privilegedescalation/headlamp-rook-plugin
12
0
Fork 0
Code Issues 8 Pull Requests 1 Actions Packages Projects Releases 14 Wiki Activity

Compare commits

base: privilegedescalation/headlamp-rook-plugin:v1.0.2
Branches Tags
privilegedescalation/headlamp-rook-plugin:main privilegedescalation/headlamp-rook-plugin:gandalf/fix-echo-printf-pri-1757 privilegedescalation/headlamp-rook-plugin:dev privilegedescalation/headlamp-rook-plugin:gandalf/pri-1749-inline-release privilegedescalation/headlamp-rook-plugin:gandalf/pri-1750-inline-workflows privilegedescalation/headlamp-rook-plugin:gandalf/remove-installation-policy privilegedescalation/headlamp-rook-plugin:gandalf/pri-1636-inline-dual-approval privilegedescalation/headlamp-rook-plugin:inline-ci-edb7f04a privilegedescalation/headlamp-rook-plugin:uat privilegedescalation/headlamp-rook-plugin:gandalf/fix-pnpm-ignored-builds privilegedescalation/headlamp-rook-plugin:gandalf/fix-ci-lockfile privilegedescalation/headlamp-rook-plugin:hugh/normalize-e2e-workflow-to-main privilegedescalation/headlamp-rook-plugin:gandalf/fix-storage-classes-test privilegedescalation/headlamp-rook-plugin:gandalf/fix-e2e-pri-935-storage-classes-button-role privilegedescalation/headlamp-rook-plugin:hugh/fix-configmap-naming-pri-907 privilegedescalation/headlamp-rook-plugin:hugh/fix-e2e-deploy-step-pri-956 privilegedescalation/headlamp-rook-plugin:gandalf/fix-e2e-pri-879 privilegedescalation/headlamp-rook-plugin:hugh/fix-e2e-plugin-name-20260506123605 privilegedescalation/headlamp-rook-plugin:hugh/fix-e2e-ref privilegedescalation/headlamp-rook-plugin:fix/elliptic-override-ghsa-848j-6mx2-7j84 privilegedescalation/headlamp-rook-plugin:gandalf/e2e-fix privilegedescalation/headlamp-rook-plugin:gandalf/fix-flaky-storage-class privilegedescalation/headlamp-rook-plugin:gandalf/fix-e2e-rbac-cluster-scoped-permissions privilegedescalation/headlamp-rook-plugin:gandalf/fix-e2e-storage-class-selector privilegedescalation/headlamp-rook-plugin:fix/elliptic-vulnerability-override privilegedescalation/headlamp-rook-plugin:e2e-infra-sync privilegedescalation/headlamp-rook-plugin:gandalf/add-e2e-infra privilegedescalation/headlamp-rook-plugin:gandalf/consolidate-e2e-pr privilegedescalation/headlamp-rook-plugin:pr-38 privilegedescalation/headlamp-rook-plugin:fix-lodash privilegedescalation/headlamp-rook-plugin:release/v1.0.1
privilegedescalation/headlamp-rook-plugin:v1.0.2 privilegedescalation/headlamp-rook-plugin:v1.0.1 privilegedescalation/headlamp-rook-plugin:v1.0.0 privilegedescalation/headlamp-rook-plugin:v0.2.8 privilegedescalation/headlamp-rook-plugin:v0.2.7 privilegedescalation/headlamp-rook-plugin:v0.2.6 privilegedescalation/headlamp-rook-plugin:v0.2.5 privilegedescalation/headlamp-rook-plugin:v0.2.4 privilegedescalation/headlamp-rook-plugin:v0.2.2 privilegedescalation/headlamp-rook-plugin:v0.2.1 privilegedescalation/headlamp-rook-plugin:v0.2.0 privilegedescalation/headlamp-rook-plugin:v0.1.3 privilegedescalation/headlamp-rook-plugin:v0.1.2 privilegedescalation/headlamp-rook-plugin:v0.1.1
..
compare: privilegedescalation/headlamp-rook-plugin:pr-38
Branches Tags
privilegedescalation/headlamp-rook-plugin:gandalf/fix-echo-printf-pri-1757 privilegedescalation/headlamp-rook-plugin:dev privilegedescalation/headlamp-rook-plugin:gandalf/pri-1749-inline-release privilegedescalation/headlamp-rook-plugin:gandalf/pri-1750-inline-workflows privilegedescalation/headlamp-rook-plugin:main privilegedescalation/headlamp-rook-plugin:gandalf/remove-installation-policy privilegedescalation/headlamp-rook-plugin:gandalf/pri-1636-inline-dual-approval privilegedescalation/headlamp-rook-plugin:inline-ci-edb7f04a privilegedescalation/headlamp-rook-plugin:uat privilegedescalation/headlamp-rook-plugin:gandalf/fix-pnpm-ignored-builds privilegedescalation/headlamp-rook-plugin:gandalf/fix-ci-lockfile privilegedescalation/headlamp-rook-plugin:hugh/normalize-e2e-workflow-to-main privilegedescalation/headlamp-rook-plugin:gandalf/fix-storage-classes-test privilegedescalation/headlamp-rook-plugin:gandalf/fix-e2e-pri-935-storage-classes-button-role privilegedescalation/headlamp-rook-plugin:hugh/fix-configmap-naming-pri-907 privilegedescalation/headlamp-rook-plugin:hugh/fix-e2e-deploy-step-pri-956 privilegedescalation/headlamp-rook-plugin:gandalf/fix-e2e-pri-879 privilegedescalation/headlamp-rook-plugin:hugh/fix-e2e-plugin-name-20260506123605 privilegedescalation/headlamp-rook-plugin:hugh/fix-e2e-ref privilegedescalation/headlamp-rook-plugin:fix/elliptic-override-ghsa-848j-6mx2-7j84 privilegedescalation/headlamp-rook-plugin:gandalf/e2e-fix privilegedescalation/headlamp-rook-plugin:gandalf/fix-flaky-storage-class privilegedescalation/headlamp-rook-plugin:gandalf/fix-e2e-rbac-cluster-scoped-permissions privilegedescalation/headlamp-rook-plugin:gandalf/fix-e2e-storage-class-selector privilegedescalation/headlamp-rook-plugin:fix/elliptic-vulnerability-override privilegedescalation/headlamp-rook-plugin:e2e-infra-sync privilegedescalation/headlamp-rook-plugin:gandalf/add-e2e-infra privilegedescalation/headlamp-rook-plugin:gandalf/consolidate-e2e-pr privilegedescalation/headlamp-rook-plugin:pr-38 privilegedescalation/headlamp-rook-plugin:fix-lodash privilegedescalation/headlamp-rook-plugin:release/v1.0.1
privilegedescalation/headlamp-rook-plugin:v1.0.2 privilegedescalation/headlamp-rook-plugin:v1.0.1 privilegedescalation/headlamp-rook-plugin:v1.0.0 privilegedescalation/headlamp-rook-plugin:v0.2.8 privilegedescalation/headlamp-rook-plugin:v0.2.7 privilegedescalation/headlamp-rook-plugin:v0.2.6 privilegedescalation/headlamp-rook-plugin:v0.2.5 privilegedescalation/headlamp-rook-plugin:v0.2.4 privilegedescalation/headlamp-rook-plugin:v0.2.2 privilegedescalation/headlamp-rook-plugin:v0.2.1 privilegedescalation/headlamp-rook-plugin:v0.2.0 privilegedescalation/headlamp-rook-plugin:v0.1.3 privilegedescalation/headlamp-rook-plugin:v0.1.2 privilegedescalation/headlamp-rook-plugin:v0.1.1

