chore(deps): bump @wireapp/react-ui-kit from 9.59.1 to 9.69.4 #9201

dependabot · 2025-10-31T04:04:44Z

Bumps @wireapp/react-ui-kit from 9.59.1 to 9.69.4.

Commits

d639c29 chore: Publish [skip ci]
e52d864 chore: Publish [skip ci]
a9e55eb chore: Publish [skip ci]
8ba0df8 ci: serialize Lerna publishes to avoid npm 429 during OIDC (Trusted Publisher...
8ff7bbc chore: Publish [skip ci]
997a50d fix: Allow tag push [WPB-21110] (#7491)
5fd8a89 chore: Move to npm Trusted Publishers (OIDC) with provenance [WPB-21110] (#7490)
b1f2c02 chore: Publish [skip ci]
913ed92 refactor: Improve visibility of sub conversation actions execution by adding ...
28ddfb8 chore: Publish [skip ci]
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @wireapp/react-ui-kit since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

github-actions · 2025-10-31T04:04:55Z

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package

Version

Score

Details

npm/@wireapp/react-ui-kit

9.69.4

🟢 5.7

Details

Check	Score	Reason
Maintained	🟢 10	30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Code-Review	🟢 4	Found 13/30 approved changesets -- score normalized to 4
Packaging	⚠️ -1	packaging workflow not detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Security-Policy	🟢 9	security policy file detected
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	⚠️ 2	8 existing vulnerabilities detected
SAST	🟢 10	SAST tool is run on all commits

npm/@wireapp/react-ui-kit

9.69.4

🟢 5.7

Details

Check	Score	Reason
Maintained	🟢 10	30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Code-Review	🟢 4	Found 13/30 approved changesets -- score normalized to 4
Packaging	⚠️ -1	packaging workflow not detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Security-Policy	🟢 9	security policy file detected
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Fuzzing	⚠️ 0	project is not fuzzed
Vulnerabilities	⚠️ 2	8 existing vulnerabilities detected
SAST	🟢 10	SAST tool is run on all commits

npm/react-select

5.10.2

🟢 4.7

Details

Check	Score	Reason
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Code-Review	🟢 9	Found 15/16 approved changesets -- score normalized to 9
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Maintained	⚠️ 0	0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Binary-Artifacts	🟢 10	no binaries found in the repo
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Security-Policy	⚠️ 0	security policy file not detected
License	🟢 10	license file detected
Fuzzing	⚠️ 0	project is not fuzzed
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	⚠️ 0	103 existing vulnerabilities detected

Scanned Files

package.json
yarn.lock

github-actions · 2025-10-31T04:05:24Z

🟠 Dependency Security Audit

🟠 3 high severity vulnerabilities found

Severity	Count
🔴 Critical	0
🟠 High	3
🟡 Moderate	4
🟢 Low	4

⚠️ Recommended: High severity vulnerabilities should be addressed.

View full audit report

├─ lodash.pick: �[38;5;37m4.4.0�[39m
│  ├─ ID: �[38;5;220m1106907�[39m
│  ├─ Issue: Prototype Pollution in lodash
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-p6mc-m468-83gw�[39m
│  ├─ Severity: high
│  ├─ Vulnerable Versions: �[38;5;37m>=4.0.0 <=4.4.0�[39m
│  ├─ Patched Versions: �[38;5;37m<0.0.0�[39m
│  ├─ Via: open-graph
│  └─ Recommendation: None
│
├─ lodash.template: �[38;5;37m4.5.0�[39m
│  ├─ ID: �[38;5;220m1106902�[39m
│  ├─ Issue: Command Injection in lodash
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-35jh-r3h4-6jhm�[39m
│  ├─ Severity: high
│  ├─ Vulnerable Versions: �[38;5;37m<=4.5.0�[39m
│  ├─ Patched Versions: �[38;5;37m<0.0.0�[39m
│  ├─ Via: electron-winstaller
│  └─ Recommendation: None
│
├─ nth-check: �[38;5;37m1.0.2�[39m
│  ├─ ID: �[38;5;220m1095141�[39m
│  ├─ Issue: Inefficient Regular Expression Complexity in nth-check
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-rp65-9cf3-cjxr�[39m
│  ├─ Severity: high
│  ├─ Vulnerable Versions: �[38;5;37m<2.0.1�[39m
│  ├─ Patched Versions: �[38;5;37m>=2.0.1�[39m
│  ├─ Via: open-graph
│  └─ Recommendation: Upgrade to version 2.0.1 or later
│
├─ request: �[38;5;37m2.88.2�[39m
│  ├─ ID: �[38;5;220m1096727�[39m
│  ├─ Issue: Server-Side Request Forgery in Request
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-p8p7-x288-28g6�[39m
│  ├─ Severity: moderate
│  ├─ Vulnerable Versions: �[38;5;37m<=2.88.2�[39m
│  ├─ Patched Versions: �[38;5;37m<0.0.0�[39m
│  ├─ Via: open-graph
│  └─ Recommendation: None
│
├─ serialize-javascript: �[38;5;37m6.0.0�[39m
│  ├─ ID: �[38;5;220m1105261�[39m
│  ├─ Issue: Cross-site Scripting (XSS) in serialize-javascript
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-76p7-773f-r4q5�[39m
│  ├─ Severity: moderate
│  ├─ Vulnerable Versions: �[38;5;37m>=6.0.0 <6.0.2�[39m
│  ├─ Patched Versions: �[38;5;37m>=6.0.2�[39m
│  ├─ Via: mocha, webpack, babel-loader
│  └─ Recommendation: Upgrade to version 6.0.2 or later
│
└─ tmp: �[38;5;37m0.1.0�[39m
   ├─ ID: �[38;5;220m1106849�[39m
   ├─ Issue: tmp allows arbitrary temporary file / directory write via symbolic link `dir` parameter
   ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-52f5-9888-hmc6�[39m
   ├─ Severity: low
   ├─ Vulnerable Versions: �[38;5;37m<=0.2.3�[39m
   ├─ Patched Versions: �[38;5;37m>=0.2.4�[39m
   ├─ Via: @wireapp/protocol-messaging, electron-winstaller, electron-builder
   └─ Recommendation: Upgrade to version 0.2.4 or later

