, MPL-1.0, MPL-1.1, MPL-2.0, OFL-1.1, Zlib

Excluded from license check: pkg:npm/caniuse-lite

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
npm/@inquirer/checkbox	4.1.8	🟢 6	Details Check Score Reason Code-Review ⚠️ 0 Found 1/11 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/confirm	5.1.12	🟢 6	Details Check Score Reason Code-Review ⚠️ 0 Found 1/11 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/core	10.1.13	🟢 6	Details Check Score Reason Code-Review ⚠️ 0 Found 1/11 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/editor	4.2.13	🟢 6	Details Check Score Reason Code-Review ⚠️ 0 Found 1/11 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/expand	4.0.15	🟢 6	Details Check Score Reason Code-Review ⚠️ 0 Found 1/11 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/figures	1.0.12	🟢 6	Details Check Score Reason Code-Review ⚠️ 0 Found 1/11 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/input	4.1.12	🟢 6	Details Check Score Reason Code-Review ⚠️ 0 Found 1/11 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/number	3.0.15	🟢 6	Details Check Score Reason Code-Review ⚠️ 0 Found 1/11 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/password	4.0.15	🟢 6	Details Check Score Reason Code-Review ⚠️ 0 Found 1/11 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/prompts	7.5.3	🟢 6	Details Check Score Reason Code-Review ⚠️ 0 Found 1/11 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/rawlist	4.1.3	🟢 6	Details Check Score Reason Code-Review ⚠️ 0 Found 1/11 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/search	3.0.15	🟢 6	Details Check Score Reason Code-Review ⚠️ 0 Found 1/11 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/select	4.2.3	🟢 6	Details Check Score Reason Code-Review ⚠️ 0 Found 1/11 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/type	3.0.7	🟢 6	Details Check Score Reason Code-Review ⚠️ 0 Found 1/11 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@types/node	22.15.32	🟢 7	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 9 Found 29/30 approved changesets -- score normalized to 9 Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 9 license file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing ⚠️ 0 project is not fuzzed
npm/semver	7.7.2	🟢 6.6	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 5 6 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 5 Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Packaging ⚠️ -1 packaging workflow not detected License 🟢 10 license file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration SAST 🟢 8 SAST tool detected but not run on all commits
npm/ts-jest	29.4.0	🟢 7.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Packaging ⚠️ -1 packaging workflow not detected Code-Review 🟢 10 all changesets reviewed CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy ⚠️ 0 security policy file not detected License 🟢 10 license file detected Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration SAST 🟢 10 SAST tool is run on all commits Vulnerabilities 🟢 7 3 existing vulnerabilities detected
npm/type-fest	4.41.0	🟢 5.8	Details Check Score Reason Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Code-Review 🟢 8 Found 25/30 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/yaml	2.8.0	🟢 6.7	Details Check Score Reason Security-Policy 🟢 10 security policy file detected Code-Review ⚠️ 1 Found 3/26 approved changesets -- score normalized to 1 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 10 20 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Fuzzing 🟢 10 project is fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection 🟢 3 branch protection is not maximal on development and all release branches SAST 🟢 10 SAST tool is run on all commits Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/zod	3.25.67	🟢 4.6	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 23 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review 🟢 4 Found 12/30 approved changesets -- score normalized to 4 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy ⚠️ 0 security policy file not detected License 🟢 10 license file detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 4 6 existing vulnerabilities detected
npm/@inquirer/prompts	^7.5.3	🟢 6	Details Check Score Reason Code-Review ⚠️ 0 Found 1/11 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@types/node	^22.15.32	🟢 7	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 9 Found 29/30 approved changesets -- score normalized to 9 Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 9 license file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing ⚠️ 0 project is not fuzzed
npm/ts-jest	^29.4.0	🟢 7.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Packaging ⚠️ -1 packaging workflow not detected Code-Review 🟢 10 all changesets reviewed CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy ⚠️ 0 security policy file not detected License 🟢 10 license file detected Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration SAST 🟢 10 SAST tool is run on all commits Vulnerabilities 🟢 7 3 existing vulnerabilities detected
npm/yaml	^2.8.0	🟢 6.7	Details Check Score Reason Security-Policy 🟢 10 security policy file detected Code-Review ⚠️ 1 Found 3/26 approved changesets -- score normalized to 1 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 10 20 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Fuzzing 🟢 10 project is fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection 🟢 3 branch protection is not maximal on development and all release branches SAST 🟢 10 SAST tool is run on all commits Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/zod	^3.25.67	🟢 4.6	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 23 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review 🟢 4 Found 12/30 approved changesets -- score normalized to 4 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy ⚠️ 0 security policy file not detected License 🟢 10 license file detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 4 6 existing vulnerabilities detected

Scanned Files

• experimental/li-cli/package-lock.json
• experimental/li-cli/package.json

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 69.51%. Comparing base (9d96614) to head (6471e11).
Report is 2 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #1016   +/-   ##
=======================================
  Coverage   69.51%   69.51%           
=======================================
  Files          54       54           
  Lines        2227     2227           
  Branches      248      248           
=======================================
  Hits         1548     1548           
  Misses        648      648           
  Partials       31       31           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.