ref:main

deps passed

Command: set -e git config --global --add safe.directory /workspace export MIX_HOME=/workspace/.mix mix local.hex --force && mix local.rebar --force mix deps.get
Runner: carl online linux/arm64
Started: Jul 01, 2026 at 19:31 UTC Completed: Jul 01, 2026 at 19:31 UTC Duration: 10s
Exit code: 0

Build Output

Using cached prepared image: anvil-prepared:cfa6aaa93a51
* creating .mix/archives/hex-2.5.0
* creating .mix/elixir/1-20-otp-29/rebar3
Resolving Hex dependencies...
Resolution completed in 0.149s
Unchanged:
bandit 1.11.1
bunt 1.0.0
credo 1.7.18
dialyxir 1.4.7
earmark_parser 1.4.44
erlex 0.2.9
ex_aws 2.6.1
ex_aws_s3 2.5.9
ex_doc 0.40.3
file_system 1.1.1
finch 0.22.0
hpax 1.0.3
jason 1.4.5
makeup 1.2.1
makeup_elixir 1.0.1
makeup_erlang 1.1.0
mime 2.0.7
mint 1.9.0
nimble_options 1.1.1
nimble_parsec 1.4.2
nimble_pool 1.1.0
plug 1.19.2 VULNERABLE!
EEF-CVE-2026-54892 (HIGH)
aka: CVE-2026-54892, GHSA-j43x-5hjq-rgxf
Plug: quadratic-time decoding of nested query/body parameters enables denial of service
https://osv.dev/vulnerability/EEF-CVE-2026-54892
plug_crypto 2.1.1
req 0.5.18 VULNERABLE!
EEF-CVE-2026-49756 (LOW)
aka: CVE-2026-49756, GHSA-px9f-whj3-246m
Multipart form-data header injection in Req via unescaped name/filename/content_type
https://osv.dev/vulnerability/EEF-CVE-2026-49756
EEF-CVE-2026-49755 (HIGH)
aka: CVE-2026-49755, GHSA-655f-mp8p-96gv
Decompression bomb DoS in Req via auto-decoded archive and compressed response bodies
https://osv.dev/vulnerability/EEF-CVE-2026-49755
stream_data 1.3.0
sweet_xml 0.7.5
telemetry 1.4.2
thousand_island 1.5.0
websock 0.5.3
Found packages with security advisories, see above for details
All dependencies have been fetched