github-actions · 2025-11-05T04:09:59Z

🟠 Dependency Security Audit

🟠 3 high severity vulnerabilities found

Severity	Count
🔴 Critical	0
🟠 High	3
🟡 Moderate	4
🟢 Low	4

⚠️ Recommended: High severity vulnerabilities should be addressed.

View full audit report

├─ lodash.pick: �[38;5;37m4.4.0�[39m
│  ├─ ID: �[38;5;220m1106907�[39m
│  ├─ Issue: Prototype Pollution in lodash
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-p6mc-m468-83gw�[39m
│  ├─ Severity: high
│  ├─ Vulnerable Versions: �[38;5;37m>=4.0.0 <=4.4.0�[39m
│  ├─ Patched Versions: �[38;5;37m<0.0.0�[39m
│  ├─ Via: open-graph
│  └─ Recommendation: None
│
├─ lodash.template: �[38;5;37m4.5.0�[39m
│  ├─ ID: �[38;5;220m1106902�[39m
│  ├─ Issue: Command Injection in lodash
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-35jh-r3h4-6jhm�[39m
│  ├─ Severity: high
│  ├─ Vulnerable Versions: �[38;5;37m<=4.5.0�[39m
│  ├─ Patched Versions: �[38;5;37m<0.0.0�[39m
│  ├─ Via: electron-winstaller
│  └─ Recommendation: None
│
├─ nth-check: �[38;5;37m1.0.2�[39m
│  ├─ ID: �[38;5;220m1095141�[39m
│  ├─ Issue: Inefficient Regular Expression Complexity in nth-check
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-rp65-9cf3-cjxr�[39m
│  ├─ Severity: high
│  ├─ Vulnerable Versions: �[38;5;37m<2.0.1�[39m
│  ├─ Patched Versions: �[38;5;37m>=2.0.1�[39m
│  ├─ Via: open-graph
│  └─ Recommendation: Upgrade to version 2.0.1 or later
│
├─ request: �[38;5;37m2.88.2�[39m
│  ├─ ID: �[38;5;220m1096727�[39m
│  ├─ Issue: Server-Side Request Forgery in Request
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-p8p7-x288-28g6�[39m
│  ├─ Severity: moderate
│  ├─ Vulnerable Versions: �[38;5;37m<=2.88.2�[39m
│  ├─ Patched Versions: �[38;5;37m<0.0.0�[39m
│  ├─ Via: open-graph
│  └─ Recommendation: None
│
├─ serialize-javascript: �[38;5;37m6.0.0�[39m
│  ├─ ID: �[38;5;220m1105261�[39m
│  ├─ Issue: Cross-site Scripting (XSS) in serialize-javascript
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-76p7-773f-r4q5�[39m
│  ├─ Severity: moderate
│  ├─ Vulnerable Versions: �[38;5;37m>=6.0.0 <6.0.2�[39m
│  ├─ Patched Versions: �[38;5;37m>=6.0.2�[39m
│  ├─ Via: mocha, webpack, babel-loader
│  └─ Recommendation: Upgrade to version 6.0.2 or later
│
└─ tmp: �[38;5;37m0.1.0�[39m
   ├─ ID: �[38;5;220m1109537�[39m
   ├─ Issue: tmp allows arbitrary temporary file / directory write via symbolic link `dir` parameter
   ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-52f5-9888-hmc6�[39m
   ├─ Severity: low
   ├─ Vulnerable Versions: �[38;5;37m<=0.2.3�[39m
   ├─ Patched Versions: �[38;5;37m>=0.2.4�[39m
   ├─ Via: @wireapp/protocol-messaging, electron-winstaller, electron-builder
   └─ Recommendation: Upgrade to version 0.2.4 or later

github-actions · 2025-11-05T04:12:22Z

🟠 Dependency Security Audit

🟠 3 high severity vulnerabilities found

Severity	Count
🔴 Critical	0
🟠 High	3
🟡 Moderate	4
🟢 Low	4

⚠️ Recommended: High severity vulnerabilities should be addressed.

