Closed kim-tsao closed 2 months ago
[APPROVALNOTIFIER] This PR is NOT APPROVED
This pull-request has been approved by: Once this PR has been reviewed and has the lgtm label, please ask for approval from kim-tsao. For more information see the Kubernetes Code Review Process.
The full list of commands accepted by this bot can be found here.
Added dependabot rule to filter out findings from root yarn.lock which is not used in RHDH
Re-opening, as discussed with @Zaperex it would be good to keep the root yarn.lock up to date
/retest
/retest
PR needs rebase.
Closing as Kim has said:
those were moderate findings. Plugins [update] is not important because it was a root yarn.lock update done to keep dependencies in sync we put a
no_backport
label and FixVersion=1.3 on it https://issues.redhat.com/browse/RHIDP-2735
update yarn.lock to resolve CVE-2024-35255 Fixes RHIDP-2735