Upstream patch not merged

Spiko's assessment for RD-F-127 — scored not_applicable on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Not a fork - no upstream to track patches from. OZ is a library dependency tracked separately under F135.

GitHub
spiko-tech/contractsspiko-tech/contracts - original implementation no upstreamretrieved 2026-05-16

Determine whether the upstream fork source has published a known-vulnerability patch that has not been merged into this fork's deployed code.

rubric_version v1.7.0 protocol spiko factor RD-F-127 score not_applicable collected_at 2026-05-15 22:52:13