privilegedescalation/headlamp-intel-gpu-plugin
12
0
Fork 0
Code Issues 2 Pull Requests 1 Actions Packages Projects Releases 9 Wiki Activity
Files
fix/pri-551-add-pnpm-lock
headlamp-intel-gpu-plugin/e2e
T
History
privilegedescalation-engineer[bot] 00c29e36dd fix: override lodash >=4.18.0 to patch code injection vulnerability (#51) 
* fix: override lodash >=4.18.0 to patch code injection vulnerability

GHSA-r5fr-rjxr-66jc is a code injection vulnerability in lodash
below 4.18.0. The vulnerable transitive dependency comes through
@kinvolk/headlamp-plugin.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

* fix: update package-lock.json to satisfy lodash override

The package.json override requires lodash >=4.18.0, but the lockfile
had 4.17.23. Regenerated lockfile with npm install --include=dev.

Co-Authored-By: Paperclip <noreply@paperclip.ing>

* fix(e2e): scope heading locators to main content area

Cherry-picked from PR #50 to fix E2E test failures on lodash PR.

Co-Authored-By: Paperclip <noreply@paperclip.ing>

---------

Co-authored-by: Gandalf the Greybeard <gandalf@privilegedescalation.dev>
Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
Co-authored-by: Paperclip <noreply@paperclip.ing>
2026-05-03 17:44:15 +00:00
..
.auth
feat: add Playwright E2E smoke tests
2026-03-24 22:59:55 +00:00
auth.setup.ts
feat: add Playwright E2E smoke tests
2026-03-24 22:59:55 +00:00
intel-gpu.spec.ts
fix: override lodash >=4.18.0 to patch code injection vulnerability (#51)
2026-05-03 17:44:15 +00:00