[YUNIKORN-2496] Fix security issues in website javascript - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Task
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.6.0
Component/s: website
Labels:
- pull-request-available

Target Version:

1.6.0

Description

The change to pnmp triggered a large number of security alerts from dependabot.

7 could be fixed directly by the 4 PRs opened by dependabot. 6 need manual intervention.

The change also included an upgrade of the Algolia search component to 3.x. That change prevent running pnpm audit.
Docusaurus 3.x also contains a large number of backward incompatible changes and an upgrade is planned separately. Using the Algolia 3.x dependency already pushes some of these changes and should be reverted to Algolia 2.x same as the rest of Docusaurus environment.

Attachments

Issue Links

is caused by

YUNIKORN-2481 Convert yunikorn-site build to use pnpm

Resolved

relates to

YUNIKORN-2400 Upgrade docusaurus to 3.x

Resolved

links to

GitHub Pull Request #415

Activity

People

Assignee:: Wilfred Spiegelenburg

Reporter:: Wilfred Spiegelenburg

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 18/Mar/24 02:54

Updated:: 18/Mar/24 22:41

Resolved:: 18/Mar/24 22:41