View full audit report

├─ lodash.pick: �[38;5;37m4.4.0�[39m
│  ├─ ID: �[38;5;220m1106907�[39m
│  ├─ Issue: Prototype Pollution in lodash
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-p6mc-m468-83gw�[39m
│  ├─ Severity: high
│  ├─ Vulnerable Versions: �[38;5;37m>=4.0.0 <=4.4.0�[39m
│  ├─ Patched Versions: �[38;5;37m<0.0.0�[39m
│  ├─ Via: open-graph
│  └─ Recommendation: None
│
├─ lodash.template: �[38;5;37m4.5.0�[39m
│  ├─ ID: �[38;5;220m1106902�[39m
│  ├─ Issue: Command Injection in lodash
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-35jh-r3h4-6jhm�[39m
│  ├─ Severity: high
│  ├─ Vulnerable Versions: �[38;5;37m<=4.5.0�[39m
│  ├─ Patched Versions: �[38;5;37m<0.0.0�[39m
│  ├─ Via: electron-winstaller
│  └─ Recommendation: None
│
├─ nth-check: �[38;5;37m1.0.2�[39m
│  ├─ ID: �[38;5;220m1095141�[39m
│  ├─ Issue: Inefficient Regular Expression Complexity in nth-check
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-rp65-9cf3-cjxr�[39m
│  ├─ Severity: high
│  ├─ Vulnerable Versions: �[38;5;37m<2.0.1�[39m
│  ├─ Patched Versions: �[38;5;37m>=2.0.1�[39m
│  ├─ Via: open-graph
│  └─ Recommendation: Upgrade to version 2.0.1 or later
│
├─ request: �[38;5;37m2.88.2�[39m
│  ├─ ID: �[38;5;220m1096727�[39m
│  ├─ Issue: Server-Side Request Forgery in Request
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-p8p7-x288-28g6�[39m
│  ├─ Severity: moderate
│  ├─ Vulnerable Versions: �[38;5;37m<=2.88.2�[39m
│  ├─ Patched Versions: �[38;5;37m<0.0.0�[39m
│  ├─ Via: open-graph
│  └─ Recommendation: None
│
├─ serialize-javascript: �[38;5;37m6.0.0�[39m
│  ├─ ID: �[38;5;220m1105261�[39m
│  ├─ Issue: Cross-site Scripting (XSS) in serialize-javascript
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-76p7-773f-r4q5�[39m
│  ├─ Severity: moderate
│  ├─ Vulnerable Versions: �[38;5;37m>=6.0.0 <6.0.2�[39m
│  ├─ Patched Versions: �[38;5;37m>=6.0.2�[39m
│  ├─ Via: mocha, webpack, babel-loader
│  └─ Recommendation: Upgrade to version 6.0.2 or later
│
└─ tmp: �[38;5;37m0.1.0�[39m
   ├─ ID: �[38;5;220m1109537�[39m
   ├─ Issue: tmp allows arbitrary temporary file / directory write via symbolic link `dir` parameter
   ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-52f5-9888-hmc6�[39m
   ├─ Severity: low
   ├─ Vulnerable Versions: �[38;5;37m<=0.2.3�[39m
   ├─ Patched Versions: �[38;5;37m>=0.2.4�[39m
   ├─ Via: @wireapp/protocol-messaging, electron-winstaller, electron-builder
   └─ Recommendation: Upgrade to version 0.2.4 or later

github-actions · 2025-11-05T04:14:52Z

🟠 Dependency Security Audit

🟠 3 high severity vulnerabilities found

Severity	Count
🔴 Critical	0
🟠 High	3
🟡 Moderate	4
🟢 Low	4

⚠️ Recommended: High severity vulnerabilities should be addressed.

View full audit report

├─ lodash.pick: �[38;5;37m4.4.0�[39m
│  ├─ ID: �[38;5;220m1106907�[39m
│  ├─ Issue: Prototype Pollution in lodash
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-p6mc-m468-83gw�[39m
│  ├─ Severity: high
│  ├─ Vulnerable Versions: �[38;5;37m>=4.0.0 <=4.4.0�[39m
│  ├─ Patched Versions: �[38;5;37m<0.0.0�[39m
│  ├─ Via: open-graph
│  └─ Recommendation: None
│
├─ lodash.template: �[38;5;37m4.5.0�[39m
│  ├─ ID: �[38;5;220m1106902�[39m
│  ├─ Issue: Command Injection in lodash
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-35jh-r3h4-6jhm�[39m
│  ├─ Severity: high
│  ├─ Vulnerable Versions: �[38;5;37m<=4.5.0�[39m
│  ├─ Patched Versions: �[38;5;37m<0.0.0�[39m
│  ├─ Via: electron-winstaller
│  └─ Recommendation: None
│
├─ nth-check: �[38;5;37m1.0.2�[39m
│  ├─ ID: �[38;5;220m1095141�[39m
│  ├─ Issue: Inefficient Regular Expression Complexity in nth-check
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-rp65-9cf3-cjxr�[39m
│  ├─ Severity: high
│  ├─ Vulnerable Versions: �[38;5;37m<2.0.1�[39m
│  ├─ Patched Versions: �[38;5;37m>=2.0.1�[39m
│  ├─ Via: open-graph
│  └─ Recommendation: Upgrade to version 2.0.1 or later
│
├─ request: �[38;5;37m2.88.2�[39m
│  ├─ ID: �[38;5;220m1096727�[39m
│  ├─ Issue: Server-Side Request Forgery in Request
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-p8p7-x288-28g6�[39m
│  ├─ Severity: moderate
│  ├─ Vulnerable Versions: �[38;5;37m<=2.88.2�[39m
│  ├─ Patched Versions: �[38;5;37m<0.0.0�[39m
│  ├─ Via: open-graph
│  └─ Recommendation: None
│
├─ serialize-javascript: �[38;5;37m6.0.0�[39m
│  ├─ ID: �[38;5;220m1105261�[39m
│  ├─ Issue: Cross-site Scripting (XSS) in serialize-javascript
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-76p7-773f-r4q5�[39m
│  ├─ Severity: moderate
│  ├─ Vulnerable Versions: �[38;5;37m>=6.0.0 <6.0.2�[39m
│  ├─ Patched Versions: �[38;5;37m>=6.0.2�[39m
│  ├─ Via: mocha, webpack, babel-loader
│  └─ Recommendation: Upgrade to version 6.0.2 or later
│
└─ tmp: �[38;5;37m0.1.0�[39m
   ├─ ID: �[38;5;220m1109537�[39m
   ├─ Issue: tmp allows arbitrary temporary file / directory write via symbolic link `dir` parameter
   ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-52f5-9888-hmc6�[39m
   ├─ Severity: low
   ├─ Vulnerable Versions: �[38;5;37m<=0.2.3�[39m
   ├─ Patched Versions: �[38;5;37m>=0.2.4�[39m
   ├─ Via: @wireapp/protocol-messaging, electron-winstaller, electron-builder
   └─ Recommendation: Upgrade to version 0.2.4 or later

