| Package | Version | Score | Details |
|---|
| npm/@swc/core | ~1.15.0 | 🟢 4.4 | Details| Check | Score | Reason |
|---|
| Code-Review | ⚠️ 1 | Found 5/28 approved changesets -- score normalized to 1 | | CII-Best-Practices | ⚠️ 0 | no effort to earn an OpenSSF best practices badge detected | | Maintained | 🟢 10 | 30 commit(s) and 26 issue activity found in the last 90 days -- score normalized to 10 | | License | 🟢 10 | license file detected | | Dangerous-Workflow | 🟢 10 | no dangerous workflow patterns detected | | Security-Policy | ⚠️ 0 | security policy file not detected | | Token-Permissions | ⚠️ 0 | detected GitHub workflow tokens with excessive permissions | | Packaging | 🟢 10 | packaging workflow detected | | Fuzzing | 🟢 10 | project is fuzzed | | Branch-Protection | 🟢 3 | branch protection is not maximal on development and all release branches | | Signed-Releases | ⚠️ 0 | Project has not signed or included provenance with any releases. | | SAST | ⚠️ 0 | SAST tool is not run on all commits -- score normalized to 0 | | Binary-Artifacts | 🟢 10 | no binaries found in the repo | | Pinned-Dependencies | ⚠️ 0 | dependency not pinned by hash detected -- score normalized to 0 | | Vulnerabilities | ⚠️ 0 | 78 existing vulnerabilities detected |
|
| npm/@swc/core | 1.15.1 | 🟢 4.4 | Details| Check | Score | Reason |
|---|
| Code-Review | ⚠️ 1 | Found 5/28 approved changesets -- score normalized to 1 | | CII-Best-Practices | ⚠️ 0 | no effort to earn an OpenSSF best practices badge detected | | Maintained | 🟢 10 | 30 commit(s) and 26 issue activity found in the last 90 days -- score normalized to 10 | | License | 🟢 10 | license file detected | | Dangerous-Workflow | 🟢 10 | no dangerous workflow patterns detected | | Security-Policy | ⚠️ 0 | security policy file not detected | | Token-Permissions | ⚠️ 0 | detected GitHub workflow tokens with excessive permissions | | Packaging | 🟢 10 | packaging workflow detected | | Fuzzing | 🟢 10 | project is fuzzed | | Branch-Protection | 🟢 3 | branch protection is not maximal on development and all release branches | | Signed-Releases | ⚠️ 0 | Project has not signed or included provenance with any releases. | | SAST | ⚠️ 0 | SAST tool is not run on all commits -- score normalized to 0 | | Binary-Artifacts | 🟢 10 | no binaries found in the repo | | Pinned-Dependencies | ⚠️ 0 | dependency not pinned by hash detected -- score normalized to 0 | | Vulnerabilities | ⚠️ 0 | 78 existing vulnerabilities detected |
|
| npm/@swc/core-darwin-arm64 | 1.15.1 | 🟢 4.4 | Details| Check | Score | Reason |
|---|
| Code-Review | ⚠️ 1 | Found 5/28 approved changesets -- score normalized to 1 | | CII-Best-Practices | ⚠️ 0 | no effort to earn an OpenSSF best practices badge detected | | Maintained | 🟢 10 | 30 commit(s) and 26 issue activity found in the last 90 days -- score normalized to 10 | | License | 🟢 10 | license file detected | | Dangerous-Workflow | 🟢 10 | no dangerous workflow patterns detected | | Security-Policy | ⚠️ 0 | security policy file not detected | | Token-Permissions | ⚠️ 0 | detected GitHub workflow tokens with excessive permissions | | Packaging | 🟢 10 | packaging workflow detected | | Fuzzing | 🟢 10 | project is fuzzed | | Branch-Protection | 🟢 3 | branch protection is not maximal on development and all release branches | | Signed-Releases | ⚠️ 0 | Project has not signed or included provenance with any releases. | | SAST | ⚠️ 0 | SAST tool is not run on all commits -- score normalized to 0 | | Binary-Artifacts | 🟢 10 | no binaries found in the repo | | Pinned-Dependencies | ⚠️ 0 | dependency not pinned by hash detected -- score normalized to 0 | | Vulnerabilities | ⚠️ 0 | 78 existing vulnerabilities detected |
|
| npm/@swc/core-darwin-x64 | 1.15.1 | 🟢 4.4 | Details| Check | Score | Reason |
|---|
