[Snyk] Security upgrade @kubernetes/client-node from 0.8.2 to 0.22.1 #336
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Chen Sun <[email protected]>
…line_evaluation_pairwise` component PiperOrigin-RevId: 629549849
PiperOrigin-RevId: 629556915
…n rlhf preprocessor and infer preprocessor PiperOrigin-RevId: 630245237
* chore(components): Drop GCPC Python 3.7 PiperOrigin-RevId: 627500444 **Description of your changes:** **Checklist:** - [ ] The title for your pull request (PR) should follow our title convention. [Learn more about the pull request title convention used in this repository](https://github.com/kubeflow/pipelines/blob/master/CONTRIBUTING.md#pull-request-title-convention). <!-- PR titles examples: * `fix(frontend): fixes empty page. Fixes kubeflow#1234` Use `fix` to indicate that this PR fixes a bug. * `feat(backend): configurable service account. Fixes kubeflow#1234, fixes kubeflow#1235` Use `feat` to indicate that this PR adds a new feature. * `chore: set up changelog generation tools` Use `chore` to indicate that this PR makes some changes that users don't need to know. * `test: fix CI failure. Part of kubeflow#1234` Use `part of` to indicate that a PR is working on an issue, but shouldn't close the issue when merged. --> * drop support python3.7 * fix test Signed-off-by: rickyxie0929 <[email protected]> * fix test Signed-off-by: rickyxie0929 <[email protected]> * fix test Signed-off-by: rickyxie0929 <[email protected]> * fix test Signed-off-by: rickyxie0929 <[email protected]> * fix tes Signed-off-by: rickyxie0929 <[email protected]> * fix test Signed-off-by: rickyxie0929 <[email protected]> * fix test Signed-off-by: rickyxie0929 <[email protected]> * remove kfp related Signed-off-by: rickyxie0929 <[email protected]> * remove kfp related Signed-off-by: rickyxie0929 <[email protected]> * just kfp change Signed-off-by: rickyxie0929 <[email protected]> * only change in kubernetes_platform/python/setup.py Signed-off-by: rickyxie0929 <[email protected]> * only change in init.py Signed-off-by: rickyxie0929 <[email protected]> * change Signed-off-by: rickyxie0929 <[email protected]> * change Signed-off-by: rickyxie0929 <[email protected]> * Update release Signed-off-by: rickyxie0929 <[email protected]> * Update base image Signed-off-by: rickyxie0929 <[email protected]> * change test python 3.7 to python 3.8 Signed-off-by: rickyxie0929 <[email protected]> * update golden snapshot Signed-off-by: rickyxie0929 <[email protected]> * update yaml to python3.8 under kubernetes_platform/python/test/snapshot/data/toleration.yaml Signed-off-by: rickyxie0929 <[email protected]> * update yaml python 3.8 for sdk/python/test_data/pipelines/parallelfor_fan_in Signed-off-by: rickyxie0929 <[email protected]> * update yaml to fix tests Signed-off-by: rickyxie0929 <[email protected]> * Update Readme Signed-off-by: rickyxie0929 <[email protected]> * Update kubernetes_setup python version Signed-off-by: rickyxie0929 <[email protected]> * Update readme Signed-off-by: rickyxie0929 <[email protected]> --------- Signed-off-by: rickyxie0929 <[email protected]>
Signed-off-by: Chen Sun <[email protected]>
…el graph PiperOrigin-RevId: 631266689
Signed-off-by: Humair Khan <[email protected]>
…ubeflow#10751) * periodic functional tests migration Signed-off-by: shruti2522 <[email protected]> feat: migrate periodic functional tests to GH actions Signed-off-by: shruti2522 <[email protected]> feat: migrate periodic functional tests to GH actions Signed-off-by: shruti2522 <[email protected]> feat: migrate periodic functional tests to GH actions feat: migrate periodic functional tests to GH actions Signed-off-by: shruti2522 <[email protected]> feat: migrate periodic functional tests to GH actions Signed-off-by: shruti2522 <[email protected]> * updated kind installation and artifact collection Signed-off-by: shruti2522 <[email protected]> * updated artifact collection code Signed-off-by: shruti2522 <[email protected]> * updated version Signed-off-by: shruti2522 <[email protected]> * updated path Signed-off-by: shruti2522 <[email protected]> * added log_dir Signed-off-by: shruti2522 <[email protected]> --------- Signed-off-by: shruti2522 <[email protected]>
…iles (kubeflow#10725) When building images via `make`: - Allow users to specify an alternate Container Engine rather than docker - Allow users to specify image names/tags rather than a hardcoded image name and `latest` tag for backend images Signed-off-by: Giulio Frasca <[email protected]>
Signed-off-by: Humair Khan <[email protected]>
…nclude EnabledSharedMemory (kubeflow#10703) Signed-off-by: hsteude <[email protected]>
Signed-off-by: Michael Hu <[email protected]> PiperOrigin-RevId: 631917851
…mponent Signed-off-by: Michael Hu <[email protected]> PiperOrigin-RevId: 631958163
Signed-off-by: Googler <[email protected]> PiperOrigin-RevId: 631959982
Signed-off-by: Googler <[email protected]> PiperOrigin-RevId: 632325315
Signed-off-by: Googler <[email protected]> PiperOrigin-RevId: 632575448
Signed-off-by: Googler <[email protected]> PiperOrigin-RevId: 632653742
Signed-off-by: Googler <[email protected]> PiperOrigin-RevId: 634137095
Signed-off-by: Googler <[email protected]> PiperOrigin-RevId: 634900210
Signed-off-by: Googler <[email protected]> PiperOrigin-RevId: 635894975
Signed-off-by: Igor Kvachenok <[email protected]>
…0842) Signed-off-by: ddalvi <[email protected]>
