fix(deps): update npm - li-cli - experimental/li-cli/package.json

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@inquirer/prompts (source)	^7.3.3 -> ^7.5.0
@types/node (source)	^22.13.10 -> ^22.15.3
ts-jest (source)	^29.2.6 -> ^29.3.2
tsc-alias (source)	^1.8.11 -> ^1.8.15
typescript (source)	^5.8.2 -> ^5.8.3
yaml (source)	^2.7.0 -> ^2.7.1
zod (source)	^3.24.2 -> ^3.24.3

---

Release Notes

SBoudrias/Inquirer.js (@​inquirer/prompts)

v7.5.0

Compare Source

• Feat(@​inquirer/select): Added an instructions option allowing to customize the messages in the help tips.
• Feat(@​inquirer/rawlist): Arrow keys will now cycle through the option, just like the @inquirer/select prompt. Also added a loop option to control the list loop behaviour when reaching the boundaries.

v7.4.1

Compare Source

• Fix number prompt (typescript): If prompt is required, only number can be returned. (previously was nullable)
• README: Add new sponsor
• Chore: dependency updates

v7.4.0

Compare Source

kulshekhar/ts-jest (ts-jest)

v29.3.2

Compare Source

Bug Fixes

• fix: transpile js files from node_modules whenever Jest asks (968370e), closes #​4637

v29.3.1

Compare Source

Bug Fixes

• fix: allow isolatedModules mode to have ts.Program under Node16/Next (25157eb)
• fix: improve message for isolatedModules of ts-jest config (547eb6f)

v29.3.0

Compare Source

Features

• feat: support hybrid module values for isolatedModules: true (f372121)

Bug Fixes

• fix: set customConditions to undefined in TsCompiler (b091d70), closes #​4620

Code Refactoring

• refactor: remove manual version checker (89458fc)
• refactor: remove patching deps based on version checker (bac4c43)
• refactor: deprecate RawCompilerOptions interface (2b1b6cd)
• refactor: deprecate transform option isolatedModules (7dfef71)

justkey007/tsc-alias (tsc-alias)

v1.8.15: (2025-04-10)

Compare Source

What's Changed

• fix: compilerOptions.outDir is not set error by @​justkey007 in https://github.com/justkey007/tsc-alias/pull/242

Full Changelog: justkey007/tsc-alias@v1.8.14...v1.8.15

v1.8.14: (2025-04-08)

Compare Source

What's Changed

• Does not work properly with tsconfig.json with extends by @​justkey007 in https://github.com/justkey007/tsc-alias/pull/240

Full Changelog: justkey007/tsc-alias@v1.8.13...v1.8.14

v1.8.13: (2025-03-29)

Compare Source

What's Changed

• fix: latest version not compatible with node 20+ by @​justkey007 in https://github.com/justkey007/tsc-alias/pull/239

Full Changelog: justkey007/tsc-alias@v1.8.12...v1.8.13

v1.8.12: (2025-03-29)

Compare Source

What's Changed

• fix: Don't replace .d.ts paths by @​LukeAbby in https://github.com/justkey007/tsc-alias/pull/234
• CI/CD by @​justkey007 in https://github.com/justkey007/tsc-alias/pull/237

New Contributors

• @​LukeAbby made their first contribution in https://github.com/justkey007/tsc-alias/pull/234

Full Changelog: justkey007/tsc-alias@v1.8.11...v1.8.12

microsoft/TypeScript (typescript)

v5.8.3

Compare Source

eemeli/yaml (yaml)

v2.7.1

Compare Source

• Do not allow seq with single-line collection value on same line with map key (#​603)
• Improve warning & avoid TypeError on bad YAML 1.1 nodes (#​610)

colinhacks/zod (zod)

v3.24.3

Compare Source

Commits:

• de1f090 Switch to featured sponsors (#​4001)
• eea05ae Fix headers (#​4003)
• 446644f Tweak feature layout (#​4008)
• 1d6e1cb docs(README): add GQLoom to tools and integrations section (#​3995)
• e2b9a5f Update feature (#​4009)
• 0b5d29e Feature Mintlify (#​4014)
• 47dbb2d Update mintlify feature (#​4015)
• 69d8436 Add Clerk fellowship mention (#​4020)
• 850871d Fix table format
• f204123 WIP (#​4028)
• 5041dfa WIP (#​4045)
• cb2b857 docs: add TanStack Form to Ecosystem/Form integrations (#​4055)
• 099fe85 docs: add oRPC to Ecosystem (#​4042)
• b999b4b docs: Remove outdated doc 'avoid coercions that throw uncaught errors' (#​4005)
• 19c6d2e docs: update README_KO (#​4025)
• 1061293 WIP (#​4060)
• 07ff0da Update link
• 4c7d8e5 Update Fern art/link (#​4062)
• 91dcd30 removed unnecessary console logs (#​4059)
• 859ad24 Update alt tag for Retool and Stainless URL (#​4071)
• 220aeda Fix images
• b865062 update readme.md with zod-csv library (#​4021)
• 0615af8 Fix formatting
• 12e5866 Add zod 4 beta anno (#​4081)
• faac697 Fix CI
• 8cca93b Fix CI
• d114394 Added FullProduct.dev to 'Powered by Zod' in Ecosystem section (#​4131)
• a801ddd Fix broken logo link (#​3974)
• 8fc309a Add packages/docs
• bfd0913 Remove packages/docs
• 3e602d4 Optimize extendShape (#​4150)
• 06db7f8 3.24.3
• a18d25b add back packages/docs

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 2 package(s) with unknown licenses.

