Prasad P. Pawar created ATLAS-5307:
--------------------------------------
Summary: Atlas UI: Update frontend npm dependencies in dashboard,
dashboardv2, and docs
Key: ATLAS-5307
URL: https://issues.apache.org/jira/browse/ATLAS-5307
Project: Atlas
Issue Type: Bug
Components: atlas-webui
Affects Versions: 3.0.0
Reporter: Prasad P. Pawar
Assignee: Prasad P. Pawar
Address high-priority automated dependency review findings for the React UI
({{{}dashboard/{}}}), classic UI ({{{}dashboardv2/{}}}), and documentation site
({{{}docs/{}}}). Bump direct and transitive npm packages to patched versions
and refresh lockfiles so builds stay reproducible.
h3. Scope
||Area||Manifests updated||
|React dashboard|{{{}dashboard/package.json{}}},
{{dashboard/package-lock.json}}|
|Lineage bundle
(dashboard)|{{{}dashboard/src/views/Lineage/atlas-lineage/package.json{}}},
{{package-lock.json}}|
|Classic UI|{{{}dashboardv2/package.json{}}}, {{dashboardv2/package-lock.json}}|
|Lineage bundle
(dashboardv2)|{{{}dashboardv2/public/js/external_lib/atlas-lineage/package.json{}}},
{{package-lock.json}}|
|Documentation site|{{{}docs/package.json{}}}, {{docs/package-lock.json}}|
|Build tooling|Root {{pom.xml}} — RAT excludes for generated webpack/docz
output only (no runtime dependency change)|
h3. Package updates (frontend)
dashboard
* {{vite}} 6.4.1 → 6.4.2 (dev server file access hardening)
* {{axios}} 1.13.5 → 1.15.2
* {{lodash}} / {{lodash-es}} overrides → 4.18.1
* {{flatted}} override → 3.4.2 (eslint transitive)
dashboard + dashboardv2 atlas-lineage
* {{@babel/core}} 7.29.0, {{@babel/preset-env}} 7.29.5
* Overrides: {{lodash}} 4.18.1, {{serialize-javascript}} 7.0.3,
{{@babel/plugin-transform-modules-systemjs}} 7.29.4
dashboardv2
* {{lodash}} override 4.17.23 → 4.18.1
docs
* {{axios}} 1.13.5 → 1.15.2
* Overrides: {{node-forge}} 1.4.0, {{lodash}} 4.18.1,
{{@babel/plugin-transform-modules-systemjs}} 7.29.4, {{serialize-javascript}}
7.0.3, {{fast-uri}} 3.1.2, {{picomatch}} 2.3.2
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
