jgainerdewar
commented
2 years ago Will look into that Snyk failure for ui/package.json.
Closed jgainerdewar closed 2 years ago
jgainerdewar
commented
2 years ago Will look into that Snyk failure for ui/package.json.
jgainerdewar
commented
2 years ago I have turned off the Snyk check for package.json and yarn.lock because Snyk does not support Yarn 3 in this type of Github scan (https://github.com/snyk/cli/issues/2734). I believe this check is not a compliance requirement and that it's somewhat redundant with the Dependabot checks also enabled in this repo.
Leaving dsub check in place for now, since that's an HCA thing I don't want to change anything I don't have to.
This is the merge of the UI modernization project we've been working on in a feature branch. The goal is to reset ourselves to modern versions of all UI packages, in order to resolve existing security vulnerabilities and make future updates easier. We're also moving from npm to yarn.
This work is focused on enabling Job Manager in Terra. As of this PR, functionality not needed for Terra is not guaranteed to work.