privilegedescalation/headlamp-kube-vip-plugin
12
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases 8 Wiki Activity

Compare commits

base: privilegedescalation/headlamp-kube-vip-plugin:0352f6cf39a3e1281fd5e9adffaa26df8b4bff51
Branches Tags
privilegedescalation/headlamp-kube-vip-plugin:main privilegedescalation/headlamp-kube-vip-plugin:gandalf/fix-echo-printf-pri-1757 privilegedescalation/headlamp-kube-vip-plugin:gandalf/remove-installation-policy privilegedescalation/headlamp-kube-vip-plugin:test-pe-push privilegedescalation/headlamp-kube-vip-plugin:gandalf/fix-runner-labels-clean privilegedescalation/headlamp-kube-vip-plugin:gandalf/fix-runner-labels privilegedescalation/headlamp-kube-vip-plugin:gandalf/pri-1636-inline-dual-approval privilegedescalation/headlamp-kube-vip-plugin:inline-ci-c38bfdcf privilegedescalation/headlamp-kube-vip-plugin:uat privilegedescalation/headlamp-kube-vip-plugin:hugh/renovate-pri-414 privilegedescalation/headlamp-kube-vip-plugin:hugh/renovate-auto-merge-pri-414 privilegedescalation/headlamp-kube-vip-plugin:remove-e2e-infrastructure privilegedescalation/headlamp-kube-vip-plugin:hugh/kube-vip-vol-fix-1778106126 privilegedescalation/headlamp-kube-vip-plugin:hugh/deploy-script-fixes-3560998 privilegedescalation/headlamp-kube-vip-plugin:gandalf/pri-944-add-plugin-name-e2e privilegedescalation/headlamp-kube-vip-plugin:gandalf/add-renovate-github-action privilegedescalation/headlamp-kube-vip-plugin:gandalf/e2e-fix-kube-vip privilegedescalation/headlamp-kube-vip-plugin:gandalf/fix-e2e-pri-657 privilegedescalation/headlamp-kube-vip-plugin:gandalf/fix-namespace-mismatch privilegedescalation/headlamp-kube-vip-plugin:gandalf/fix-claude-namespace-pri-558 privilegedescalation/headlamp-kube-vip-plugin:gandalf/lodash-override-pnpm-lock privilegedescalation/headlamp-kube-vip-plugin:release/v1.0.1
privilegedescalation/headlamp-kube-vip-plugin:v1.0.2 privilegedescalation/headlamp-kube-vip-plugin:v1.0.1 privilegedescalation/headlamp-kube-vip-plugin:v1.0.0 privilegedescalation/headlamp-kube-vip-plugin:v0.1.5 privilegedescalation/headlamp-kube-vip-plugin:v0.1.4 privilegedescalation/headlamp-kube-vip-plugin:v0.1.3 privilegedescalation/headlamp-kube-vip-plugin:v0.1.2 privilegedescalation/headlamp-kube-vip-plugin:v0.1.1
...
compare: privilegedescalation/headlamp-kube-vip-plugin:gandalf/lodash-override-pnpm-lock
Branches Tags
privilegedescalation/headlamp-kube-vip-plugin:gandalf/fix-echo-printf-pri-1757 privilegedescalation/headlamp-kube-vip-plugin:main privilegedescalation/headlamp-kube-vip-plugin:gandalf/remove-installation-policy privilegedescalation/headlamp-kube-vip-plugin:test-pe-push privilegedescalation/headlamp-kube-vip-plugin:gandalf/fix-runner-labels-clean privilegedescalation/headlamp-kube-vip-plugin:gandalf/fix-runner-labels privilegedescalation/headlamp-kube-vip-plugin:gandalf/pri-1636-inline-dual-approval privilegedescalation/headlamp-kube-vip-plugin:inline-ci-c38bfdcf privilegedescalation/headlamp-kube-vip-plugin:uat privilegedescalation/headlamp-kube-vip-plugin:hugh/renovate-pri-414 privilegedescalation/headlamp-kube-vip-plugin:hugh/renovate-auto-merge-pri-414 privilegedescalation/headlamp-kube-vip-plugin:remove-e2e-infrastructure privilegedescalation/headlamp-kube-vip-plugin:hugh/kube-vip-vol-fix-1778106126 privilegedescalation/headlamp-kube-vip-plugin:hugh/deploy-script-fixes-3560998 privilegedescalation/headlamp-kube-vip-plugin:gandalf/pri-944-add-plugin-name-e2e privilegedescalation/headlamp-kube-vip-plugin:gandalf/add-renovate-github-action privilegedescalation/headlamp-kube-vip-plugin:gandalf/e2e-fix-kube-vip privilegedescalation/headlamp-kube-vip-plugin:gandalf/fix-e2e-pri-657 privilegedescalation/headlamp-kube-vip-plugin:gandalf/fix-namespace-mismatch privilegedescalation/headlamp-kube-vip-plugin:gandalf/fix-claude-namespace-pri-558 privilegedescalation/headlamp-kube-vip-plugin:gandalf/lodash-override-pnpm-lock privilegedescalation/headlamp-kube-vip-plugin:release/v1.0.1
privilegedescalation/headlamp-kube-vip-plugin:v1.0.2 privilegedescalation/headlamp-kube-vip-plugin:v1.0.1 privilegedescalation/headlamp-kube-vip-plugin:v1.0.0 privilegedescalation/headlamp-kube-vip-plugin:v0.1.5 privilegedescalation/headlamp-kube-vip-plugin:v0.1.4 privilegedescalation/headlamp-kube-vip-plugin:v0.1.3 privilegedescalation/headlamp-kube-vip-plugin:v0.1.2 privilegedescalation/headlamp-kube-vip-plugin:v0.1.1

2 Commits
0352f6cf39 ... gandalf/lodash-override-pnpm-lock

Author SHA1 Message Date
Chris Farhood 9af291a8fb chore: regenerate pnpm-lock.yaml with lodash >=4.18.0 override 
Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-05-03 18:07:29 +00:00
Gandalf the Greybeard a7daabe4a0 fix: override lodash >=4.18.0 to patch code injection vulnerability 
GHSA-r5fr-rjxr-66jc is a code injection vulnerability in lodash
below 4.18.0. The vulnerable transitive dependency comes through
@kinvolk/headlamp-plugin.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-04-23 10:58:22 +00:00
2 changed files with 925 additions and 841 deletions
Expand all files Collapse all files
package.json
+2 -1
View File
@@ -31,7 +31,8 @@
},
"overrides": {
"tar": "^7.5.11",
"undici": "^7.24.3"
"undici": "^7.24.3",
"lodash": ">=4.18.0"
},
"devDependencies": {
"@headlamp-k8s/eslint-config": "^0.6.0",
pnpm-lock.yaml
Generated
+923 -840
View File
File diff suppressed because it is too large Load Diff