[
https://issues.apache.org/jira/browse/YUNIKORN-2496?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Wilfred Spiegelenburg resolved YUNIKORN-2496.
---------------------------------------------
Fix Version/s: 1.6.0
Resolution: Fixed
Change committed all dependabot alerts closed
> Fix security issues in website javascript
> -----------------------------------------
>
> Key: YUNIKORN-2496
> URL: https://issues.apache.org/jira/browse/YUNIKORN-2496
> Project: Apache YuniKorn
> Issue Type: Task
> Components: website
> Reporter: Wilfred Spiegelenburg
> Assignee: Wilfred Spiegelenburg
> Priority: Major
> Labels: pull-request-available
> Fix For: 1.6.0
>
>
> The change to pnmp triggered a large number of security alerts from
> dependabot.
> 7 could be fixed directly by the 4 PRs opened by dependabot. 6 need manual
> intervention.
> The change also included an upgrade of the Algolia search component to 3.x.
> That change prevent running {{{}pnpm audit{}}}.
> Docusaurus 3.x also contains a large number of backward incompatible changes
> and an upgrade is planned separately. Using the Algolia 3.x dependency
> already pushes some of these changes and should be reverted to Algolia 2.x
> same as the rest of Docusaurus environment.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@yunikorn.apache.org
For additional commands, e-mail: dev-h...@yunikorn.apache.org