| Code-Review | ⚠️ 1 | Found 5/28 approved changesets -- score normalized to 1 | | CII-Best-Practices | ⚠️ 0 | no effort to earn an OpenSSF best practices badge detected | | Maintained | 🟢 10 | 30 commit(s) and 26 issue activity found in the last 90 days -- score normalized to 10 | | License | 🟢 10 | license file detected | | Dangerous-Workflow | 🟢 10 | no dangerous workflow patterns detected | | Security-Policy | ⚠️ 0 | security policy file not detected | | Token-Permissions | ⚠️ 0 | detected GitHub workflow tokens with excessive permissions | | Packaging | 🟢 10 | packaging workflow detected | | Fuzzing | 🟢 10 | project is fuzzed | | Branch-Protection | 🟢 3 | branch protection is not maximal on development and all release branches | | Signed-Releases | ⚠️ 0 | Project has not signed or included provenance with any releases. | | SAST | ⚠️ 0 | SAST tool is not run on all commits -- score normalized to 0 | | Binary-Artifacts | 🟢 10 | no binaries found in the repo | | Pinned-Dependencies | ⚠️ 0 | dependency not pinned by hash detected -- score normalized to 0 | | Vulnerabilities | ⚠️ 0 | 78 existing vulnerabilities detected |
|
| npm/@swc/core-linux-arm-gnueabihf | 1.15.1 | 🟢 4.4 | Details| Check | Score | Reason |
|---|
| Code-Review | ⚠️ 1 | Found 5/28 approved changesets -- score normalized to 1 | | CII-Best-Practices | ⚠️ 0 | no effort to earn an OpenSSF best practices badge detected | | Maintained | 🟢 10 | 30 commit(s) and 26 issue activity found in the last 90 days -- score normalized to 10 | | License | 🟢 10 | license file detected | | Dangerous-Workflow | 🟢 10 | no dangerous workflow patterns detected | | Security-Policy | ⚠️ 0 | security policy file not detected | | Token-Permissions | ⚠️ 0 | detected GitHub workflow tokens with excessive permissions | | Packaging | 🟢 10 | packaging workflow detected | | Fuzzing | 🟢 10 | project is fuzzed | | Branch-Protection | 🟢 3 | branch protection is not maximal on development and all release branches | | Signed-Releases | ⚠️ 0 | Project has not signed or included provenance with any releases. | | SAST | ⚠️ 0 | SAST tool is not run on all commits -- score normalized to 0 | | Binary-Artifacts | 🟢 10 | no binaries found in the repo | | Pinned-Dependencies | ⚠️ 0 | dependency not pinned by hash detected -- score normalized to 0 | | Vulnerabilities | ⚠️ 0 | 78 existing vulnerabilities detected |
|
| npm/@swc/core-linux-arm64-gnu | 1.15.1 | 🟢 4.4 | Details| Check | Score | Reason |
|---|
| Code-Review | ⚠️ 1 | Found 5/28 approved changesets -- score normalized to 1 | | CII-Best-Practices | ⚠️ 0 | no effort to earn an OpenSSF best practices badge detected | | Maintained | 🟢 10 | 30 commit(s) and 26 issue activity found in the last 90 days -- score normalized to 10 | | License | 🟢 10 | license file detected | | Dangerous-Workflow | 🟢 10 | no dangerous workflow patterns detected | | Security-Policy | ⚠️ 0 | security policy file not detected | | Token-Permissions | ⚠️ 0 | detected GitHub workflow tokens with excessive permissions | | Packaging | 🟢 10 | packaging workflow detected | | Fuzzing | 🟢 10 | project is fuzzed | | Branch-Protection | 🟢 3 | branch protection is not maximal on development and all release branches | | Signed-Releases | ⚠️ 0 | Project has not signed or included provenance with any releases. | | SAST | ⚠️ 0 | SAST tool is not run on all commits -- score normalized to 0 | | Binary-Artifacts | 🟢 10 | no binaries found in the repo | | Pinned-Dependencies | ⚠️ 0 | dependency not pinned by hash detected -- score normalized to 0 | | Vulnerabilities | ⚠️ 0 | 78 existing vulnerabilities detected |
|
| npm/@swc/core-linux-arm64-musl | 1.15.1 | 🟢 4.4 | Details| Check | Score | Reason |
|---|
