[jira] [Resolved] (YUNIKORN-3223) update pnpm for CVE in site build

Manikandan R (Jira) Wed, 04 Feb 2026 23:02:00 -0800


     [ 
https://issues.apache.org/jira/browse/YUNIKORN-3223?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Manikandan R resolved YUNIKORN-3223.
------------------------------------
    Fix Version/s: 1.9.0
       Resolution: Fixed

> update pnpm for CVE in site build
> ---------------------------------
>
>                 Key: YUNIKORN-3223
>                 URL: https://issues.apache.org/jira/browse/YUNIKORN-3223
>             Project: Apache YuniKorn
>          Issue Type: Task
>          Components: security, website
>            Reporter: Wilfred Spiegelenburg
>            Assignee: Wilfred Spiegelenburg
>            Priority: Major
>              Labels: pull-request-available
>             Fix For: 1.9.0
>
>
> Upgrade pnpm to 10.28.2 for medium CVE fixes (dependabot opened a PR for that)
> On top of that fix the lodash CVE by upgrading (cannot be done by dependabot)
> Fix an annoying build message around the browserlist being out of date by 
> upgrading the dependency that suppresses the message



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Resolved] (YUNIKORN-3223) update pnpm for CVE in site build

Reply via email to