See the Details below.

License Issues

experimental/li-cli/package-lock.json

Package	Version	License	Issue Type
@types/node	22.15.3	Null	Unknown License

experimental/li-cli/package.json

Package	Version	License	Issue Type
@types/node	^22.15.3	Null	Unknown License

Allowed Licenses: MIT, MIT-0, Apache-2.0, BSD-3-Clause, BSD-3-Clause-Clear, ISC, BSD-2-Clause, Unlicense, CC0-1.0, 0BSD, X11, MPL-2.0, MPL-1.0, MPL-1.1, MPL-2.0, Zlib

Excluded from license check: pkg:npm/caniuse-lite

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
npm/@inquirer/checkbox	4.1.5	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 2 Found 2/10 approved changesets -- score normalized to 2 Security-Policy 🟢 10 security policy file detected Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST 🟢 9 SAST tool detected but not run on all commits Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/confirm	5.1.9	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 2 Found 2/10 approved changesets -- score normalized to 2 Security-Policy 🟢 10 security policy file detected Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST 🟢 9 SAST tool detected but not run on all commits Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/core	10.1.10	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 2 Found 2/10 approved changesets -- score normalized to 2 Security-Policy 🟢 10 security policy file detected Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST 🟢 9 SAST tool detected but not run on all commits Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/editor	4.2.10	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 2 Found 2/10 approved changesets -- score normalized to 2 Security-Policy 🟢 10 security policy file detected Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST 🟢 9 SAST tool detected but not run on all commits Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/expand	4.0.12	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 2 Found 2/10 approved changesets -- score normalized to 2 Security-Policy 🟢 10 security policy file detected Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST 🟢 9 SAST tool detected but not run on all commits Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/input	4.1.9	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 2 Found 2/10 approved changesets -- score normalized to 2 Security-Policy 🟢 10 security policy file detected Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST 🟢 9 SAST tool detected but not run on all commits Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/number	3.0.12	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 2 Found 2/10 approved changesets -- score normalized to 2 Security-Policy 🟢 10 security policy file detected Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST 🟢 9 SAST tool detected but not run on all commits Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/password	4.0.12	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 2 Found 2/10 approved changesets -- score normalized to 2 Security-Policy 🟢 10 security policy file detected Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST 🟢 9 SAST tool detected but not run on all commits Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/prompts	7.5.0	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 2 Found 2/10 approved changesets -- score normalized to 2 Security-Policy 🟢 10 security policy file detected Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST 🟢 9 SAST tool detected but not run on all commits Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/rawlist	4.1.0	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 2 Found 2/10 approved changesets -- score normalized to 2 Security-Policy 🟢 10 security policy file detected Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST 🟢 9 SAST tool detected but not run on all commits Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/search	3.0.12	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 2 Found 2/10 approved changesets -- score normalized to 2 Security-Policy 🟢 10 security policy file detected Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST 🟢 9 SAST tool detected but not run on all commits Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/select	4.2.0	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 2 Found 2/10 approved changesets -- score normalized to 2 Security-Policy 🟢 10 security policy file detected Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST 🟢 9 SAST tool detected but not run on all commits Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@inquirer/type	3.0.6	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 2 Found 2/10 approved changesets -- score normalized to 2 Security-Policy 🟢 10 security policy file detected Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST 🟢 9 SAST tool detected but not run on all commits Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@types/node	22.15.3	🟢 6.9	Details Check Score Reason Code-Review 🟢 8 Found 25/29 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 9 license file detected Security-Policy 🟢 10 security policy file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing ⚠️ 0 project is not fuzzed
npm/get-tsconfig	4.10.0	Unknown	Unknown
npm/resolve-pkg-maps	1.0.0	Unknown	Unknown
npm/ts-jest	29.3.2	🟢 7.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 10 all changesets reviewed Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy ⚠️ 0 security policy file not detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration SAST 🟢 9 SAST tool is not run on all commits -- score normalized to 9 Vulnerabilities 🟢 7 3 existing vulnerabilities detected
npm/tsc-alias	1.8.15	🟢 5.1	Details Check Score Reason Code-Review 🟢 3 Found 11/30 approved changesets -- score normalized to 3 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Maintained 🟢 10 13 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected
