chore(deps): lock file maintenance

[renovate]

This PR contains the following updates:

Update	Change
lockFileMaintenance	All locks refreshed

🔧 This Pull Request updates lock files to use the latest dependency versions.

---

Configuration

📅 Schedule: Branch creation - "before 4am on monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 1f08226

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[nx-cloud]

View your CI Pipeline Execution ↗ for commit 1f08226

Command	Status	Duration	Result
nx affected -t build typecheck lint test e2e-ci	❌ Failed	1m 16s	View ↗
nx-cloud record -- nx format:check	✅ Succeeded	1s	View ↗

---

☁️ Nx Cloud last updated this comment at 2025-10-20 15:53:47 UTC

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 56.19%. Comparing base (96c7d4a) to head (ca4b9c2).

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #410   +/-   ##
=======================================
  Coverage   56.19%   56.19%           
=======================================
  Files          32       32           
  Lines        2091     2091           
  Branches      353      353           
=======================================
  Hits         1175     1175           
  Misses        916      916           

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[github-actions]

Deployed 191d579 to https://ForgeRock.github.io/ping-javascript-sdk/pr-410/191d5791e861287b83998b8731ad56e5b62d2a5d branch gh-pages in ForgeRock/ping-javascript-sdk

[github-actions]

📦 Bundle Size Analysis

📦 Bundle Size Analysis

🆕 New Packages

🆕 @forgerock/davinci-client - 34.5 KB (new)
🆕 @forgerock/sdk-utilities - 4.0 KB (new)
🆕 @forgerock/device-client - 9.2 KB (new)
🆕 @forgerock/sdk-types - 5.9 KB (new)
🆕 @forgerock/protect - 150.1 KB (new)
🆕 @forgerock/sdk-oidc - 2.5 KB (new)
🆕 @forgerock/sdk-logger - 1.6 KB (new)
🆕 @forgerock/storage - 1.4 KB (new)
🆕 @forgerock/sdk-request-middleware - 4.4 KB (new)
🆕 @forgerock/iframe-manager - 2.4 KB (new)
🆕 @forgerock/oidc-client - 23.1 KB (new)

---

11 packages analyzed • Baseline from latest main build

Legend

🆕 New package
🔺 Size increased
🔻 Size decreased
➖ No change

ℹ️ How bundle sizes are calculated

• Current Size: Total gzipped size of all files in the package's dist directory
• Baseline: Comparison against the latest build from the main branch
• Files included: All build outputs except source maps and TypeScript build cache
• Exclusions: .map, .tsbuildinfo, and .d.ts.map files

---

_{🔄 Updated automatically on each push to this PR}

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[nx-cloud]

Nx Cloud has identified a possible root cause for your failed CI:

The pull request is a dependency lock file maintenance update (pnpm-lock.yaml) performed by Renovate bot. No application code, test code, or configuration files were modified.

The failing tests are end-to-end Playwright tests for PingOne Protect functionality that verify:

1. Risk data collection through the Protect SDK (riskSDK/deviceRisk fields)
2. Integration with the PingOne Risk service for evaluating authentication attempts
3. Display of blocking messages when the Risk service determines the login should be blocked

Both failing tests follow the same pattern:

• Navigate to a flow with a specific DaVinci configuration
• Fill in username and password
• Submit the form
• Expect to see a blocking message from PingOne Risk
• Verify that Protect data was included in the request

The tests are failing at the assertion that checks for the blocking message visibility. Since no code changes occurred in this PR, the failure indicates the external PingOne Risk service is not returning the expected blocking decision for the test credentials within the 5-second timeout.

This is characteristic of a flaky test that depends on external service behavior rather than a code issue. The Risk service may be experiencing intermittent issues, configuration changes, or the test environment's network conditions may be affecting the timing of the risk evaluation response.

No code fix is appropriate here. The recommended actions would be:

• Verify PingOne Risk service status and configuration
• Consider increasing test timeouts for external service dependencies
• Implement retry logic for tests that depend on external risk evaluation
• Review test data to ensure credentials are properly configured to trigger blocking in the Risk service

A code change would likely not resolve this issue, so no action was taken.

View in Nx Cloud ↗

_{🎓 To learn more about Self Healing CI, please visit nx.dev}