| Code-Review | ⚠️ 1 | Found 5/28 approved changesets -- score normalized to 1 | | CII-Best-Practices | ⚠️ 0 | no effort to earn an OpenSSF best practices badge detected | | Maintained | 🟢 10 | 30 commit(s) and 26 issue activity found in the last 90 days -- score normalized to 10 | | License | 🟢 10 | license file detected | | Dangerous-Workflow | 🟢 10 | no dangerous workflow patterns detected | | Security-Policy | ⚠️ 0 | security policy file not detected | | Token-Permissions | ⚠️ 0 | detected GitHub workflow tokens with excessive permissions | | Packaging | 🟢 10 | packaging workflow detected | | Fuzzing | 🟢 10 | project is fuzzed | | Branch-Protection | 🟢 3 | branch protection is not maximal on development and all release branches | | Signed-Releases | ⚠️ 0 | Project has not signed or included provenance with any releases. | | SAST | ⚠️ 0 | SAST tool is not run on all commits -- score normalized to 0 | | Binary-Artifacts | 🟢 10 | no binaries found in the repo | | Pinned-Dependencies | ⚠️ 0 | dependency not pinned by hash detected -- score normalized to 0 | | Vulnerabilities | ⚠️ 0 | 78 existing vulnerabilities detected |
|
| npm/@swc/core-linux-x64-gnu | 1.15.1 | 🟢 4.4 | Details| Check | Score | Reason |
|---|
| Code-Review | ⚠️ 1 | Found 5/28 approved changesets -- score normalized to 1 | | CII-Best-Practices | ⚠️ 0 | no effort to earn an OpenSSF best practices badge detected | | Maintained | 🟢 10 | 30 commit(s) and 26 issue activity found in the last 90 days -- score normalized to 10 | | License | 🟢 10 | license file detected | | Dangerous-Workflow | 🟢 10 | no dangerous workflow patterns detected | | Security-Policy | ⚠️ 0 | security policy file not detected | | Token-Permissions | ⚠️ 0 | detected GitHub workflow tokens with excessive permissions | | Packaging | 🟢 10 | packaging workflow detected | | Fuzzing | 🟢 10 | project is fuzzed | | Branch-Protection | 🟢 3 | branch protection is not maximal on development and all release branches | | Signed-Releases | ⚠️ 0 | Project has not signed or included provenance with any releases. | | SAST | ⚠️ 0 | SAST tool is not run on all commits -- score normalized to 0 | | Binary-Artifacts | 🟢 10 | no binaries found in the repo | | Pinned-Dependencies | ⚠️ 0 | dependency not pinned by hash detected -- score normalized to 0 | | Vulnerabilities | ⚠️ 0 | 78 existing vulnerabilities detected |
|
| npm/@swc/core-linux-x64-musl | 1.15.1 | 🟢 4.4 | Details| Check | Score | Reason |
|---|
| Code-Review | ⚠️ 1 | Found 5/28 approved changesets -- score normalized to 1 | | CII-Best-Practices | ⚠️ 0 | no effort to earn an OpenSSF best practices badge detected | | Maintained | 🟢 10 | 30 commit(s) and 26 issue activity found in the last 90 days -- score normalized to 10 | | License | 🟢 10 | license file detected | | Dangerous-Workflow | 🟢 10 | no dangerous workflow patterns detected | | Security-Policy | ⚠️ 0 | security policy file not detected | | Token-Permissions | ⚠️ 0 | detected GitHub workflow tokens with excessive permissions | | Packaging | 🟢 10 | packaging workflow detected | | Fuzzing | 🟢 10 | project is fuzzed | | Branch-Protection | 🟢 3 | branch protection is not maximal on development and all release branches | | Signed-Releases | ⚠️ 0 | Project has not signed or included provenance with any releases. | | SAST | ⚠️ 0 | SAST tool is not run on all commits -- score normalized to 0 | | Binary-Artifacts | 🟢 10 | no binaries found in the repo | | Pinned-Dependencies | ⚠️ 0 | dependency not pinned by hash detected -- score normalized to 0 | | Vulnerabilities | ⚠️ 0 | 78 existing vulnerabilities detected |
|
| npm/@swc/core-win32-arm64-msvc | 1.15.1 | 🟢 4.4 | Details| Check | Score | Reason |
|---|
