H-3684: Upgrade to Yarn 4 · hashintel/hash@649934e

Triggered via pull request November 27, 2024 14:12

indietyp

synchronize #5742

Status Failure

Total duration 2m 51s

Artifacts –

dependency-review.yml

on: pull_request

2 errors and 10 warnings

Dependency review detected vulnerable packages.

$GITHUB_STEP_SUMMARY upload aborted, supports content up to a size of 1024k, got 1510k. For more information see: https://docs.github.com/actions/using-workflows/workflow-commands-for-github-actions#adding-a-markdown-summary

npm/@jridgewell/resolve-uri has an OpenSSF Scorecard of 2.7, which is less than this repository's threshold of 3.

npm/@jridgewell/source-map has an OpenSSF Scorecard of 2.9, which is less than this repository's threshold of 3.

npm/@repeaterjs/repeater has an OpenSSF Scorecard of 2.1, which is less than this repository's threshold of 3.

npm/@use-gesture/core has an OpenSSF Scorecard of 2.6, which is less than this repository's threshold of 3.

npm/@use-gesture/react has an OpenSSF Scorecard of 2.6, which is less than this repository's threshold of 3.

npm/@webassemblyjs/ast has an OpenSSF Scorecard of 2.8, which is less than this repository's threshold of 3.

npm/@webassemblyjs/floating-point-hex-parser has an OpenSSF Scorecard of 2.8, which is less than this repository's threshold of 3.

npm/@webassemblyjs/helper-api-error has an OpenSSF Scorecard of 2.8, which is less than this repository's threshold of 3.

npm/@webassemblyjs/helper-buffer has an OpenSSF Scorecard of 2.8, which is less than this repository's threshold of 3.

npm/@webassemblyjs/helper-numbers has an OpenSSF Scorecard of 2.8, which is less than this repository's threshold of 3.