Skip to content

fix: update vulnerable dependencies to address critical CVEs#3717

Open
amit-noy wants to merge 2 commits into
mlrun:developmentfrom
amit-noy:fix/security-dependency-updates
Open

fix: update vulnerable dependencies to address critical CVEs#3717
amit-noy wants to merge 2 commits into
mlrun:developmentfrom
amit-noy:fix/security-dependency-updates

Conversation

@amit-noy

@amit-noy amit-noy commented Jul 2, 2026

Copy link
Copy Markdown
Collaborator

📝 Description

Reviewed all open Dependabot security alerts and resolved them.


Dependabot issues

✅ Checklist

  • I have given the PR a well-structured title describing the domain and the specific change that was made
  • I tested the changes in the browser (locally or via preview build)
  • I confirmed that existing tests pass
  • I added or updated unit / integration tests (if needed)
  • I checked that this change doesn’t introduce new console warnings or lint / formatting errors
  • I updated the relevant Jira ticket with the appropriate details and status

🔗 References


🚨 Potentially Breaking Changes

  • Yes
  • No

Includes DRC change

  • Yes
  • No

If yes -> requires bump NPM version


🔍 Additional Notes

  • The test failed unrelated to the bumps

📸 Screenshots / Demos


@amit-noy amit-noy requested a review from muli-cohen July 2, 2026 15:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant