Feat/add socket scan

[arbarg2]

No description provided.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
pmtest	Ready	Preview, Comment	May 23, 2026 2:15pm

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	@​scarf/​scarf@​1.4.0

View full report

[vercel]

Deployment failed with the following error:

The provided GitHub repository does not contain the requested branch or commit reference. Please ensure the repository is not empty.

[github-actions]

Socket Security: Dependency Overview

Review the following changes in direct dependencies. Learn more about socket.dev

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	xlsx@0.18.5
	tailwindcss-animate@1.0.7
	cmdk@1.0.0
	next-themes@0.3.0
	date-fns@3.6.0
	input-otp@1.2.4
	react-day-picker@8.10.1
	clsx@2.1.1
	react-dom@18.3.1
	react@18.3.1
	zod@3.23.8
	sonner@1.5.0
	@radix-ui/react-slot@1.1.0
	@radix-ui/react-separator@1.1.0
	@radix-ui/react-toggle@1.1.0
	@radix-ui/react-toggle-group@1.1.0
	@radix-ui/react-progress@1.1.0
	@radix-ui/react-label@2.1.0
	eslint-plugin-react-hooks@5.1.0-rc-fb9a90fa48-20240614
	@radix-ui/react-aspect-ratio@1.1.0
	@hookform/resolvers@3.9.0
	autoprefixer@10.4.20
	embla-carousel-react@8.3.0
	postcss@8.4.47
	vaul@0.9.9
	@vitejs/plugin-react-swc@3.7.1
	@radix-ui/react-dialog@1.1.2
	@radix-ui/react-menubar@1.1.2
	@radix-ui/react-switch@1.1.1
	@radix-ui/react-tabs@1.1.1
	@radix-ui/react-toast@1.2.2
	@radix-ui/react-scroll-area@1.2.0
	@radix-ui/react-accordion@1.2.1
	@radix-ui/react-collapsible@1.1.1
	@radix-ui/react-dropdown-menu@2.1.2
	@radix-ui/react-popover@1.1.2
	@radix-ui/react-slider@1.2.1
	@radix-ui/react-checkbox@1.1.2
	@radix-ui/react-select@2.1.2
	@radix-ui/react-alert-dialog@1.1.2
	@radix-ui/react-avatar@1.1.1
	@radix-ui/react-context-menu@2.2.2
	@radix-ui/react-hover-card@1.1.2
	@radix-ui/react-navigation-menu@1.2.1
	@radix-ui/react-radio-group@1.2.1
	typescript@5.6.3
	globals@15.11.0
	recharts@2.13.0
	react-router-dom@6.27.0
	tailwind-merge@2.5.4
	@eslint/js@9.13.0
	eslint@9.13.0
	react-hook-form@7.53.1
	typescript-eslint@8.11.0
	vite@5.4.10
	@types/node@22.7.9
	@types/react@18.3.12
	@tanstack/react-query@5.59.16
	react-resizable-panels@2.1.5
	eslint-plugin-react-refresh@0.4.14
	@scarf/scarf@1.4.0
	@radix-ui/react-tooltip@1.1.4
	class-variance-authority@0.7.1
	lucide-react@0.462.0
	tailwindcss@3.4.17
	@tailwindcss/typography@0.5.16
	remark-gfm@4.0.1
	lovable-tagger@1.1.7
	react-markdown@10.1.0
	jspdf@3.0.1
	@types/papaparse@5.3.16
	papaparse@5.5.3
	@supabase/supabase-js@2.50.5

[github-actions]

❗️ Caution
Review the following alerts detected in dependencies.

According to your organization's policies, you must resolve all "Block" alerts before proceeding. It's recommended to resolve "Warn" alerts too.
Learn more about Socket for GitHub.

Action	Severity	Alert (click for details)
Warn		codepage@1.15.0 - Obfuscated code Note: Obfuscated files are intentionally packed to hide their behavior. This could be a sign of malware Source: Manifest File ℹ️ Read more on: This package | This alert | What is known malware? Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code Mark as acceptable risk: To ignore this alert only in this pull request, reply with: @SocketSecurity ignore codepage@1.15.0 Or ignore all future alerts with: @SocketSecurity ignore-all
Warn		date-fns@3.6.0 - Obfuscated code Note: Obfuscated files are intentionally packed to hide their behavior. This could be a sign of malware Source: Manifest File ℹ️ Read more on: This package | This alert | What is known malware? Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code Mark as acceptable risk: To ignore this alert only in this pull request, reply with: @SocketSecurity ignore date-fns@3.6.0 Or ignore all future alerts with: @SocketSecurity ignore-all
Warn		recharts@2.13.0 - Obfuscated code Note: Obfuscated files are intentionally packed to hide their behavior. This could be a sign of malware Source: Manifest File ℹ️ Read more on: This package | This alert | What is known malware? Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code Mark as acceptable risk: To ignore this alert only in this pull request, reply with: @SocketSecurity ignore recharts@2.13.0 Or ignore all future alerts with: @SocketSecurity ignore-all
Warn		caniuse-lite@1.0.30001669 - Obfuscated code Note: Obfuscated files are intentionally packed to hide their behavior. This could be a sign of malware Source: Manifest File ℹ️ Read more on: This package | This alert | What is known malware? Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code Mark as acceptable risk: To ignore this alert only in this pull request, reply with: @SocketSecurity ignore caniuse-lite@1.0.30001669 Or ignore all future alerts with: @SocketSecurity ignore-all
Warn		jspdf@3.0.1 - Critical CVE Note: Contains a Critical Common Vulnerability and Exposure (CVE). Source: Manifest File ℹ️ Read more on: This package | This alert | What is known malware? Suggestion: Remove or replace dependencies that include known critical CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark as acceptable risk: To ignore this alert only in this pull request, reply with: @SocketSecurity ignore jspdf@3.0.1 Or ignore all future alerts with: @SocketSecurity ignore-all

View full report