| Code-Review | ⚠️ 1 | Found 5/28 approved changesets -- score normalized to 1 | | CII-Best-Practices | ⚠️ 0 | no effort to earn an OpenSSF best practices badge detected | | Maintained | 🟢 10 | 30 commit(s) and 26 issue activity found in the last 90 days -- score normalized to 10 | | License | 🟢 10 | license file detected | | Dangerous-Workflow | 🟢 10 | no dangerous workflow patterns detected | | Security-Policy | ⚠️ 0 | security policy file not detected | | Token-Permissions | ⚠️ 0 | detected GitHub workflow tokens with excessive permissions | | Packaging | 🟢 10 | packaging workflow detected | | Fuzzing | 🟢 10 | project is fuzzed | | Branch-Protection | 🟢 3 | branch protection is not maximal on development and all release branches | | Signed-Releases | ⚠️ 0 | Project has not signed or included provenance with any releases. | | SAST | ⚠️ 0 | SAST tool is not run on all commits -- score normalized to 0 | | Binary-Artifacts | 🟢 10 | no binaries found in the repo | | Pinned-Dependencies | ⚠️ 0 | dependency not pinned by hash detected -- score normalized to 0 | | Vulnerabilities | ⚠️ 0 | 78 existing vulnerabilities detected |
|
| npm/@swc/core-win32-ia32-msvc | 1.15.1 | 🟢 4.4 | Details| Check | Score | Reason |
|---|
| Code-Review | ⚠️ 1 | Found 5/28 approved changesets -- score normalized to 1 | | CII-Best-Practices | ⚠️ 0 | no effort to earn an OpenSSF best practices badge detected | | Maintained | 🟢 10 | 30 commit(s) and 26 issue activity found in the last 90 days -- score normalized to 10 | | License | 🟢 10 | license file detected | | Dangerous-Workflow | 🟢 10 | no dangerous workflow patterns detected | | Security-Policy | ⚠️ 0 | security policy file not detected | | Token-Permissions | ⚠️ 0 | detected GitHub workflow tokens with excessive permissions | | Packaging | 🟢 10 | packaging workflow detected | | Fuzzing | 🟢 10 | project is fuzzed | | Branch-Protection | 🟢 3 | branch protection is not maximal on development and all release branches | | Signed-Releases | ⚠️ 0 | Project has not signed or included provenance with any releases. | | SAST | ⚠️ 0 | SAST tool is not run on all commits -- score normalized to 0 | | Binary-Artifacts | 🟢 10 | no binaries found in the repo | | Pinned-Dependencies | ⚠️ 0 | dependency not pinned by hash detected -- score normalized to 0 | | Vulnerabilities | ⚠️ 0 | 78 existing vulnerabilities detected |
|
| npm/@swc/core-win32-x64-msvc | 1.15.1 | 🟢 4.4 | Details| Check | Score | Reason |
|---|
| Code-Review | ⚠️ 1 | Found 5/28 approved changesets -- score normalized to 1 | | CII-Best-Practices | ⚠️ 0 | no effort to earn an OpenSSF best practices badge detected | | Maintained | 🟢 10 | 30 commit(s) and 26 issue activity found in the last 90 days -- score normalized to 10 | | License | 🟢 10 | license file detected | | Dangerous-Workflow | 🟢 10 | no dangerous workflow patterns detected | | Security-Policy | ⚠️ 0 | security policy file not detected | | Token-Permissions | ⚠️ 0 | detected GitHub workflow tokens with excessive permissions | | Packaging | 🟢 10 | packaging workflow detected | | Fuzzing | 🟢 10 | project is fuzzed | | Branch-Protection | 🟢 3 | branch protection is not maximal on development and all release branches | | Signed-Releases | ⚠️ 0 | Project has not signed or included provenance with any releases. | | SAST | ⚠️ 0 | SAST tool is not run on all commits -- score normalized to 0 | | Binary-Artifacts | 🟢 10 | no binaries found in the repo | | Pinned-Dependencies | ⚠️ 0 | dependency not pinned by hash detected -- score normalized to 0 | | Vulnerabilities | ⚠️ 0 | 78 existing vulnerabilities detected |
|
Bumps@swc/core from 1.13.20 to 1.15.0.
Changelog
Sourced from
@swc/core's changelog.... (truncated)
Commits
77d8c36chore: Publish1.15.0withswc_corev47.0.29436f07chore: Update changelog12366e7chore: Publish1.15.0-nightly-20251104.3withswc_corev47.0.2792625cchore: Remove cache fortargets2d33124chore: Improve thebumpcommand (#11226)4bde508chore: Publish1.15.0-nightly-20251104.2withswc_corev47.0.20d5f10bchore: FIx publish path2edbd40chore: Update changeloga7f02dechore: Publish1.15.0-nightly-20251104.1withswc_corev47.0.26c1e820chore: Fix version of bindingsDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)