[
https://issues.apache.org/jira/browse/YUNIKORN-2885?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17885893#comment-17885893
]
JunHong Peng commented on YUNIKORN-2885:
----------------------------------------
[It seems to be addressed by adding the packageManager attribute in
package.json.|https://github.com/dependabot/dependabot-core/issues/9522#issuecomment-2172739585]
Our project is not configured correctly; it should specify the pnpm version
more explicitly.
I have tried it on my forked project, and it works now.
[(sample)|https://github.com/SP12893678/yunikorn-web/pull/3]
Could we give it a try?
> Fix security vulnerabilities in dependencies
> --------------------------------------------
>
> Key: YUNIKORN-2885
> URL: https://issues.apache.org/jira/browse/YUNIKORN-2885
> Project: Apache YuniKorn
> Issue Type: Improvement
> Components: webapp
> Reporter: JunHong Peng
> Assignee: JunHong Peng
> Priority: Major
> Labels: pull-request-available
>
> {{pnpm audit}} report:
> [audit-report.md|https://github.com/user-attachments/files/17089735/audit-report.md]
> 26 vulnerabilities found
> Severity: 12 moderate | 14 high
> After Upgrade Angular v18 (#YUNIKORN-2861) Audit Report:
> [audit-report.md|https://github.com/user-attachments/files/17164041/audit-report.md]
> 8 vulnerabilities found
> Severity: 3 moderate | 5 high
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
