Dependency tree uses EOL Solidity version

Stargate Finance's assessment for RD-F-174 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Neither 0.8.22 nor 0.8.17 is EOL. Both are in the maintained 0.8.x release series. The latest stable Solidity is 0.8.28+ (as of Apr 2026). Using 0.8.22 means missing ~6 patch releases worth of bug fixes (including the VerbatimInvalidDeduplication fix in 0.8.23), but neither version is End-of-Life. Not a critical concern for Solidity-source compilation.

Sources #

Curator note
Extracted from 01-code-security.md — RD-F-174 finding; no URL cited in originalretrieved 2026-04-28

Methodology #

Determine whether the deployed code or its dependencies use an EOL or unsupported Solidity version without a forward-compatibility patch.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol stargate factor RD-F-174 score green collected_at 2026-04-28 01:38:41