Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Security upgrade rapidoc from 9.3.4 to 9.3.7 #18037

Merged
merged 1 commit into from
Sep 28, 2024
Merged

[Snyk] Security upgrade rapidoc from 9.3.4 to 9.3.7 #18037

merged 1 commit into from
Sep 28, 2024

Conversation

harshach
Copy link
Collaborator

snyk-top-banner

Snyk has created this PR to fix 1 vulnerabilities in the yarn dependencies of this project.

Snyk changed the following file(s):

  • openmetadata-ui/src/main/resources/ui/package.json
  • openmetadata-ui/src/main/resources/ui/yarn.lock

Note for zero-installs users

If you are using the Yarn feature zero-installs that was introduced in Yarn V2, note that this PR does not update the .yarn/cache/ directory meaning this code cannot be pulled and immediately developed on as one would expect for a zero-install project - you will need to run yarn to update the contents of the ./yarn/cache directory.
If you are not using zero-install you can ignore this as your flow should likely be unchanged.

Vulnerabilities that will be fixed with an upgrade:

Issue Score
medium severity Improper Input Validation
SNYK-JS-SWAGGERCLIENT-6836803		   479  

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Improper Input Validation

@snyk-bot
fix: openmetadata-ui/src/main/resources/ui/package.json & openmetadat…
cd1d9f0 
…a-ui/src/main/resources/ui/yarn.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-SWAGGERCLIENT-6836803
@github-actions github-actions bot added backend safe to test Add this label to run secure Github workflows on PRs labels Sep 28, 2024
@github-actions GitHub Actions
Copy link
Contributor

Jest test Coverage

UI tests summary

Lines Statements Branches Functions
Coverage: 64%
 64.42% (37451/58133) 41.14% (14890/36193) 43.22% (4523/10465)

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed for 'open-metadata-ui'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@chirag-madlani chirag-madlani merged commit a0119b8 into main Sep 28, 2024
14 of 17 checks passed
@chirag-madlani chirag-madlani deleted the snyk-fix-db240ca46a1bdca0a2339488e9e4e9ed branch September 28, 2024 09:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chirag-madlani chirag-madlani chirag-madlani approved these changes

@ShaileshParmar11 ShaileshParmar11 Awaiting requested review from ShaileshParmar11

@karanh37 karanh37 Awaiting requested review from karanh37

@Sachin-chaurasiya Sachin-chaurasiya Awaiting requested review from Sachin-chaurasiya

Assignees
No one assigned
Labels
backend safe to test Add this label to run secure Github workflows on PRs
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@harshach @chirag-madlani @snyk-bot