Skip to content

Release: develop -> main#3609

Merged
TaprootFreak merged 1 commit intomainfrom
develop
Apr 23, 2026
Merged

Release: develop -> main#3609
TaprootFreak merged 1 commit intomainfrom
develop

Conversation

@github-actions
Copy link
Copy Markdown

@github-actions github-actions Bot commented Apr 23, 2026

Automatic Release PR

This PR was automatically created after changes were pushed to develop.

Commits: 1 new commit(s)

Checklist

  • Review all changes
  • Verify CI passes
  • Approve and merge when ready for production

@TaprootFreak
fix: change CI security audit from high to critical level (#3603)
86c6f37 
The npm audit step with --audit-level=high has been permanently red
due to 179 vulnerabilities in transitive dependencies (mainly crypto
libraries like @OpenZeppelin, @ethersproject, ws). Since it ran with
continue-on-error: true, it never blocked PRs but produced a misleading
error annotation on every build.

Change to --audit-level=critical (currently 0 critical vulnerabilities)
and remove continue-on-error so it actually blocks on real critical CVEs.
@TaprootFreak TaprootFreak merged commit df72873 into main Apr 23, 2026
11 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@TaprootFreak TaprootFreak TaprootFreak approved these changes

@davidleomay davidleomay Awaiting requested review from davidleomay davidleomay is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@TaprootFreak