Update to Flow Emulator v1.12.0

[jribbink]

For contributor use:

• Targeted PR against master branch
• Linked to Github issue with discussion and accepted design OR link to spec that describes this work
• Code follows the standards mentioned here
• Updated relevant documentation
• Re-reviewed Files changed in the Github PR explorer
• Added appropriate labels

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 5 package(s) with unknown licenses.

See the Details below.

License Issues

go.mod

Package	Version	License	Issue Type
golang.org/x/exp	0.0.0-20250620022241-b7579e27df2b	Null	Unknown License
modernc.org/libc	1.66.10	Null	Unknown License
modernc.org/mathutil	1.7.1	Null	Unknown License
modernc.org/memory	1.11.0	Null	Unknown License
modernc.org/sqlite	1.40.0	Null	Unknown License

OpenSSF Scorecard

Package	Version	Score	Details
gomod/github.com/ncruces/go-strftime	0.1.9	🟢 4.2	Details Check Score Reason Binary-Artifacts 🟢 10 no binaries found in the repo Code-Review ⚠️ 0 Found 0/24 approved changesets -- score normalized to 0 Maintained ⚠️ 1 1 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 1 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected SAST ⚠️ 0 no SAST tool detected Packaging ⚠️ -1 packaging workflow not detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Security-Policy ⚠️ 0 security policy file not detected Fuzzing 🟢 10 project is fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Vulnerabilities 🟢 10 0 existing vulnerabilities detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches
gomod/github.com/onflow/flow-emulator	1.12.0	🟢 6.7	Details Check Score Reason Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Vulnerabilities 🟢 9 1 existing vulnerabilities detected Packaging 🟢 10 packaging workflow detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
gomod/golang.org/x/exp	0.0.0-20250620022241-b7579e27df2b	Unknown	Unknown
gomod/modernc.org/libc	1.66.10	Unknown	Unknown
gomod/modernc.org/mathutil	1.7.1	Unknown	Unknown
gomod/modernc.org/memory	1.11.0	Unknown	Unknown
gomod/modernc.org/sqlite	1.40.0	Unknown	Unknown

Scanned Files

• go.mod

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!