Improvement/arsn 423 bump dependencies · scality/Arsenal@06f6b85

Triggered via pull request November 19, 2024 18:51

synchronize #2266

Status Failure

Total duration 1m 29s

Artifacts –

dependency-review.yaml

on: pull_request

1 error and 10 warnings

Dependency review detected vulnerable packages.

npm/temp has an OpenSSF Scorecard of 2.3, which is less than this repository's threshold of 3.

npm/@ampproject/remapping has an OpenSSF Scorecard of 2.8, which is less than this repository's threshold of 3.

npm/@babel/preset-modules has an OpenSSF Scorecard of 2.9, which is less than this repository's threshold of 3.

npm/@jridgewell/resolve-uri has an OpenSSF Scorecard of 2.8, which is less than this repository's threshold of 3.

npm/@jridgewell/set-array has an OpenSSF Scorecard of 2.8, which is less than this repository's threshold of 3.

npm/deepmerge has an OpenSSF Scorecard of 2.4, which is less than this repository's threshold of 3.

npm/graceful-fs has an OpenSSF Scorecard of 2.9, which is less than this repository's threshold of 3.

npm/jest-pnp-resolver has an OpenSSF Scorecard of 2.9, which is less than this repository's threshold of 3.

npm/sax has an OpenSSF Scorecard of 2.7, which is less than this repository's threshold of 3.

npm/signal-exit has an OpenSSF Scorecard of 2.9, which is less than this repository's threshold of 3.