github-actions · 2025-11-07T04:08:19Z

🟠 Dependency Security Audit

🟠 3 high severity vulnerabilities found

Severity	Count
🔴 Critical	0
🟠 High	3
🟡 Moderate	4
🟢 Low	4

⚠️ Recommended: High severity vulnerabilities should be addressed.

View full audit report

├─ lodash.pick: �[38;5;37m4.4.0�[39m
│  ├─ ID: �[38;5;220m1106907�[39m
│  ├─ Issue: Prototype Pollution in lodash
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-p6mc-m468-83gw�[39m
│  ├─ Severity: high
│  ├─ Vulnerable Versions: �[38;5;37m>=4.0.0 <=4.4.0�[39m
│  ├─ Patched Versions: �[38;5;37m<0.0.0�[39m
│  ├─ Via: open-graph
│  └─ Recommendation: None
│
├─ lodash.template: �[38;5;37m4.5.0�[39m
│  ├─ ID: �[38;5;220m1106902�[39m
│  ├─ Issue: Command Injection in lodash
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-35jh-r3h4-6jhm�[39m
│  ├─ Severity: high
│  ├─ Vulnerable Versions: �[38;5;37m<=4.5.0�[39m
│  ├─ Patched Versions: �[38;5;37m<0.0.0�[39m
│  ├─ Via: electron-winstaller
│  └─ Recommendation: None
│
├─ nth-check: �[38;5;37m1.0.2�[39m
│  ├─ ID: �[38;5;220m1095141�[39m
│  ├─ Issue: Inefficient Regular Expression Complexity in nth-check
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-rp65-9cf3-cjxr�[39m
│  ├─ Severity: high
│  ├─ Vulnerable Versions: �[38;5;37m<2.0.1�[39m
│  ├─ Patched Versions: �[38;5;37m>=2.0.1�[39m
│  ├─ Via: open-graph
│  └─ Recommendation: Upgrade to version 2.0.1 or later
│
├─ request: �[38;5;37m2.88.2�[39m
│  ├─ ID: �[38;5;220m1096727�[39m
│  ├─ Issue: Server-Side Request Forgery in Request
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-p8p7-x288-28g6�[39m
│  ├─ Severity: moderate
│  ├─ Vulnerable Versions: �[38;5;37m<=2.88.2�[39m
│  ├─ Patched Versions: �[38;5;37m<0.0.0�[39m
│  ├─ Via: open-graph
│  └─ Recommendation: None
│
├─ serialize-javascript: �[38;5;37m6.0.0�[39m
│  ├─ ID: �[38;5;220m1105261�[39m
│  ├─ Issue: Cross-site Scripting (XSS) in serialize-javascript
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-76p7-773f-r4q5�[39m
│  ├─ Severity: moderate
│  ├─ Vulnerable Versions: �[38;5;37m>=6.0.0 <6.0.2�[39m
│  ├─ Patched Versions: �[38;5;37m>=6.0.2�[39m
│  ├─ Via: mocha, webpack, babel-loader
│  └─ Recommendation: Upgrade to version 6.0.2 or later
│
└─ tmp: �[38;5;37m0.1.0�[39m
   ├─ ID: �[38;5;220m1109537�[39m
   ├─ Issue: tmp allows arbitrary temporary file / directory write via symbolic link `dir` parameter
   ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-52f5-9888-hmc6�[39m
   ├─ Severity: low
   ├─ Vulnerable Versions: �[38;5;37m<=0.2.3�[39m
   ├─ Patched Versions: �[38;5;37m>=0.2.4�[39m
   ├─ Via: @wireapp/protocol-messaging, electron-winstaller, electron-builder
   └─ Recommendation: Upgrade to version 0.2.4 or later

github-actions · 2025-11-07T04:12:57Z

🟠 Dependency Security Audit

🟠 3 high severity vulnerabilities found

Severity	Count
🔴 Critical	0
🟠 High	3
🟡 Moderate	4
🟢 Low	4

⚠️ Recommended: High severity vulnerabilities should be addressed.

