fix(deps): update npm - li-cli - experimental/li-cli/package.json

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@inquirer/prompts (source)	^7.3.3 -> ^7.4.1
@types/node (source)	^22.13.10 -> ^22.14.1
ts-jest (source)	^29.2.6 -> ^29.3.1
tsc-alias (source)	^1.8.11 -> ^1.8.15
typescript (source)	^5.8.2 -> ^5.8.3
yaml (source)	^2.7.0 -> ^2.7.1

---

Release Notes

SBoudrias/Inquirer.js (@​inquirer/prompts)

v7.4.1

Compare Source

• Fix number prompt (typescript): If prompt is required, only number can be returned. (previously was nullable)
• README: Add new sponsor
• Chore: dependency updates

v7.4.0

Compare Source

kulshekhar/ts-jest (ts-jest)

v29.3.1

Compare Source

Bug Fixes

• fix: allow isolatedModules mode to have ts.Program under Node16/Next (25157eb)
• fix: improve message for isolatedModules of ts-jest config (547eb6f)

v29.3.0

Compare Source

Features

• feat: support hybrid module values for isolatedModules: true (f372121)

Bug Fixes

• fix: set customConditions to undefined in TsCompiler (b091d70), closes #​4620

Code Refactoring

• refactor: remove manual version checker (89458fc)
• refactor: remove patching deps based on version checker (bac4c43)
• refactor: deprecate RawCompilerOptions interface (2b1b6cd)
• refactor: deprecate transform option isolatedModules (7dfef71)

justkey007/tsc-alias (tsc-alias)

v1.8.15

Compare Source

v1.8.14: (2025-04-08)

Compare Source

What's Changed

• Does not work properly with tsconfig.json with extends by @​justkey007 in https://github.com/justkey007/tsc-alias/pull/240

Full Changelog: justkey007/tsc-alias@v1.8.13...v1.8.14

v1.8.13: (2025-03-29)

Compare Source

What's Changed

• fix: latest version not compatible with node 20+ by @​justkey007 in https://github.com/justkey007/tsc-alias/pull/239

Full Changelog: justkey007/tsc-alias@v1.8.12...v1.8.13

v1.8.12: (2025-03-29)

Compare Source

What's Changed

• fix: Don't replace .d.ts paths by @​LukeAbby in https://github.com/justkey007/tsc-alias/pull/234
• CI/CD by @​justkey007 in https://github.com/justkey007/tsc-alias/pull/237

New Contributors

• @​LukeAbby made their first contribution in https://github.com/justkey007/tsc-alias/pull/234

Full Changelog: justkey007/tsc-alias@v1.8.11...v1.8.12

microsoft/TypeScript (typescript)

v5.8.3

Compare Source

eemeli/yaml (yaml)

v2.7.1

Compare Source

• Do not allow seq with single-line collection value on same line with map key (#​603)
• Improve warning & avoid TypeError on bad YAML 1.1 nodes (#​610)

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ❌ 2 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 2 package(s) with unknown licenses.

See the Details below.

License Issues

experimental/li-cli/package-lock.json

Package	Version	License	Issue Type
ts-jest	29.3.1	LicenseRef-scancode-free-unknown AND MIT	Incompatible License
type-fest	4.39.1	CC0-1.0 AND MIT	Incompatible License
@types/node	22.14.1	Null	Unknown License

experimental/li-cli/package.json

Package	Version	License	Issue Type
@types/node	^22.14.1	Null	Unknown License

Allowed Licenses: MIT, MIT-0, Apache-2.0, BSD-3-Clause, BSD-3-Clause-Clear, ISC, BSD-2-Clause, Unlicense, CC0-1.0, 0BSD, X11, MPL-2.0, MPL-1.0, MPL-1.1, MPL-2.0, Zlib