4 Commits
v1.0.2 .. pr-38

Author SHA1 Message Date
Chris Farhood 62bab0ffc3 Regenerate lockfile for lodash override 
- Explicitly add lodash@4.18.1 to ensure override is respected
- Regenerated pnpm-lock.yaml with resolved lodash@4.18.1 (CVE fix)

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-05-03 22:27:36 +00:00
Chris Farhood dd730cc4cd fix: override lodash >=4.18.0 to patch code injection vulnerability 
Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-05-03 22:27:30 +00:00
privilegedescalation-engineer[bot] d44ae043c3 fix: update vite to >=6.4.2 to patch arbitrary file read vulnerability (#37) 
Vite versions >=6.0.0 <=6.4.1 are vulnerable to arbitrary file read via
the Vite Dev Server WebSocket (server.fs.deny bypass with queries).

CVE: GHSA-p9ff-h696-f583

Co-authored-by: Gandalf the Greybeard <gandalf@privilegedescalation.dev>
Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-03 17:44:08 +00:00
privilegedescalation-engineer[bot] 39ed3ea90a release: v1.0.2 (#36) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2026-04-15 04:00:27 +00:00
2 changed files with 1065 additions and 645 deletions
Expand all files Collapse all files
package.json
+5 -2
View File
@@ -35,6 +35,7 @@
"@types/react-dom": "^18.0.0",
"eslint": "^8.57.0",
"jsdom": "^24.0.0",
"lodash": "4.18.1",
"notistack": "^3.0.0",
"prettier": "^2.8.8",
"react": "^18.3.1",
@@ -45,6 +46,8 @@
},
"overrides": {
"tar": "^7.5.11",
"undici": "^7.24.3"
"undici": "^7.24.3",
"vite": ">=6.4.2",
"lodash": ">=4.18.0"
}
}
}
pnpm-lock.yaml
Generated
+1060 -643
View File
File diff suppressed because it is too large Load Diff