Fix-merged-but-not-deployed gap

Jupiter Perpetual Exchange's assessment for RD-F-140 — scored not_assessed on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Cannot assess; no public source repository to inspect for unmerged fixes. Closed-source binary. No fix-merged-but-not-deployed signals found in public sources.

Sources #

GitHub
Jupiter GitHub organizationgithub.com/jup-ag: no perps source repo found among 185 public repositoriesretrieved 2026-05-16

Methodology #

Determine whether a known vulnerability has a PR merged in the repo but the fix has not been included in the deployed bytecode.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol jupiter-perps factor RD-F-140 score not_assessed collected_at 2026-05-16 01:53:11