Excluded from license check: pkg:npm/caniuse-lite

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
npm/@inquirer/checkbox	4.1.5	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 2 Found 3/14 approved changesets -- score normalized to 2 Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/confirm	5.1.9	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 2 Found 3/14 approved changesets -- score normalized to 2 Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/core	10.1.10	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 2 Found 3/14 approved changesets -- score normalized to 2 Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/editor	4.2.10	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 2 Found 3/14 approved changesets -- score normalized to 2 Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/expand	4.0.12	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 2 Found 3/14 approved changesets -- score normalized to 2 Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/input	4.1.9	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 2 Found 3/14 approved changesets -- score normalized to 2 Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/number	3.0.12	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 2 Found 3/14 approved changesets -- score normalized to 2 Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/password	4.0.12	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 2 Found 3/14 approved changesets -- score normalized to 2 Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/prompts	7.4.1	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 2 Found 3/14 approved changesets -- score normalized to 2 Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/rawlist	4.0.12	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 2 Found 3/14 approved changesets -- score normalized to 2 Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/search	3.0.12	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 2 Found 3/14 approved changesets -- score normalized to 2 Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/select	4.1.1	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 2 Found 3/14 approved changesets -- score normalized to 2 Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/type	3.0.6	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 2 Found 3/14 approved changesets -- score normalized to 2 Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@types/node	22.14.1	🟢 7	Details Check Score Reason Packaging ⚠️ -1 packaging workflow not detected Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 9 Found 29/30 approved changesets -- score normalized to 9 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 9 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 10 security policy file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing ⚠️ 0 project is not fuzzed
npm/get-tsconfig	4.10.0	Unknown	Unknown
npm/resolve-pkg-maps	1.0.0	Unknown	Unknown
npm/ts-jest	29.3.1	🟢 7.7	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review 🟢 10 all changesets reviewed CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy ⚠️ 0 security policy file not detected License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 SAST 🟢 10 SAST tool is run on all commits Vulnerabilities 🟢 6 4 existing vulnerabilities detected
npm/tsc-alias	1.8.15	🟢 5.1	Details Check Score Reason Code-Review 🟢 3 Found 11/30 approved changesets -- score normalized to 3 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 10 13 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Binary-Artifacts 🟢 10 no binaries found in the repo CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected
npm/type-fest	4.39.1	🟢 5.7	Details Check Score Reason Security-Policy 🟢 10 security policy file detected Maintained 🟢 10 30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Code-Review 🟢 7 Found 21/30 approved changesets -- score normalized to 7 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected License 🟢 10 license file detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Signed-Releases ⚠️ -1 no releases found Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/typescript	5.8.3	🟢 8.4	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Code-Review 🟢 10 all changesets reviewed Dependency-Update-Tool 🟢 10 update tool detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege License 🟢 10 license file detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection 🟢 6 branch protection is not maximal on development and all release branches Pinned-Dependencies 🟢 6 dependency not pinned by hash detected -- score normalized to 6 SAST 🟢 9 SAST tool detected but not run on all commits Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing 🟢 10 project is fuzzed CI-Tests 🟢 9 29 out of 30 merged PRs checked by a CI test -- score normalized to 9 Contributors 🟢 10 project has 36 contributing companies or organizations
npm/undici-types	6.21.0	🟢 8.1	Details Check Score Reason Binary-Artifacts 🟢 8 binaries present in source code Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration CI-Tests 🟢 10 29 out of 29 merged PRs checked by a CI test -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 9 Found 20/21 approved changesets -- score normalized to 9 Contributors 🟢 10 project has 83 contributing companies or organizations Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Dependency-Update-Tool 🟢 10 update tool detected Fuzzing 🟢 10 project is fuzzed License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 Packaging 🟢 10 packaging workflow detected Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 SAST 🟢 9 SAST tool detected but not run on all commits Security-Policy 🟢 9 security policy file detected Signed-Releases ⚠️ -1 no releases found Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Vulnerabilities 🟢 10 0 existing vulnerabilities detected
npm/yaml	2.7.1	🟢 6.3	Details Check Score Reason Code-Review ⚠️ 0 Found 1/18 approved changesets -- score normalized to 0 Maintained 🟢 10 12 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Fuzzing 🟢 10 project is fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST 🟢 10 SAST tool is run on all commits Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/prompts	^7.4.1	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 2 Found 3/14 approved changesets -- score normalized to 2 Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@types/node	^22.14.1	🟢 7	Details Check Score Reason Packaging ⚠️ -1 packaging workflow not detected Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 9 Found 29/30 approved changesets -- score normalized to 9 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 9 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 10 security policy file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing ⚠️ 0 project is not fuzzed
npm/ts-jest	^29.3.1	🟢 7.7	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review 🟢 10 all changesets reviewed CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy ⚠️ 0 security policy file not detected License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 SAST 🟢 10 SAST tool is run on all commits Vulnerabilities 🟢 6 4 existing vulnerabilities detected
npm/tsc-alias	^1.8.15	🟢 5.1	Details Check Score Reason Code-Review 🟢 3 Found 11/30 approved changesets -- score normalized to 3 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 10 13 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Binary-Artifacts 🟢 10 no binaries found in the repo CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected
npm/typescript	^5.8.3	🟢 8.4	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Code-Review 🟢 10 all changesets reviewed Dependency-Update-Tool 🟢 10 update tool detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege License 🟢 10 license file detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection 🟢 6 branch protection is not maximal on development and all release branches Pinned-Dependencies 🟢 6 dependency not pinned by hash detected -- score normalized to 6 SAST 🟢 9 SAST tool detected but not run on all commits Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing 🟢 10 project is fuzzed CI-Tests 🟢 9 29 out of 30 merged PRs checked by a CI test -- score normalized to 9 Contributors 🟢 10 project has 36 contributing companies or organizations
npm/yaml	^2.7.1	🟢 6.3	Details Check Score Reason Code-Review ⚠️ 0 Found 1/18 approved changesets -- score normalized to 0 Maintained 🟢 10 12 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Fuzzing 🟢 10 project is fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST 🟢 10 SAST tool is run on all commits Vulnerabilities 🟢 9 1 existing vulnerabilities detected

Scanned Files

• experimental/li-cli/package-lock.json
• experimental/li-cli/package.json

[netlify]

✅ Deploy Preview for endearing-brigadeiros-63f9d0 canceled.

Name	Link
🔨 Latest commit	5c21e71
🔍 Latest deploy log	https://app.netlify.com/sites/endearing-brigadeiros-63f9d0/deploys/67f99917eea56300091e0264

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 49.65%. Comparing base (3718943) to head (5c21e71).

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #959   +/-   ##
=======================================
  Coverage   49.65%   49.65%           
=======================================
  Files          48       48           
  Lines        1718     1718           
  Branches      175      175           
=======================================
  Hits          853      853           
  Misses        841      841           
  Partials       24       24           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.