Bump url-parse from 1.4.7 to 1.5.10 in /frontend · githubabcs-devops/ghas-bootcamp@f7a0c7d

Triggered via pull request April 22, 2025 00:38

opened #34

Status Failure

Total duration 50s

Artifacts –

dependency-review.yml Required

on: pull_request

1 error and 10 warnings

Dependency review detected vulnerable packages.

npm/elliptic has an OpenSSF Scorecard of 1.4, which is less than this repository's threshold of 3.

npm/ssri has an OpenSSF Scorecard of 1.7, which is less than this repository's threshold of 3.

npm/@webassemblyjs/ast has an OpenSSF Scorecard of 1.5, which is less than this repository's threshold of 3.

npm/@webassemblyjs/floating-point-hex-parser has an OpenSSF Scorecard of 1.5, which is less than this repository's threshold of 3.

npm/@webassemblyjs/helper-api-error has an OpenSSF Scorecard of 1.5, which is less than this repository's threshold of 3.

npm/@webassemblyjs/helper-buffer has an OpenSSF Scorecard of 1.5, which is less than this repository's threshold of 3.

npm/@webassemblyjs/helper-code-frame has an OpenSSF Scorecard of 1.5, which is less than this repository's threshold of 3.

npm/@webassemblyjs/helper-fsm has an OpenSSF Scorecard of 1.5, which is less than this repository's threshold of 3.

npm/@webassemblyjs/helper-module-context has an OpenSSF Scorecard of 1.5, which is less than this repository's threshold of 3.

npm/@webassemblyjs/helper-wasm-bytecode has an OpenSSF Scorecard of 1.5, which is less than this repository's threshold of 3.