Signed-off-by: Igor Kvachenok <[email protected]>
Signed-off-by: Humair Khan <[email protected]> Co-authored-by: Humair Khan <[email protected]>
* fix(frontend): reduce list run latency Signed-off-by: droctothorpe <[email protected]> Co-authored-by: quinnovator <[email protected]> Co-authored-by: tarat44 <[email protected]> Co-authored-by: owmasch <[email protected]> * Handle multi-user deployments Signed-off-by: droctothorpe <[email protected]> --------- Signed-off-by: droctothorpe <[email protected]> Co-authored-by: quinnovator <[email protected]> Co-authored-by: tarat44 <[email protected]> Co-authored-by: owmasch <[email protected]>
Signed-off-by: Michael Hu <[email protected]> PiperOrigin-RevId: 638080280
…e_user_defined_error function Signed-off-by: Googler <[email protected]> PiperOrigin-RevId: 638523242
…h right key_name within use_config_map_as_env() block. (kubeflow#10855) Signed-off-by: Vamsi Mathala <[email protected]> Co-authored-by: Vamsi Mathala <[email protected]>
Signed-off-by: Helber Belmiro <[email protected]>
…kubeflow#11222) * feat(sdk): Allow setting a default of execution caching disabled via a compiler CLI flag and env var Co-authored-by: Greg Sheremeta <[email protected]> Signed-off-by: ddalvi <[email protected]> * Add tests for disabling default caching var and flag Signed-off-by: ddalvi <[email protected]> --------- Signed-off-by: ddalvi <[email protected]> Co-authored-by: Greg Sheremeta <[email protected]>
… run creation. Fixes kubeflow#10884 (kubeflow#11163) * UPSTREAM: <carry>: add last_run_creation Signed-off-by: Humair Khan <[email protected]> * Allow-the-ability-to-sort-Experiments-by-last-run-creation-kubeflow#10884 Signed-off-by: Elay Aharoni (EXT-Nokia) <[email protected]> * UPSTREAM: <carry>: chore(backend): Rename UpdateLastRun -> SetLastRunTimestamp follup up to bf77909. Rename UpdateLastRun -> SetLastRunTimestamp also tweak a related log message Signed-off-by: Greg Sheremeta <[email protected]> * UPSTREAM: <carry>: chore(backend): Rename UpdateLastRun -> SetLastRunTimestamp follup up to bf77909. Rename UpdateLastRun -> SetLastRunTimestamp also tweak a related log message Signed-off-by: Greg Sheremeta <[email protected]> --------- Signed-off-by: Humair Khan <[email protected]> Signed-off-by: Elay Aharoni (EXT-Nokia) <[email protected]> Signed-off-by: Greg Sheremeta <[email protected]> Co-authored-by: Humair Khan <[email protected]> Co-authored-by: Elay Aharoni (EXT-Nokia) <[email protected]> Co-authored-by: Greg Sheremeta <[email protected]>
Signed-off-by: Chen Sun <[email protected]>
Signed-off-by: ntny <[email protected]>
Signed-off-by: hbelmiro <[email protected]> Signed-off-by: Helber Belmiro <[email protected]>
Signed-off-by: hbelmiro <[email protected]> Signed-off-by: Helber Belmiro <[email protected]>
…ponsibilies. Fixes kubeflow#10509 (kubeflow#10790) * feat(backend): Remove PipelineSpec Template storage from ObjStore responsibilies. Fixes kubeflow#10509 Signed-off-by: Giulio Frasca <[email protected]> * chore: Remove BadObjStore unit tests (no longer applicable) Signed-off-by: Giulio Frasca <[email protected]> * test: Update backend unit tests to not retrieve PipelineSpec from mock ObjStore - Add PipelineSpec to mock PVs as they are no longer retrieved from ObjStore Signed-off-by: Giulio Frasca <[email protected]> --------- Signed-off-by: Giulio Frasca <[email protected]>
…ubeflow#10186 (kubeflow#11243) Signed-off-by: b4sus <[email protected]>
Signed-off-by: Humair Khan <[email protected]>
…#11254) Bumps [rollup](https://github.com/rollup/rollup) from 2.63.0 to 2.79.2. - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v2.63.0...v2.79.2) --- updated-dependencies: - dependency-name: rollup dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…w#11271) Bumps [webpack](https://github.com/webpack/webpack) from 5.90.3 to 5.95.0. - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](webpack/webpack@v5.90.3...v5.95.0) --- updated-dependencies: - dependency-name: webpack dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(doc): Update kfp-kubenetes release instructions. Signed-off-by: Chen Sun <[email protected]> * Update RELEASE.md Signed-off-by: Chen Sun <[email protected]> --------- Signed-off-by: Chen Sun <[email protected]>
…11281) Signed-off-by: zazulam <[email protected]>
Signed-off-by: vmudadla <[email protected]>
… regression component to fix issues with bigquery data source Signed-off-by: Jason Dai <[email protected]> PiperOrigin-RevId: 684488025
* Patch deployments and include debugging info Signed-off-by: carter.fendley <[email protected]> * Build and use driver / launcher too! Signed-off-by: carter.fendley <[email protected]> * Modify waiting status message Signed-off-by: carter.fendley <[email protected]> * Fix typo Signed-off-by: carter.fendley <[email protected]> --------- Signed-off-by: carter.fendley <[email protected]>
Signed-off-by: vmudadla <[email protected]>
Ghaction tide integration
… to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-WS-7266574
VaniHaripriya
force-pushed
the
master
branch
from
e13b16a to
e27b687
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-WS-7266574
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: @kubernetes/client-node
The new version differs by 250 commits.See the full diff
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Denial of Service (DoS)