feat(ci): Integrate CodeQL, Dependabot, Scorecard, and Dependency Reviews #5
JuanAgudeloRSLdependencies-review.yml
on: pull_request
dependency-review
1m 58s
Annotations
2 errors and 11 warnings
|
dependency-review
Dependency review detected vulnerable packages.
|
|
dependency-review
$GITHUB_STEP_SUMMARY upload aborted, supports content up to a size of 1024k, got 1322k. For more information see: https://docs.github.com/actions/using-workflows/workflow-commands-for-github-actions#adding-a-markdown-summary
|
|
dependency-review
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
|
OpenSSF Scorecard Warning
npm/elliptic has an OpenSSF Scorecard of 1.8, which is less than this repository's threshold of 3.
|
|
OpenSSF Scorecard Warning
npm/@ampproject/remapping has an OpenSSF Scorecard of 2.8, which is less than this repository's threshold of 3.
|
|
OpenSSF Scorecard Warning
npm/@esbuild-plugins/node-globals-polyfill has an OpenSSF Scorecard of 2.3, which is less than this repository's threshold of 3.
|
|
OpenSSF Scorecard Warning
npm/@jridgewell/resolve-uri has an OpenSSF Scorecard of 2.7, which is less than this repository's threshold of 3.
|
|
OpenSSF Scorecard Warning
npm/@jridgewell/set-array has an OpenSSF Scorecard of 2.7, which is less than this repository's threshold of 3.
|
|
OpenSSF Scorecard Warning
npm/@wry/context has an OpenSSF Scorecard of 2.7, which is less than this repository's threshold of 3.
|
|
OpenSSF Scorecard Warning
npm/@wry/equality has an OpenSSF Scorecard of 2.7, which is less than this repository's threshold of 3.
|
|
OpenSSF Scorecard Warning
npm/@wry/equality has an OpenSSF Scorecard of 2.7, which is less than this repository's threshold of 3.
|
|
OpenSSF Scorecard Warning
npm/@wry/trie has an OpenSSF Scorecard of 2.7, which is less than this repository's threshold of 3.
|
|
OpenSSF Scorecard Warning
npm/aria-hidden has an OpenSSF Scorecard of 1.7, which is less than this repository's threshold of 3.
|