fix: update package-lock.json to satisfy lodash override

The package.json override requires lodash >=4.18.0, but the lockfile had 4.17.23. Regenerated lockfile with npm install --include=dev. Co-Authored-By: Paperclip <noreply@paperclip.ing>
fix: override lodash >=4.18.0 to patch code injection vulnerability
2026-04-26 21:30:04 +00:00 · 2026-04-23 10:58:22 +00:00
3 changed files with 609 additions and 529 deletions
@@ -1,42 +0,0 @@
---
-# e2e-ci-runner-rbac.yaml
-#
-# Grants the GitHub Actions runner's service account (Arc Runners) the minimum
-# permissions needed to deploy/teardown an E2E Headlamp instance in the
-# privilegedescalation-dev namespace.
-#
-# RBAC is managed via Flux from privilegedescalation/infra — do not apply manually.
-# This manifest is a reference copy in the plugin repo.
-
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  name: e2e-ci-runner
-  namespace: privilegedescalation-dev
-rules:
-  - apiGroups: [""]
-    resources: ["configmaps", "serviceaccounts", "events"]
-    verbs: ["get", "list", "create", "delete"]
-  - apiGroups: ["apps"]
-    resources: ["deployments"]
-    verbs: ["get", "create", "delete"]
-  - apiGroups: [""]
-    resources: ["services"]
-    verbs: ["get", "create", "delete"]
-  - apiGroups: [""]
-    resources: ["pods"]
-    verbs: ["get", "list"]
---
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: e2e-ci-runner
-  namespace: privilegedescalation-dev
-subjects:
-  - kind: ServiceAccount
-    name: runners-privilegedescalation-gha-rs-no-permission
-    namespace: arc-runners
-roleRef:
-  kind: Role
-  name: e2e-ci-runner
-  apiGroup: rbac.authorization.k8s.io
@@ -19,18 +19,16 @@ test.describe('Intel GPU plugin smoke tests', () => {

    // Should navigate to the overview route
    await expect(page).toHaveURL(/\/intel-gpu$/);
-    await expect(
-      page.locator('main').getByRole('heading', { name: 'Intel GPU — Overview' })
-    ).toBeVisible();
+    await expect(page.getByRole('heading', { name: /Intel GPU — Overview/i })).toBeVisible();
  });

  test('overview page renders GPU device list or empty state', async ({ page }) => {
    await page.goto('/c/main/intel-gpu');

    // Overview heading should be present
-    await expect(
-      page.locator('main').getByRole('heading', { name: 'Intel GPU — Overview' })
-    ).toBeVisible({ timeout: 15_000 });
+    await expect(page.getByRole('heading', { name: /Intel GPU — Overview/i })).toBeVisible({
+      timeout: 15_000,
+    });

    // Either a populated table/list or an empty-state indicator must be visible
    const hasTable = await page.locator('table').first().isVisible().catch(() => false);
@@ -45,9 +43,9 @@ test.describe('Intel GPU plugin smoke tests', () => {
  test('device plugins page renders or shows empty state', async ({ page }) => {
    await page.goto('/c/main/intel-gpu/device-plugins');

-    await expect(
-      page.locator('main').getByRole('heading', { name: 'Intel GPU — Device Plugins' })
-    ).toBeVisible({ timeout: 15_000 });
+    await expect(page.getByRole('heading', { name: /Intel GPU — Device Plugins/i })).toBeVisible({
+      timeout: 15_000,
+    });

    const hasTable = await page.locator('table').first().isVisible().catch(() => false);
    const hasEmptyState = await page
@@ -63,24 +61,18 @@ test.describe('Intel GPU plugin smoke tests', () => {
    // not after clicking the parent entry from the overview. Test route
    // accessibility via direct navigation — each route must render its heading.
    await page.goto('/c/main/intel-gpu');
-    await expect(
-      page.locator('main').getByRole('heading', { name: 'Intel GPU — Overview' })
-    ).toBeVisible({ timeout: 15_000 });
+    await expect(page.getByRole('heading', { name: /Intel GPU — Overview/i })).toBeVisible({
+      timeout: 15_000,
+    });

    await page.goto('/c/main/intel-gpu/nodes');
-    await expect(
-      page.locator('main').getByRole('heading', { name: 'Intel GPU — Nodes' })
-    ).toBeVisible({ timeout: 15_000 });
+    await expect(page.getByRole('heading', { name: /Intel GPU — Nodes/i })).toBeVisible({ timeout: 15_000 });

    await page.goto('/c/main/intel-gpu/pods');
-    await expect(
-      page.locator('main').getByRole('heading', { name: 'Intel GPU — Pods' })
-    ).toBeVisible({ timeout: 15_000 });
+    await expect(page.getByRole('heading', { name: /Intel GPU — Pods/i })).toBeVisible({ timeout: 15_000 });

    await page.goto('/c/main/intel-gpu/metrics');
-    await expect(
-      page.locator('main').getByRole('heading', { name: 'Intel GPU — Metrics' })
-    ).toBeVisible({ timeout: 15_000 });
+    await expect(page.getByRole('heading', { name: /Intel GPU — Metrics/i })).toBeVisible({ timeout: 15_000 });
  });

  test('plugin settings page shows intel-gpu plugin entry', async ({ page }) => {