Skip to content

[Snyk] Security upgrade swagger-ui-react from 4.10.3 to 5.17.12#10

Open
VaniHaripriya wants to merge 129 commits into
mainfrom
snyk-fix-bdbb7d6d914a1e371252a4053d55e158
Open

[Snyk] Security upgrade swagger-ui-react from 4.10.3 to 5.17.12#10
VaniHaripriya wants to merge 129 commits into
mainfrom
snyk-fix-bdbb7d6d914a1e371252a4053d55e158

Conversation

@VaniHaripriya
Copy link
Copy Markdown
Owner

@VaniHaripriya VaniHaripriya commented Sep 17, 2024

snyk-top-banner

Snyk has created this PR to fix 1 vulnerabilities in the yarn dependencies of this project.

Snyk changed the following file(s):

  • ui/package.json
  • ui/yarn.lock

Note for zero-installs users

If you are using the Yarn feature zero-installs that was introduced in Yarn V2, note that this PR does not update the .yarn/cache/ directory meaning this code cannot be pulled and immediately developed on as one would expect for a zero-install project - you will need to run yarn to update the contents of the ./yarn/cache directory.
If you are not using zero-install you can ignore this as your flow should likely be unchanged.

Vulnerabilities that will be fixed with an upgrade:

Issue Score
high severity Prototype Pollution
SNYK-JS-DOMPURIFY-7984421		   701  

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution

sarabala1979 and others added 30 commits March 3, 2022 21:21
@sarabala1979
fix: e2e
5d8651d 
Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@sarabala1979
fix: lint
e2c53e6 
Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@sarabala1979
fix: test
4decbea 
Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@sarabala1979
Merge remote-tracking branch 'upstream/master' into release-3.3
15afec4 
Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@sarabala1979
chore: Refactor the leader election (argoproj#8130)
c6f1e4a 
* chore: Refactor the leader election

Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>

* fix: codegen

Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@sarabala1979
fix: pod deleted due to delayed cleanup. Fixes argoproj#8022 (argopro…
0cec273 
…j#8061)

Signed-off-by: Vignesh Rajasekaran <vignesh@rvignesh.io>
@sarabala1979
fix: Fix the TestStopBehavior flackiness (argoproj#8096)
049d3d1 
Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@alexec @sarabala1979
fix: Remove need for get pods from Emissary (argoproj#8133)
dfca6f1 
Signed-off-by: Alex Collins <alex_collins@intuit.com>
@blkperl @sarabala1979
fix: Limit workflows to 128KB and return a friendly error message (ar…
26471c8 
…goproj#8169)

Signed-off-by: William Van Hevelingen <william.vanhevelingen@acquia.com>
@Mins @sarabala1979
fix: add /etc/mime.types mapping table (argoproj#8171)
2b87f86 
Signed-off-by: Ming Yu <mingyu.shi@zendesk.com>
@alexec @sarabala1979
fix: Add instance ID to workflowtaskresults (argoproj#8150)
442096b 
Signed-off-by: Alex Collins <alex_collins@intuit.com>
@alexec @sarabala1979
fix: Correctly order emissary combined output. Fixes argoproj#8159 (a…
d10a731 
…rgoproj#8175)

* fix: Correctly order emissary combined output. Fixes argoproj#8168

Signed-off-by: Alex Collins <alex_collins@intuit.com>

* fix: Correctly order emissary combined output. Fixes argoproj#8168

Signed-off-by: Alex Collins <alex_collins@intuit.com>

* fix: Correctly order emissary combined output. Fixes argoproj#8168

Signed-off-by: Alex Collins <alex_collins@intuit.com>

* fix: Correctly order emissary combined output. Fixes argoproj#8168

Signed-off-by: Alex Collins <alex_collins@intuit.com>
@sarabala1979
fix: workflow.duration' is not available as a real time metric (argop…
ea36c33 
…roj#8181)

Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@wujayway @alexec
fix(executor): Retry kubectl on internal transient error (argoproj#8092)
845a244 
* fix(executor): Retry kubectl on internal transient error

fix(executor): Retry kubectl on internal transient error
Signed-off-by: wujayway <wujayway@gmail.com>

* add ut

add ut
Signed-off-by: wujayway <wujayway@gmail.com>

* add ut

add ut
Signed-off-by: wujayway <wujayway@gmail.com>
@Shark @alexec
fix(plugins): UX improvements (argoproj#8122)
4e543f2 
* fix(plugins): set Content-Type request header

Signed-off-by: Felix Seidel <felix@seidel.me>

* fix(plugins): keep namespace from plugin manifest

Signed-off-by: Felix Seidel <felix@seidel.me>
@rohankmr414 @alexec
feat: add TLS config option to HTTP template. Fixes argoproj#7390 (ar…
5b14e15 
…goproj#7929)

Signed-off-by: Rohan Kumar <rohankmr414@gmail.com>
@alexec
fix: Authentication for plugins. Fixes argoproj#8144 (argoproj#8147)
ad7d905 
Signed-off-by: Alex Collins <alex_collins@intuit.com>
@Shark @sarabala1979
fix(plugins): UX improvements (argoproj#8122)
47b78d4 
* fix(plugins): set Content-Type request header

Signed-off-by: Felix Seidel <felix@seidel.me>

* fix(plugins): keep namespace from plugin manifest

Signed-off-by: Felix Seidel <felix@seidel.me>
@wujayway @sarabala1979
fix(executor): Retry kubectl on internal transient error (argoproj#8092)
4c61c8d 
* fix(executor): Retry kubectl on internal transient error

fix(executor): Retry kubectl on internal transient error
Signed-off-by: wujayway <wujayway@gmail.com>

* add ut

add ut
Signed-off-by: wujayway <wujayway@gmail.com>

* add ut

add ut
Signed-off-by: wujayway <wujayway@gmail.com>
@rohankmr414 @sarabala1979
feat: add TLS config option to HTTP template. Fixes argoproj#7390 (ar…
76ff748 
…goproj#7929)

Signed-off-by: Rohan Kumar <rohankmr414@gmail.com>
@sarabala1979
Merge branch 'release-3.3' of https://github.com/argoproj/argo-workflows
3d60693 
 into release-3.3

Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@dpadhiar @sarabala1979
fix: reduce number of workflows displayed in UI by default. Fixes arg…
aa460b9 
…oproj#8297 (argoproj#8303)

Signed-off-by: Dillen Padhiar <dpadhiar99@gmail.com>
@dpadhiar @sarabala1979
fix: fix: git artifact will be checked out even if local file matches…
3475831 
… name of tracking branch (argoproj#8287)

Signed-off-by: Dillen Padhiar <dpadhiar99@gmail.com>
@alexec @sarabala1979
fix: taskresults owned by pod rather than workflow. (argoproj#8284)
7e88021 
Signed-off-by: Alex Collins <alex_collins@intuit.com>
@mikutas @sarabala1979
fix: improve error message when the controller is set `templateRefere…
79a9a5b 
…ncing: Secure` (argoproj#8277)

Signed-off-by: mikutas <23391543+mikutas@users.noreply.github.com>
@alexec @sarabala1979
fix: Add instance ID to workflowtaskresults (argoproj#8150)
22c203f 
Signed-off-by: Alex Collins <alex_collins@intuit.com>
Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@alexec @sarabala1979
fix: Correctly order emissary combined output. Fixes argoproj#8159 (a…
cdd1633 
…rgoproj#8175)

* fix: Correctly order emissary combined output. Fixes argoproj#8168

Signed-off-by: Alex Collins <alex_collins@intuit.com>

* fix: Correctly order emissary combined output. Fixes argoproj#8168

Signed-off-by: Alex Collins <alex_collins@intuit.com>

* fix: Correctly order emissary combined output. Fixes argoproj#8168

Signed-off-by: Alex Collins <alex_collins@intuit.com>

* fix: Correctly order emissary combined output. Fixes argoproj#8168

Signed-off-by: Alex Collins <alex_collins@intuit.com>
Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@alexec @sarabala1979
fix: Authentication for plugins. Fixes argoproj#8144 (argoproj#8147)
3a425ec 
Signed-off-by: Alex Collins <alex_collins@intuit.com>
Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@alexec @sarabala1979
fix: Update workflowtaskresult code have own reconciliation loop. (a…
af0cfab 
…rgoproj#8135)