View full audit report

├─ lodash.pick: �[38;5;37m4.4.0�[39m
│  ├─ ID: �[38;5;220m1106907�[39m
│  ├─ Issue: Prototype Pollution in lodash
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-p6mc-m468-83gw�[39m
│  ├─ Severity: high
│  ├─ Vulnerable Versions: �[38;5;37m>=4.0.0 <=4.4.0�[39m
│  ├─ Patched Versions: �[38;5;37m<0.0.0�[39m
│  ├─ Via: open-graph
│  └─ Recommendation: None
│
├─ lodash.template: �[38;5;37m4.5.0�[39m
│  ├─ ID: �[38;5;220m1106902�[39m
│  ├─ Issue: Command Injection in lodash
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-35jh-r3h4-6jhm�[39m
│  ├─ Severity: high
│  ├─ Vulnerable Versions: �[38;5;37m<=4.5.0�[39m
│  ├─ Patched Versions: �[38;5;37m<0.0.0�[39m
│  ├─ Via: electron-winstaller
│  └─ Recommendation: None
│
├─ nth-check: �[38;5;37m1.0.2�[39m
│  ├─ ID: �[38;5;220m1095141�[39m
│  ├─ Issue: Inefficient Regular Expression Complexity in nth-check
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-rp65-9cf3-cjxr�[39m
│  ├─ Severity: high
│  ├─ Vulnerable Versions: �[38;5;37m<2.0.1�[39m
│  ├─ Patched Versions: �[38;5;37m>=2.0.1�[39m
│  ├─ Via: open-graph
│  └─ Recommendation: Upgrade to version 2.0.1 or later
│
├─ request: �[38;5;37m2.88.2�[39m
│  ├─ ID: �[38;5;220m1096727�[39m
│  ├─ Issue: Server-Side Request Forgery in Request
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-p8p7-x288-28g6�[39m
│  ├─ Severity: moderate
│  ├─ Vulnerable Versions: �[38;5;37m<=2.88.2�[39m
│  ├─ Patched Versions: �[38;5;37m<0.0.0�[39m
│  ├─ Via: open-graph
│  └─ Recommendation: None
│
├─ serialize-javascript: �[38;5;37m6.0.0�[39m
│  ├─ ID: �[38;5;220m1105261�[39m
│  ├─ Issue: Cross-site Scripting (XSS) in serialize-javascript
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-76p7-773f-r4q5�[39m
│  ├─ Severity: moderate
│  ├─ Vulnerable Versions: �[38;5;37m>=6.0.0 <6.0.2�[39m
│  ├─ Patched Versions: �[38;5;37m>=6.0.2�[39m
│  ├─ Via: mocha, webpack, babel-loader
│  └─ Recommendation: Upgrade to version 6.0.2 or later
│
└─ tmp: �[38;5;37m0.1.0�[39m
   ├─ ID: �[38;5;220m1109537�[39m
   ├─ Issue: tmp allows arbitrary temporary file / directory write via symbolic link `dir` parameter
   ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-52f5-9888-hmc6�[39m
   ├─ Severity: low
   ├─ Vulnerable Versions: �[38;5;37m<=0.2.3�[39m
   ├─ Patched Versions: �[38;5;37m>=0.2.4�[39m
   ├─ Via: @wireapp/protocol-messaging, electron-winstaller, electron-builder
   └─ Recommendation: Upgrade to version 0.2.4 or later

github-actions · 2025-11-10T04:09:40Z

🟠 Dependency Security Audit

🟠 3 high severity vulnerabilities found

Severity	Count
🔴 Critical	0
🟠 High	3
🟡 Moderate	4
🟢 Low	4

⚠️ Recommended: High severity vulnerabilities should be addressed.

View full audit report

├─ lodash.pick: �[38;5;37m4.4.0�[39m
│  ├─ ID: �[38;5;220m1106907�[39m
│  ├─ Issue: Prototype Pollution in lodash
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-p6mc-m468-83gw�[39m
│  ├─ Severity: high
│  ├─ Vulnerable Versions: �[38;5;37m>=4.0.0 <=4.4.0�[39m
│  ├─ Patched Versions: �[38;5;37m<0.0.0�[39m
│  ├─ Via: open-graph
│  └─ Recommendation: None
│
├─ lodash.template: �[38;5;37m4.5.0�[39m
│  ├─ ID: �[38;5;220m1106902�[39m
│  ├─ Issue: Command Injection in lodash
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-35jh-r3h4-6jhm�[39m
│  ├─ Severity: high
│  ├─ Vulnerable Versions: �[38;5;37m<=4.5.0�[39m
│  ├─ Patched Versions: �[38;5;37m<0.0.0�[39m
│  ├─ Via: electron-winstaller
│  └─ Recommendation: None
│
├─ nth-check: �[38;5;37m1.0.2�[39m
│  ├─ ID: �[38;5;220m1095141�[39m
│  ├─ Issue: Inefficient Regular Expression Complexity in nth-check
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-rp65-9cf3-cjxr�[39m
│  ├─ Severity: high
│  ├─ Vulnerable Versions: �[38;5;37m<2.0.1�[39m
│  ├─ Patched Versions: �[38;5;37m>=2.0.1�[39m
│  ├─ Via: open-graph
│  └─ Recommendation: Upgrade to version 2.0.1 or later
│
├─ request: �[38;5;37m2.88.2�[39m
│  ├─ ID: �[38;5;220m1096727�[39m
│  ├─ Issue: Server-Side Request Forgery in Request
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-p8p7-x288-28g6�[39m
│  ├─ Severity: moderate
│  ├─ Vulnerable Versions: �[38;5;37m<=2.88.2�[39m
│  ├─ Patched Versions: �[38;5;37m<0.0.0�[39m
│  ├─ Via: open-graph
│  └─ Recommendation: None
│
├─ serialize-javascript: �[38;5;37m6.0.0�[39m
│  ├─ ID: �[38;5;220m1105261�[39m
│  ├─ Issue: Cross-site Scripting (XSS) in serialize-javascript
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-76p7-773f-r4q5�[39m
│  ├─ Severity: moderate
│  ├─ Vulnerable Versions: �[38;5;37m>=6.0.0 <6.0.2�[39m
│  ├─ Patched Versions: �[38;5;37m>=6.0.2�[39m
│  ├─ Via: mocha, webpack, babel-loader
│  └─ Recommendation: Upgrade to version 6.0.2 or later
│
└─ tmp: �[38;5;37m0.1.0�[39m
   ├─ ID: �[38;5;220m1109537�[39m
   ├─ Issue: tmp allows arbitrary temporary file / directory write via symbolic link `dir` parameter
   ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-52f5-9888-hmc6�[39m
   ├─ Severity: low
   ├─ Vulnerable Versions: �[38;5;37m<=0.2.3�[39m
   ├─ Patched Versions: �[38;5;37m>=0.2.4�[39m
   ├─ Via: @wireapp/protocol-messaging, electron-winstaller, electron-builder
   └─ Recommendation: Upgrade to version 0.2.4 or later

