[
https://issues.apache.org/jira/browse/YUNIKORN-3227?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
ASF GitHub Bot updated YUNIKORN-3227:
-------------------------------------
Labels: pull-request-available (was: )
> modelcontextprotocol/sdk high CVE
> ---------------------------------
>
> Key: YUNIKORN-3227
> URL: https://issues.apache.org/jira/browse/YUNIKORN-3227
> Project: Apache YuniKorn
> Issue Type: Task
> Components: security, webapp
> Reporter: Wilfred Spiegelenburg
> Assignee: Wilfred Spiegelenburg
> Priority: Minor
> Labels: pull-request-available
>
> In YUNIKORN-3224 dependencies were updated. The hono and angular-cli updates
> seem to have clashed with the modelcontextprotocol/sdk as it had not moved to
> the correct version.
> A re-run of pnpm audit shows the incorrect dependency.
> The angular-cli dependency which introduces the modelcontextprotocol/sdk into
> the system is a dev only dependency setting priority based on that (no
> production impact)
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