npm/type-fest	4.40.1	🟢 5.6	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review 🟢 6 Found 20/30 approved changesets -- score normalized to 6 Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/typescript	5.8.3	🟢 8.4	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Dependency-Update-Tool 🟢 10 update tool detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Security-Policy 🟢 10 security policy file detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. License 🟢 10 license file detected Branch-Protection 🟢 6 branch protection is not maximal on development and all release branches Binary-Artifacts 🟢 10 no binaries found in the repo Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies 🟢 6 dependency not pinned by hash detected -- score normalized to 6 SAST 🟢 9 SAST tool detected but not run on all commits Fuzzing 🟢 10 project is fuzzed CI-Tests 🟢 9 29 out of 30 merged PRs checked by a CI test -- score normalized to 9 Contributors 🟢 10 project has 36 contributing companies or organizations
npm/undici-types	6.21.0	🟢 8.1	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 9 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review 🟢 9 Found 18/19 approved changesets -- score normalized to 9 Dependency-Update-Tool 🟢 10 update tool detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 8 binaries present in source code Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST 🟢 9 SAST tool detected but not run on all commits License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Fuzzing 🟢 10 project is fuzzed Packaging 🟢 10 packaging workflow detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration CI-Tests 🟢 10 29 out of 29 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 83 contributing companies or organizations
npm/yaml	2.7.1	🟢 6.3	Details Check Score Reason Code-Review ⚠️ 0 Found 1/20 approved changesets -- score normalized to 0 Security-Policy 🟢 10 security policy file detected Maintained 🟢 10 14 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing 🟢 10 project is fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST 🟢 10 SAST tool is run on all commits Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/zod	3.24.3	🟢 4.1	Details Check Score Reason Code-Review 🟢 3 Found 10/30 approved changesets -- score normalized to 3 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 10 30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 Security-Policy ⚠️ 0 security policy file not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 0 30 existing vulnerabilities detected
npm/@inquirer/prompts	^7.5.0	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 2 Found 2/10 approved changesets -- score normalized to 2 Security-Policy 🟢 10 security policy file detected Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST 🟢 9 SAST tool detected but not run on all commits Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/@types/node	^22.15.3	🟢 6.9	Details Check Score Reason Code-Review 🟢 8 Found 25/29 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 9 license file detected Security-Policy 🟢 10 security policy file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing ⚠️ 0 project is not fuzzed
npm/ts-jest	^29.3.2	🟢 7.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 10 all changesets reviewed Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy ⚠️ 0 security policy file not detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration SAST 🟢 9 SAST tool is not run on all commits -- score normalized to 9 Vulnerabilities 🟢 7 3 existing vulnerabilities detected
npm/tsc-alias	^1.8.15	🟢 5.1	Details Check Score Reason Code-Review 🟢 3 Found 11/30 approved changesets -- score normalized to 3 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Maintained 🟢 10 13 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected
npm/typescript	^5.8.3	🟢 8.4	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Dependency-Update-Tool 🟢 10 update tool detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Security-Policy 🟢 10 security policy file detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. License 🟢 10 license file detected Branch-Protection 🟢 6 branch protection is not maximal on development and all release branches Binary-Artifacts 🟢 10 no binaries found in the repo Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies 🟢 6 dependency not pinned by hash detected -- score normalized to 6 SAST 🟢 9 SAST tool detected but not run on all commits Fuzzing 🟢 10 project is fuzzed CI-Tests 🟢 9 29 out of 30 merged PRs checked by a CI test -- score normalized to 9 Contributors 🟢 10 project has 36 contributing companies or organizations
npm/yaml	^2.7.1	🟢 6.3	Details Check Score Reason Code-Review ⚠️ 0 Found 1/20 approved changesets -- score normalized to 0 Security-Policy 🟢 10 security policy file detected Maintained 🟢 10 14 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing 🟢 10 project is fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST 🟢 10 SAST tool is run on all commits Vulnerabilities 🟢 9 1 existing vulnerabilities detected
npm/zod	^3.24.3	🟢 4.1	Details Check Score Reason Code-Review 🟢 3 Found 10/30 approved changesets -- score normalized to 3 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 10 30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 Security-Policy ⚠️ 0 security policy file not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 0 30 existing vulnerabilities detected

Scanned Files

• experimental/li-cli/package-lock.json
• experimental/li-cli/package.json

[netlify]

✅ Deploy Preview for endearing-brigadeiros-63f9d0 canceled.

Name	Link
🔨 Latest commit	1dcc04b
🔍 Latest deploy log	https://app.netlify.com/sites/endearing-brigadeiros-63f9d0/deploys/680f3278d280a40008bf1620

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 49.65%. Comparing base (3718943) to head (1dcc04b).
Report is 2 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #959   +/-   ##
=======================================
  Coverage   49.65%   49.65%           
=======================================
  Files          48       48           
  Lines        1718     1718           
  Branches      175      175           
=======================================
  Hits          853      853           
  Misses        841      841           
  Partials       24       24           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.