privilegedescalation/headlamp-plugin-template
Archived
12
0
Fork 0
Code Issues 1 Pull Requests 2 Actions Packages Projects Releases 1 Wiki Activity

Compare commits

base: privilegedescalation/headlamp-plugin-template:e66ea0dcd29204d9dca7a652cf54e40ce04c7c3c
Branches Tags
privilegedescalation/headlamp-plugin-template:main privilegedescalation/headlamp-plugin-template:fix/runner-label-ubuntu-latest privilegedescalation/headlamp-plugin-template:gandalf/fix-echo-printf-pri-1757 privilegedescalation/headlamp-plugin-template:hugh/fix-ci-node22-slim-checkout-pri-1786 privilegedescalation/headlamp-plugin-template:gandalf/pri-1636-inline-dual-approval privilegedescalation/headlamp-plugin-template:fix/lockfile-and-artifacthub privilegedescalation/headlamp-plugin-template:fix/artifacthub-real-values privilegedescalation/headlamp-plugin-template:inline-ci-660e3ad9 privilegedescalation/headlamp-plugin-template:fix/pnpm-lock-yaml privilegedescalation/headlamp-plugin-template:fix/pri-564-add-missing-dev-deps privilegedescalation/headlamp-plugin-template:fix/elliptic-vulnerability-override privilegedescalation/headlamp-plugin-template:pr-9 privilegedescalation/headlamp-plugin-template:gandalf/fix-elliptic-override privilegedescalation/headlamp-plugin-template:hugh/pri-759-fix-template-lockfile privilegedescalation/headlamp-plugin-template:gandalf/pri-709-clarify-elliptic-override privilegedescalation/headlamp-plugin-template:fix/add-eslint-direct-dependency privilegedescalation/headlamp-plugin-template:fix/pri-551-add-pnpm-lock privilegedescalation/headlamp-plugin-template:feat/renovate-extend-org-config
privilegedescalation/headlamp-plugin-template:v0.1.0
..
compare: privilegedescalation/headlamp-plugin-template:fix/pnpm-lock-yaml
Branches Tags
privilegedescalation/headlamp-plugin-template:fix/runner-label-ubuntu-latest privilegedescalation/headlamp-plugin-template:gandalf/fix-echo-printf-pri-1757 privilegedescalation/headlamp-plugin-template:hugh/fix-ci-node22-slim-checkout-pri-1786 privilegedescalation/headlamp-plugin-template:main privilegedescalation/headlamp-plugin-template:gandalf/pri-1636-inline-dual-approval privilegedescalation/headlamp-plugin-template:fix/lockfile-and-artifacthub privilegedescalation/headlamp-plugin-template:fix/artifacthub-real-values privilegedescalation/headlamp-plugin-template:inline-ci-660e3ad9 privilegedescalation/headlamp-plugin-template:fix/pnpm-lock-yaml privilegedescalation/headlamp-plugin-template:fix/pri-564-add-missing-dev-deps privilegedescalation/headlamp-plugin-template:fix/elliptic-vulnerability-override privilegedescalation/headlamp-plugin-template:pr-9 privilegedescalation/headlamp-plugin-template:gandalf/fix-elliptic-override privilegedescalation/headlamp-plugin-template:hugh/pri-759-fix-template-lockfile privilegedescalation/headlamp-plugin-template:gandalf/pri-709-clarify-elliptic-override privilegedescalation/headlamp-plugin-template:fix/add-eslint-direct-dependency privilegedescalation/headlamp-plugin-template:fix/pri-551-add-pnpm-lock privilegedescalation/headlamp-plugin-template:feat/renovate-extend-org-config
privilegedescalation/headlamp-plugin-template:v0.1.0

2 Commits
e66ea0dcd2 .. fix/pnpm-lock-yaml

Author SHA1 Message Date
Chris Farhood 6a759c87eb fix(PRI-564): add eslint/prettier/typescript as direct devDeps 
pnpm strict isolation (-frozen-lockfile) only exposes binaries from direct
devDependencies. eslint, prettier, and typescript were transitive peers of
@kinvolk/headlamp-plugin and not accessible in CI.

- eslint: ^8.57.1
- prettier: ^3.0.0
- typescript: ^5.6.2
 2026-05-06 12:47:16 +00:00
Chris Farhood e1b5d0bcd1 fix: add pnpm-lock.yaml to unblock E2E workflow 
The plugin-ci.yaml reusable workflow detects pnpm via pnpm-lock.yaml presence
and uses --frozen-lockfile. Without it, the E2E job cannot run.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-05-04 19:31:58 +00:00
5 changed files with 436 additions and 228 deletions
Expand all files Collapse all files
.github/workflows/renovate.yml
-15
View File
@@ -1,15 +0,0 @@
name: Renovate
on:
schedule:
- cron: '0 3 * * *'
workflow_dispatch:
jobs:
renovate:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: renovatebot/github-action@v40.3.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
configurationFile: renovate.json
renovate-json5: true
audit-ci.jsonc
-20
View File
@@ -1,20 +0,0 @@
{
// Allowlist for inherited dev-dependency CVEs from @kinvolk/headlamp-plugin
// CTO decision (PRI-854): these high-severity vulns are dev/build-time only,
// trace to @kinvolk/headlamp-plugin transitive deps (Picomatch, Vite, lodash),
// and do NOT ship in production plugin artifacts.
"allowlist": [
{
"id": "GHSA-hhpm-516h-p3p6",
"reason": "Picomatch ReDoS: devDependency only, does not ship in production plugin bundle"
},
{
"id": "GHSA-36xf-7xpp-53w5",
"reason": "Vite arbitrary file read: devDependency only, does not ship in production plugin bundle"
},
{
"id": "GHSA-jf8v-p3pp-93qh",
"reason": "lodash code injection via _.template: devDependency only, does not ship in production plugin bundle"
}
]
}
package.json
+1 -8
View File
@@ -29,20 +29,13 @@
"@testing-library/jest-dom": "^6.4.8",
"@testing-library/react": "^16.0.0",
"@testing-library/user-event": "^14.5.2",
"eslint": "^8.57.0",
"eslint": "^8.57.1",
"jsdom": "^24.0.0",
"prettier": "^3.0.0",
"react": "^18.3.1",
"react-dom": "^18.3.1",
"react-router-dom": "^5.3.0",
"typescript": "^5.6.2",
"vite": "^6.4.1",
"vite-plugin-svgr": "^4.5.0",
"vitest": "^3.0.5"
},
"pnpm": {
"overrides": {
"elliptic": ">=6.6.1"
}
}
}
pnpm-lock.yaml
Generated
+435 -184
View File
File diff suppressed because it is too large Load Diff
tsconfig.json
-1
View File
@@ -2,7 +2,6 @@
"extends": "@kinvolk/headlamp-plugin/config/plugins-tsconfig.json",
"compilerOptions": {
"jsx": "react",
"skipLibCheck": true,
"types": ["vite/client", "vite-plugin-svgr/client", "vitest/globals", "@testing-library/jest-dom"]
},
"include": ["src"]