github-actions · 2025-11-11T04:39:47Z

🟠 Dependency Security Audit

🟠 3 high severity vulnerabilities found

Severity	Count
🔴 Critical	0
🟠 High	3
🟡 Moderate	4
🟢 Low	4

⚠️ Recommended: High severity vulnerabilities should be addressed.

View full audit report

├─ lodash.pick: �[38;5;37m4.4.0�[39m
│  ├─ ID: �[38;5;220m1106907�[39m
│  ├─ Issue: Prototype Pollution in lodash
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-p6mc-m468-83gw�[39m
│  ├─ Severity: high
│  ├─ Vulnerable Versions: �[38;5;37m>=4.0.0 <=4.4.0�[39m
│  ├─ Patched Versions: �[38;5;37m<0.0.0�[39m
│  ├─ Via: open-graph
│  └─ Recommendation: None
│
├─ lodash.template: �[38;5;37m4.5.0�[39m
│  ├─ ID: �[38;5;220m1106902�[39m
│  ├─ Issue: Command Injection in lodash
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-35jh-r3h4-6jhm�[39m
│  ├─ Severity: high
│  ├─ Vulnerable Versions: �[38;5;37m<=4.5.0�[39m
│  ├─ Patched Versions: �[38;5;37m<0.0.0�[39m
│  ├─ Via: electron-winstaller
│  └─ Recommendation: None
│
├─ nth-check: �[38;5;37m1.0.2�[39m
│  ├─ ID: �[38;5;220m1095141�[39m
│  ├─ Issue: Inefficient Regular Expression Complexity in nth-check
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-rp65-9cf3-cjxr�[39m
│  ├─ Severity: high
│  ├─ Vulnerable Versions: �[38;5;37m<2.0.1�[39m
│  ├─ Patched Versions: �[38;5;37m>=2.0.1�[39m
│  ├─ Via: open-graph
│  └─ Recommendation: Upgrade to version 2.0.1 or later
│
├─ request: �[38;5;37m2.88.2�[39m
│  ├─ ID: �[38;5;220m1096727�[39m
│  ├─ Issue: Server-Side Request Forgery in Request
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-p8p7-x288-28g6�[39m
│  ├─ Severity: moderate
│  ├─ Vulnerable Versions: �[38;5;37m<=2.88.2�[39m
│  ├─ Patched Versions: �[38;5;37m<0.0.0�[39m
│  ├─ Via: open-graph
│  └─ Recommendation: None
│
├─ serialize-javascript: �[38;5;37m6.0.0�[39m
│  ├─ ID: �[38;5;220m1105261�[39m
│  ├─ Issue: Cross-site Scripting (XSS) in serialize-javascript
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-76p7-773f-r4q5�[39m
│  ├─ Severity: moderate
│  ├─ Vulnerable Versions: �[38;5;37m>=6.0.0 <6.0.2�[39m
│  ├─ Patched Versions: �[38;5;37m>=6.0.2�[39m
│  ├─ Via: mocha, webpack, babel-loader
│  └─ Recommendation: Upgrade to version 6.0.2 or later
│
└─ tmp: �[38;5;37m0.1.0�[39m
   ├─ ID: �[38;5;220m1109537�[39m
   ├─ Issue: tmp allows arbitrary temporary file / directory write via symbolic link `dir` parameter
   ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-52f5-9888-hmc6�[39m
   ├─ Severity: low
   ├─ Vulnerable Versions: �[38;5;37m<=0.2.3�[39m
   ├─ Patched Versions: �[38;5;37m>=0.2.4�[39m
   ├─ Via: @wireapp/protocol-messaging, electron-winstaller, electron-builder
   └─ Recommendation: Upgrade to version 0.2.4 or later

github-actions · 2025-11-12T04:09:58Z

🟠 Dependency Security Audit

🟠 3 high severity vulnerabilities found

Severity	Count
🔴 Critical	0
🟠 High	3
🟡 Moderate	4
🟢 Low	4

⚠️ Recommended: High severity vulnerabilities should be addressed.

