Bump @chainlink/contracts to v1.5.0 + Add remapping support · smartcontractkit/hardhat-starter-kit@452f9e9

Triggered via pull request October 1, 2025 22:43

Nalon

opened #199

Status Failure

Total duration 51s

Artifacts –

dependency-review-vulnerability.yml Required

on: pull_request

1 error and 10 warnings

Dependency review detected vulnerable packages.

npm/graceful-fs has an OpenSSF Scorecard of 2.5, which is less than this repository's threshold of 3.

npm/get-caller-file has an OpenSSF Scorecard of 2.4, which is less than this repository's threshold of 3.

npm/fs.realpath has an OpenSSF Scorecard of 2.5, which is less than this repository's threshold of 3.

npm/ethjs-util has an OpenSSF Scorecard of 1.9, which is less than this repository's threshold of 3.

npm/command-exists has an OpenSSF Scorecard of 1.9, which is less than this repository's threshold of 3.

npm/brorand has an OpenSSF Scorecard of 2.6, which is less than this repository's threshold of 3.

npm/agent-base has an OpenSSF Scorecard of 2.7, which is less than this repository's threshold of 3.

npm/@jridgewell/trace-mapping has an OpenSSF Scorecard of 2.8, which is less than this repository's threshold of 3.

npm/@jridgewell/resolve-uri has an OpenSSF Scorecard of 2.6, which is less than this repository's threshold of 3.

npm/elliptic has an OpenSSF Scorecard of 1.4, which is less than this repository's threshold of 3.