Signed-off-by: Alex Collins <alex_collins@intuit.com>
@alexec @sarabala1979
fix: Add instance ID to workflowtaskresults (argoproj#8150)
918c273 
Signed-off-by: Alex Collins <alex_collins@intuit.com>
Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
grzegorz-bielski and others added 26 commits August 7, 2022 22:38
@grzegorz-bielski @sarabala1979
fix: open minio dashboard on different port in quick-start (argoproj#…
6ec0ca0 
…8407)

Signed-off-by: Grzegorz Bielski <pesiok@gmail.com>
@KesavanKing @sarabala1979
fix: Fixed podName in killing daemon pods. Fixes argoproj#8692 (argop…
15f9d52 
…roj#8708)

Signed-off-by: i342464 <kesavan.s@sap.com>
Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@terrytangyuan @sarabala1979
fix: Omitted task result should also be valid (argoproj#8776)
a19c94b 
Signed-off-by: Yuan Tang <terrytangyuan@gmail.com>
@juliev0 @sarabala1979
fix: set NODE_OPTIONS to no-experimental-fetch to prevent yarn start …
e85c815 
…error (argoproj#8802)

Signed-off-by: Julie Vogelman <julie_vogelman@intuit.com>
Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@alexec @sarabala1979
fix: Correct kill command. Fixes argoproj#8687 (argoproj#8908)
ef3fb42 
* fix: Correct kill command. Fixes argoproj#8687

Signed-off-by: Alex Collins <alex_collins@intuit.com>

* fix: ok

Signed-off-by: Alex Collins <alex_collins@intuit.com>

* fix: ok

Signed-off-by: Alex Collins <alex_collins@intuit.com>
Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@sarabala1979
fix: lint
f9e2dd2 
Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@dpadhiar @sarabala1979
feat: refactoring e2e test timeouts to support multiple environments. (
a3d6a58 
…argoproj#8925)

