[jira] [Created] (YUNIKORN-3224) update webapp build dependencies for CVEs

Wilfred Spiegelenburg (Jira) Wed, 04 Feb 2026 19:45:06 -0800

Wilfred Spiegelenburg created YUNIKORN-3224:
-----------------------------------------------


             Summary: update webapp build dependencies for CVEs
                 Key: YUNIKORN-3224
                 URL: https://issues.apache.org/jira/browse/YUNIKORN-3224
             Project: Apache YuniKorn
          Issue Type: Task
          Components: security, webapp
            Reporter: Wilfred Spiegelenburg
            Assignee: Wilfred Spiegelenburg


Upgrade pnpm to 10.28.2 for medium CVE fixes

Build dependency fixes:
 * Fix the lodash CVE by upgrading (cannot be done by dependabot)
 * Upgrade angular-cli with updated dependencies for CVEs
 * upgrade hono and modelcontextprotocol/sdk

Total fixed per severity: 4 moderate & 8 high



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Created] (YUNIKORN-3224) update webapp build dependencies for CVEs

Reply via email to