

┌───────────────────────────────────┐
│ 3 Reachable Supply Chain Findings │
└───────────────────────────────────┘

    targets/dependency_aware/monorepo/webapp1/app.js with lockfile targets/dependency_aware/monorepo/webapp1/yarn.lock
    ❯❱ bad-lib - MAL-FOO-BAR
          Severity: HIGH


            1┆ bad()

    ❯❱ bad-lib - CVE-FOO-BAR
          Severity: HIGH
          oh no

           ▶▶┆ Fixed for bad-lib at versions: 0.0.9, 1.0.1
            1┆ bad()

    targets/dependency_aware/monorepo/webapp2/yarn.lock
    ❯❱ bad-lib - MAL-FOO-BAR
          Severity: HIGH


            5┆ bad-lib@0.0.7:


┌────────────────────────────────────┐
│ 1 Unreachable Supply Chain Finding │
└────────────────────────────────────┘

    targets/dependency_aware/monorepo/webapp2/yarn.lock
    ❯❱ bad-lib - CVE-FOO-BAR
          Severity: HIGH
          oh no

           ▶▶┆ Fixed for bad-lib at versions: 0.0.9, 1.0.1
            5┆ bad-lib@0.0.7:


┌─────────────────┐
│ 2 Code Findings │
└─────────────────┘

    targets/dependency_aware/monorepo/build.js
    ❯❱ rules.dependency_aware.js-other
          this is always bad

            1┆ bad()

    targets/dependency_aware/monorepo/webapp1/app.js
    ❯❱ rules.dependency_aware.js-other
          this is always bad

            1┆ bad()

