[
https://issues.apache.org/jira/browse/YUNIKORN-2885?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17886853#comment-17886853
]
Hsien-Cheng(Ryan) Huang commented on YUNIKORN-2885:
---------------------------------------------------
Maybe we should use a dependabot alternative that supports pnpm v9?
> Fix security vulnerabilities in dependencies
> --------------------------------------------
>
> Key: YUNIKORN-2885
> URL: https://issues.apache.org/jira/browse/YUNIKORN-2885
> Project: Apache YuniKorn
> Issue Type: Improvement
> Components: webapp
> Reporter: JunHong Peng
> Assignee: JunHong Peng
> Priority: Major
> Labels: pull-request-available
>
> {{pnpm audit}} report:
> [audit-report.md|https://github.com/user-attachments/files/17089735/audit-report.md]
> 26 vulnerabilities found
> Severity: 12 moderate | 14 high
> After Upgrade Angular v18 (#YUNIKORN-2861) Audit Report:
> [audit-report.md|https://github.com/user-attachments/files/17164041/audit-report.md]
> 8 vulnerabilities found
> Severity: 3 moderate | 5 high
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