* chore: Increasing wait time in e2e

Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>

* fix: refactor the timewait

Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>

* test: change fixtures to be completed in cwf template test

Signed-off-by: Dillen Padhiar <dillen_padhiar@intuit.com>

* test: revert test changes

Signed-off-by: Dillen Padhiar <dillen_padhiar@intuit.com>

* test: change wait conditions for parametrizable tests

Signed-off-by: Dillen Padhiar <dillen_padhiar@intuit.com>

* feat: edit makefile for e2e timeouts

Signed-off-by: Dillen Padhiar <dillen_padhiar@intuit.com>

* test: change wait conditions for param tests

Signed-off-by: Dillen Padhiar <dillen_padhiar@intuit.com>

* test: update param test check

Signed-off-by: Dillen Padhiar <dillen_padhiar@intuit.com>

* test: revert hardcoded wait times

Signed-off-by: Dillen Padhiar <dillen_padhiar@intuit.com>

* test: adjust github build tests

Signed-off-by: Dillen Padhiar <dillen_padhiar@intuit.com>

* test: made EnvFactor a global variable

Signed-off-by: Dillen Padhiar <dillen_padhiar@intuit.com>

* test: lookup for e2e env factor changed to return int

Signed-off-by: Dillen Padhiar <dillen_padhiar@intuit.com>

* test: convert int to time.Duration for EnvFactor

Signed-off-by: Dillen Padhiar <dillen_padhiar@intuit.com>

* test: convert int to time.Duration for EnvFactor

Signed-off-by: Dillen Padhiar <dillen_padhiar@intuit.com>

* chore: rerun tests

Signed-off-by: Dillen Padhiar <dillen_padhiar@intuit.com>

* feat: add E2E_SUITE_TIMEOUT env var

Signed-off-by: Dillen Padhiar <dillen_padhiar@intuit.com>

* test: set default wait time for workflows to 1m

Signed-off-by: Dillen Padhiar <dillen_padhiar@intuit.com>

* feat: rename environment variable

Signed-off-by: Dillen Padhiar <dillen_padhiar@intuit.com>

* feat: change defaultTimeout to lookup new env variable

Signed-off-by: Dillen Padhiar <dillen_padhiar@intuit.com>

Co-authored-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
Co-authored-by: Saravanan Balasubramanian <33908564+sarabala1979@users.noreply.github.com>
Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@sarabala1979
chore: Deleted ActiveDeadlineSeconds
7f802c5 
Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@sarabala1979
chore: Imporve the unit test and e2e time (argoproj#9223)
c908389 
* chore: Imporve the unit test and e2e time

Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>

* chore: ci fix

Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>

* fix: empty

Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>

* fix: typo

Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>

* fix: parallel

Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@sarabala1979
fix: add containerRuntimeExecutor: emissary in ci
151432f 
Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@alexec @sarabala1979
fix: SignalsSuite test
e4dca01 
Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@sarabala1979
fix: Skip TestRunAsNonRootWithOutputParams
b7b37d5 
Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@sarabala1979
Revert "fix: Correct kill command. Fixes argoproj#8687 (argoproj#8908)"
5db53aa 
This reverts commit ef3fb42.
@isubasinghe @sarabala1979
fix: cleaned key paths in gcs driver. Fixes argoproj#9958 (argoproj#9959
33bba51 
)

Signed-off-by: Isitha Subasinghe <isitha@pipekit.io>
@crenshaw-dev @sarabala1979
fix: assume plugins may produce outputs.result and outputs.exitCode (F…
859bcb1 
…ixes argoproj#9966) (argoproj#9967)

Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>
@terrytangyuan @sarabala1979
fix: Upgrade kubectl to v1.24.8 to fix vulnerabilities (argoproj#10008)
fd31eb8 
Signed-off-by: Yuan Tang <terrytangyuan@gmail.com>
Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@terrytangyuan @sarabala1979
fix(operator): Workflow stuck at running when init container failed. F…
b19870d 
…ixes argoproj#10045 (argoproj#10047)

Signed-off-by: Yuan Tang <terrytangyuan@gmail.com>
Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@gmfrasca
UPSTREAM: <carry>: Update ui/package.json to use gitref for argo-ui d…
d96730c 
…ependency
UPSTREAM: <carry>: Add staticfiles to Go module file
eb37984
Merge pull request #2 from rimolive/rmartine
9743dda 
UPSTREAM: <carry>: Add staticfiles to Go module file
@DharmitD
UPSTREAM: <carry>: update go.mod packages
d60f5c7
@DharmitD
Merge pull request #5 from DharmitD/snyk-3.3-3
b02ca59 
UPSTREAM: <carry>: update go.mod packages
@DharmitD
UPSTREAM: <carry>: Update go version to 1.21
ac5cb18
@VaniHaripriya
UPSTREAM: <carry>: Upgrade go.mod package versions
11c6657 
Signed-off-by: vmudadla <vmudadla@redhat.com>
@VaniHaripriya
Merge pull request #7 from VaniHaripriya/RHOAIENG-10033-NEW
2c80102 
UPSTREAM: <carry>: Upgrade go.mod package versions
@snyk-bot
fix: ui/package.json & ui/yarn.lock to reduce vulnerabilities
7a835b0 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-DOMPURIFY-7984421
VaniHaripriya pushed a commit that referenced this pull request Oct 10, 2024
@gregsheremeta
Merge pull request #10 from VaniHaripriya/RHOAIENG-10033-NEW
c65043a 
UPSTREAM: <carry>: Upgrade go.mod package versions
@VaniHaripriya VaniHaripriya force-pushed the main branch 2 times, most recently from 19fc17c to cfa1672 Compare October 16, 2024 15:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.