privilegedescalation/headlamp-sealed-secrets-plugin

fix: override lodash >=4.18.0 to patch code injection vulnerability #53

Merged

privilegedescalation-engineer[bot] merged 1 commits from fix/lodash-cve-ghsa-r5fr-rjxr-66jc into main

2026-05-04 03:24:04 +00:00

2 changed files with 406 additions and 405 deletions

									
										package.json
									
		+2
		-1
	
												View File
												
				@@ -52,7 +52,8 @@

				  "overrides": {

				    "tar": "^7.5.11",

				    "undici": "^7.24.3",

				    "vite": ">=6.4.2"

				    "vite": ">=6.4.2",

				    "lodash": ">=4.18.0"

				  },

				  "dependencies": {

				    "node-forge": "^1.4.0"

pnpm-lock.yaml

Generated

+404 -404

View File

File diff suppressed because it is too large Load Diff