View full audit report

├─ lodash.pick: �[38;5;37m4.4.0�[39m
│  ├─ ID: �[38;5;220m1106907�[39m
│  ├─ Issue: Prototype Pollution in lodash
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-p6mc-m468-83gw�[39m
│  ├─ Severity: high
│  ├─ Vulnerable Versions: �[38;5;37m>=4.0.0 <=4.4.0�[39m
│  ├─ Patched Versions: �[38;5;37m<0.0.0�[39m
│  ├─ Via: open-graph
│  └─ Recommendation: None
│
├─ lodash.template: �[38;5;37m4.5.0�[39m
│  ├─ ID: �[38;5;220m1106902�[39m
│  ├─ Issue: Command Injection in lodash
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-35jh-r3h4-6jhm�[39m
│  ├─ Severity: high
│  ├─ Vulnerable Versions: �[38;5;37m<=4.5.0�[39m
│  ├─ Patched Versions: �[38;5;37m<0.0.0�[39m
│  ├─ Via: electron-winstaller
│  └─ Recommendation: None
│
├─ nth-check: �[38;5;37m1.0.2�[39m
│  ├─ ID: �[38;5;220m1095141�[39m
│  ├─ Issue: Inefficient Regular Expression Complexity in nth-check
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-rp65-9cf3-cjxr�[39m
│  ├─ Severity: high
│  ├─ Vulnerable Versions: �[38;5;37m<2.0.1�[39m
│  ├─ Patched Versions: �[38;5;37m>=2.0.1�[39m
│  ├─ Via: open-graph
│  └─ Recommendation: Upgrade to version 2.0.1 or later
│
├─ request: �[38;5;37m2.88.2�[39m
│  ├─ ID: �[38;5;220m1096727�[39m
│  ├─ Issue: Server-Side Request Forgery in Request
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-p8p7-x288-28g6�[39m
│  ├─ Severity: moderate
│  ├─ Vulnerable Versions: �[38;5;37m<=2.88.2�[39m
│  ├─ Patched Versions: �[38;5;37m<0.0.0�[39m
│  ├─ Via: open-graph
│  └─ Recommendation: None
│
├─ serialize-javascript: �[38;5;37m6.0.0�[39m
│  ├─ ID: �[38;5;220m1105261�[39m
│  ├─ Issue: Cross-site Scripting (XSS) in serialize-javascript
│  ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-76p7-773f-r4q5�[39m
│  ├─ Severity: moderate
│  ├─ Vulnerable Versions: �[38;5;37m>=6.0.0 <6.0.2�[39m
│  ├─ Patched Versions: �[38;5;37m>=6.0.2�[39m
│  ├─ Via: mocha, webpack, babel-loader
│  └─ Recommendation: Upgrade to version 6.0.2 or later
│
└─ tmp: �[38;5;37m0.1.0�[39m
   ├─ ID: �[38;5;220m1109537�[39m
   ├─ Issue: tmp allows arbitrary temporary file / directory write via symbolic link `dir` parameter
   ├─ URL: �[38;5;170mhttps://github.com/advisories/GHSA-52f5-9888-hmc6�[39m
   ├─ Severity: low
   ├─ Vulnerable Versions: �[38;5;37m<=0.2.3�[39m
   ├─ Patched Versions: �[38;5;37m>=0.2.4�[39m
   ├─ Via: @wireapp/protocol-messaging, electron-winstaller, electron-builder
   └─ Recommendation: Upgrade to version 0.2.4 or later

Bumps [@wireapp/react-ui-kit](https://github.com/wireapp/wire-web-packages) from 9.59.1 to 9.69.4. - [Commits](https://github.com/wireapp/wire-web-packages/compare/@wireapp/react-ui-kit@9.59.1...@wireapp/react-ui-kit@9.69.4) --- updated-dependencies: - dependency-name: "@wireapp/react-ui-kit" dependency-version: 9.69.4 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

sonarqubecloud · 2025-11-14T04:16:06Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

dependabot · 2025-11-17T04:17:07Z

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot recreate.

dependabot · 2025-11-18T04:05:26Z

Superseded by #9248.

dependabot bot added dependencies javascript Pull requests that update Javascript code labels Oct 31, 2025

dependabot bot mentioned this pull request Oct 31, 2025

chore(deps): bump @wireapp/react-ui-kit from 9.59.1 to 9.69.0 #9170

Closed

otto-the-bot approved these changes Oct 31, 2025

View reviewed changes

otto-the-bot enabled auto-merge (squash) October 31, 2025 04:04

dependabot bot force-pushed the dependabot/npm_and_yarn/wireapp/react-ui-kit-9.69.4 branch from e0e78f7 to 9a0adc8 Compare November 5, 2025 04:09

otto-the-bot approved these changes Nov 5, 2025

View reviewed changes

dependabot bot force-pushed the dependabot/npm_and_yarn/wireapp/react-ui-kit-9.69.4 branch from 9a0adc8 to dee6dff Compare November 5, 2025 04:11

otto-the-bot approved these changes Nov 5, 2025

View reviewed changes

dependabot bot force-pushed the dependabot/npm_and_yarn/wireapp/react-ui-kit-9.69.4 branch from dee6dff to d71eb19 Compare November 5, 2025 04:14

