Feat/init next

[w84april]

Next init

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
yearnfi	Error		Jun 12, 2026 5:49pm
yearnfi-nextjs-2	Ready	Preview, Comment	Jun 12, 2026 5:49pm

1 Skipped Deployment

Project	Deployment	Actions	Updated (UTC)
yearnfi-nextjs	Ignored	Preview	Jun 12, 2026 5:49pm

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
npm/vitest	1.6.1	Unknown	Unknown
npm/jsdom	29.1.1	🟢 7.2	Details Check Score Reason Code-Review 🟢 5 Found 17/30 approved changesets -- score normalized to 5 Maintained 🟢 10 30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging 🟢 10 packaging workflow detected Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 10 security policy file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/next	16.2.6	🟢 6	Details Check Score Reason Code-Review 🟢 9 Found 28/30 approved changesets -- score normalized to 9 Maintained 🟢 10 30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Packaging 🟢 10 packaging workflow detected Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 10 security policy file detected Branch-Protection 🟢 4 branch protection is not maximal on development and all release branches Binary-Artifacts ⚠️ 0 binaries present in source code Fuzzing 🟢 10 project is fuzzed Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0

Scanned Files

• .github/workflows/codeql.yml
• package.json

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	vitest@​4.1.8 ⏵ 1.6.1		-75
	next@​16.2.6
	jsdom@​29.1.1

View full report

[github-advanced-security]

You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool.

What Enabling Code Scanning Means:

• The 'Security' tab will display more code scanning analysis results (e.g., for the default branch).
• Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results.
• You will be able to see the analysis results for the pull request's branch on this overview once the scans have completed and the checks have passed.

For more information about GitHub Code Scanning, check out the documentation.