Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

headlamp-plugin: Use npm ci to pin deps #2568

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Conversation

skoeva
Copy link
Contributor

@skoeva skoeva commented Nov 13, 2024

This change addresses a security issue where dependencies are not pinned.

Fixes: #2084

This change addresses a security issue where dependencies are not pinned.

Fixes: #2084

Signed-off-by: Evangelos Skopelitis <eskopelitis@microsoft.com>
@skoeva skoeva added dependencies Pull requests that update a dependency file security labels Nov 13, 2024
@skoeva skoeva self-assigned this Nov 13, 2024
@dosubot dosubot bot added the size:XS This PR changes 0-9 lines, ignoring generated files. label Nov 13, 2024
@skoeva skoeva requested a review from illume November 19, 2024 13:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file security size:XS This PR changes 0-9 lines, ignoring generated files.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

We need to pin all dependencies
1 participant