❗️Scan Warnings: The scan completed with warnings. The integration encountered issues with one or more projects in this repository. Consequently, there may be gaps in the coverage of open-source dependencies used in the repository.

Scan Details Report

npm

https://amplearning.jfrog.io/artifactory/api/npm/amplify-npm

Step	Level	Description	Details
Setting the scanner configuration	⚠Warn	Failure to set private registries, due to an issue with the configuration provided by the user	no "registry" field corresponding to this url was found in the .npmrc files

1 new vulnerabilities were introduced in this branch.

❌ New vulnerabilities:

CVE	Severity	CVSS Score	Vulnerable Library	Suggested Fix	Issue	Reachability
CVE-2025-2306 Path to dependency file: /package.json Path to vulnerable library: /node_modules/mongoose/package.json Dependency Hierarchy: -> ❌ mongoose-8.5.2.tgz (Vulnerable Library)	Critical	9.4	mongoose-8.5.2.tgz	Upgrade to version: mongoose -6.13.6,7.8.4,8.9.5	#402

Base branch total remaining vulnerabilities: 15
Base branch commit: d78fa6c704e955e6c8c8cfced0439e66cf72809e


Total libraries scanned: 643

Scan token: d792e786cb9b4e3e86e630ab950c6b56