[
https://issues.apache.org/jira/browse/YUNIKORN-3224?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Manikandan R resolved YUNIKORN-3224.
------------------------------------
Fix Version/s: 1.9.0
Resolution: Fixed
> update webapp build dependencies for CVEs
> -----------------------------------------
>
> Key: YUNIKORN-3224
> URL: https://issues.apache.org/jira/browse/YUNIKORN-3224
> Project: Apache YuniKorn
> Issue Type: Task
> Components: security, webapp
> Reporter: Wilfred Spiegelenburg
> Assignee: Wilfred Spiegelenburg
> Priority: Major
> Labels: pull-request-available
> Fix For: 1.9.0
>
>
> Upgrade pnpm to 10.28.2 for medium CVE fixes
> Build dependency fixes:
> * Fix the lodash CVE by upgrading (cannot be done by dependabot)
> * Upgrade angular-cli with updated dependencies for CVEs
> * upgrade hono and modelcontextprotocol/sdk
> Total fixed per severity: 4 moderate & 8 high
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
