[ https://issues.apache.org/jira/browse/YUNIKORN-2496?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Wilfred Spiegelenburg resolved YUNIKORN-2496. --------------------------------------------- Fix Version/s: 1.6.0 Resolution: Fixed Change committed all dependabot alerts closed > Fix security issues in website javascript > ----------------------------------------- > > Key: YUNIKORN-2496 > URL: https://issues.apache.org/jira/browse/YUNIKORN-2496 > Project: Apache YuniKorn > Issue Type: Task > Components: website > Reporter: Wilfred Spiegelenburg > Assignee: Wilfred Spiegelenburg > Priority: Major > Labels: pull-request-available > Fix For: 1.6.0 > > > The change to pnmp triggered a large number of security alerts from > dependabot. > 7 could be fixed directly by the 4 PRs opened by dependabot. 6 need manual > intervention. > The change also included an upgrade of the Algolia search component to 3.x. > That change prevent running {{{}pnpm audit{}}}. > Docusaurus 3.x also contains a large number of backward incompatible changes > and an upgrade is planned separately. Using the Algolia 3.x dependency > already pushes some of these changes and should be reverted to Algolia 2.x > same as the rest of Docusaurus environment. -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@yunikorn.apache.org For additional commands, e-mail: dev-h...@yunikorn.apache.org