[jira] [Comment Edited] (YUNIKORN-2885) Fix security vulnerabilities in dependencies

JunHong Peng (Jira) Mon, 30 Sep 2024 06:16:51 -0700


    [ 
https://issues.apache.org/jira/browse/YUNIKORN-2885?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17885893#comment-17885893
 ]


JunHong Peng edited comment on YUNIKORN-2885 at 9/30/24 1:15 PM:
-----------------------------------------------------------------

[It seems to be addressed by adding the packageManager attribute in 
package.json.|https://github.com/dependabot/dependabot-core/issues/9522#issuecomment-2172739585]

Our project is not configured correctly; it should specify the pnpm version 
more explicitly. 

 

I have tried it on my forked project, and it works now. 
[(sample)|https://github.com/SP12893678/yunikorn-web/pull/3]

Could we give it a try? [~wilfreds] 


was (Author: junhong):
[It seems to be addressed by adding the packageManager attribute in 
package.json.|https://github.com/dependabot/dependabot-core/issues/9522#issuecomment-2172739585]

Our project is not configured correctly; it should specify the pnpm version 
more explicitly. 

 

I have tried it on my forked project, and it works now. 
[(sample)|https://github.com/SP12893678/yunikorn-web/pull/3]

Could we give it a try?

> Fix security vulnerabilities in dependencies
> --------------------------------------------
>
>                 Key: YUNIKORN-2885
>                 URL: https://issues.apache.org/jira/browse/YUNIKORN-2885
>             Project: Apache YuniKorn
>          Issue Type: Improvement
>          Components: webapp
>            Reporter: JunHong Peng
>            Assignee: JunHong Peng
>            Priority: Major
>              Labels: pull-request-available
>
> {{pnpm audit}} report: 
> [audit-report.md|https://github.com/user-attachments/files/17089735/audit-report.md]
> 26 vulnerabilities found
> Severity: 12 moderate | 14 high
> After Upgrade Angular v18 (#YUNIKORN-2861) Audit Report: 
> [audit-report.md|https://github.com/user-attachments/files/17164041/audit-report.md]
> 8 vulnerabilities found
> Severity: 3 moderate | 5 high



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Comment Edited] (YUNIKORN-2885) Fix security vulnerabilities in dependencies

Reply via email to