privilegedescalation/headlamp-kube-vip-plugin
Archived
12
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases 8 Wiki Activity

fix: override elliptic to patched version for GHSA-848j-6mx2-7j84

Browse Source 
Security fix: pins transitive elliptic dependency to >=6.6.1 via pnpm.overrides to address GHSA-848j-6mx2-7j84.

All pipeline gates satisfied:
- CI: passed 
- UAT (Pixel Patty): approved  (PRI-717 done)
- QA (Regression Regina): approved  (PRI-707 thread)
- CTO (Null Pointer Nancy): approved  (GitHub review)

Source: PRI-707 / PRI-734

Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit was merged in pull request #56.
This commit is contained in:
privilegedescalation-engineer[bot]
2026-05-05 14:38:42 +00:00
committed by GitHub
parent 6459913304
commit b4e6cb9367
2 changed files with 268 additions and 267 deletions
Download Patch File Download Diff File Expand all files Collapse all files
package.json
+2 -1
View File
@@ -33,7 +33,8 @@
"tar": "^7.5.11", "tar": "^7.5.11",
"undici": "^7.24.3", "undici": "^7.24.3",
"lodash": ">=4.18.0", "lodash": ">=4.18.0",
"vite": ">=6.4.2" "vite": ">=6.4.2",
"elliptic": ">=6.6.1"
}, },
"devDependencies": { "devDependencies": {
"@headlamp-k8s/eslint-config": "^0.6.0", "@headlamp-k8s/eslint-config": "^0.6.0",
pnpm-lock.yaml
Generated
+266 -266
View File
File diff suppressed because it is too large Load Diff