otto-the-bot approved these changes Nov 5, 2025

View reviewed changes

dependabot bot force-pushed the dependabot/npm_and_yarn/wireapp/react-ui-kit-9.69.4 branch from d71eb19 to 5bf48ea Compare November 7, 2025 04:07

otto-the-bot approved these changes Nov 7, 2025

View reviewed changes

dependabot bot force-pushed the dependabot/npm_and_yarn/wireapp/react-ui-kit-9.69.4 branch from 5bf48ea to 6761a15 Compare November 7, 2025 04:12

otto-the-bot approved these changes Nov 7, 2025

View reviewed changes

dependabot bot force-pushed the dependabot/npm_and_yarn/wireapp/react-ui-kit-9.69.4 branch from 6761a15 to 8bb738a Compare November 10, 2025 04:09

otto-the-bot approved these changes Nov 10, 2025

View reviewed changes

dependabot bot force-pushed the dependabot/npm_and_yarn/wireapp/react-ui-kit-9.69.4 branch from 8bb738a to b6a6a16 Compare November 11, 2025 04:39

otto-the-bot approved these changes Nov 11, 2025

View reviewed changes

dependabot bot force-pushed the dependabot/npm_and_yarn/wireapp/react-ui-kit-9.69.4 branch from b6a6a16 to 0478044 Compare November 12, 2025 04:09

otto-the-bot approved these changes Nov 12, 2025

View reviewed changes

dependabot bot force-pushed the dependabot/npm_and_yarn/wireapp/react-ui-kit-9.69.4 branch from 0478044 to 02a65ad Compare November 12, 2025 13:51

otto-the-bot approved these changes Nov 12, 2025

View reviewed changes

dependabot bot force-pushed the dependabot/npm_and_yarn/wireapp/react-ui-kit-9.69.4 branch from 02a65ad to fc26f10 Compare November 12, 2025 15:53

otto-the-bot approved these changes Nov 12, 2025

View reviewed changes

dependabot bot force-pushed the dependabot/npm_and_yarn/wireapp/react-ui-kit-9.69.4 branch from fc26f10 to 4575ed4 Compare November 13, 2025 04:10

otto-the-bot approved these changes Nov 13, 2025

View reviewed changes

dependabot bot force-pushed the dependabot/npm_and_yarn/wireapp/react-ui-kit-9.69.4 branch from 4575ed4 to 0f41426 Compare November 13, 2025 04:14

otto-the-bot approved these changes Nov 13, 2025

View reviewed changes

dependabot bot force-pushed the dependabot/npm_and_yarn/wireapp/react-ui-kit-9.69.4 branch from 0f41426 to 7356206 Compare November 13, 2025 04:16

otto-the-bot approved these changes Nov 13, 2025

View reviewed changes

dependabot bot force-pushed the dependabot/npm_and_yarn/wireapp/react-ui-kit-9.69.4 branch from 7356206 to b46b0e2 Compare November 13, 2025 04:23

otto-the-bot approved these changes Nov 13, 2025

View reviewed changes

dependabot bot force-pushed the dependabot/npm_and_yarn/wireapp/react-ui-kit-9.69.4 branch from b46b0e2 to ae1f76a Compare November 14, 2025 04:09

otto-the-bot approved these changes Nov 14, 2025

View reviewed changes

dependabot bot force-pushed the dependabot/npm_and_yarn/wireapp/react-ui-kit-9.69.4 branch from ae1f76a to 281135b Compare November 14, 2025 04:15

otto-the-bot approved these changes Nov 14, 2025

View reviewed changes

dependabot bot closed this Nov 18, 2025

auto-merge was automatically disabled November 18, 2025 04:05
Pull request was closed

dependabot bot deleted the dependabot/npm_and_yarn/wireapp/react-ui-kit-9.69.4 branch November 18, 2025 04:05

chore(deps): bump @wireapp/react-ui-kit from 9.59.1 to 9.69.4 #9201

chore(deps): bump @wireapp/react-ui-kit from 9.59.1 to 9.69.4 #9201

Uh oh!

Conversation

dependabot bot commented on behalf of github Oct 31, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

github-actions bot commented Oct 31, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Dependency Review

OpenSSF Scorecard

Scanned Files

Uh oh!

github-actions bot commented Oct 31, 2025

🟠 Dependency Security Audit

Uh oh!

github-actions bot commented Nov 5, 2025

🟠 Dependency Security Audit

Uh oh!

github-actions bot commented Nov 5, 2025

🟠 Dependency Security Audit

Uh oh!

github-actions bot commented Nov 5, 2025

🟠 Dependency Security Audit

Uh oh!

github-actions bot commented Nov 7, 2025

🟠 Dependency Security Audit

Uh oh!

github-actions bot commented Nov 7, 2025

🟠 Dependency Security Audit

Uh oh!

github-actions bot commented Nov 10, 2025

🟠 Dependency Security Audit

Uh oh!

github-actions bot commented Nov 11, 2025

🟠 Dependency Security Audit

Uh oh!

github-actions bot commented Nov 12, 2025

🟠 Dependency Security Audit

Uh oh!

sonarqubecloud bot commented Nov 14, 2025

Quality Gate passed

Uh oh!

dependabot bot commented on behalf of github Nov 17, 2025

Uh oh!

dependabot bot commented on behalf of github Nov 18, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

dependabot bot commented on behalf of github Oct 31, 2025 •

edited

Loading

github-actions bot commented Oct 31, 2025 •

edited

Loading