a95d9420e6
Fix security issue ( #5817 )
2024-06-06 15:56:06 +08:00
7e706b5825
Update README.md
2022-12-05 14:29:14 +08:00
8449892080
Adjust launcher pom as it is not built ( #5803 )
2022-09-13 11:31:22 +08:00
e7452afc71
Adding Microsoft SECURITY.MD ( #5798 )
...
Please accept this contribution adding the standard Microsoft SECURITY.MD 🔒 file to help the community understand the security policy and how to safely report security issues. GitHub uses the presence of this file to light-up security reminders and a link to the file. This pull request commits the latest official SECURITY.MD file from https://github.com/microsoft/repo-templates/blob/main/shared/SECURITY.md .
Microsoft teams can [learn more about this effort and share feedback](https://docs.opensource.microsoft.com/releasing/maintain/templates/ ) within the open source guidance available internally.
Co-authored-by: microsoft-github-policy-service[bot] <77245923+microsoft-github-policy-service[bot]@users.noreply.github.com>
2022-08-18 15:13:31 +08:00
b50f29169d
Fix IT ( #5773 )
2022-05-09 17:13:11 +08:00
72eb4d1818
fix #5150 , serialize image pulls issue. ( #5768 )
...
Signed-off-by: siaimes <34199488+siaimes@users.noreply.github.com>
2022-05-06 10:19:21 +08:00
e41df9f0b9
Bump async from 2.5.0 to 2.6.4 in /src/rest-server ( #5764 )
...
Bumps [async](https://github.com/caolan/async ) from 2.5.0 to 2.6.4.
- [Release notes](https://github.com/caolan/async/releases )
- [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md )
- [Commits](https://github.com/caolan/async/compare/v2.5.0...v2.6.4 )
---
updated-dependencies:
- dependency-name: async
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-26 09:51:09 +08:00
1f5f52d2ea
Fix job secret ( #5763 )
...
Fix job secret, fix #5609 with microsoft/openpai-runtime#53
2022-04-21 20:47:01 +08:00
e35662f345
Bump moment in /src/alert-manager/src/alert-handler ( #5758 )
...
Bumps [moment](https://github.com/moment/moment ) from 2.27.0 to 2.29.2.
- [Release notes](https://github.com/moment/moment/releases )
- [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/moment/moment/compare/2.27.0...2.29.2 )
---
updated-dependencies:
- dependency-name: moment
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-19 21:06:48 +08:00
d607ff0fa7
Fix task role name patten. ( #5762 )
...
Change task role name patten to /^[a-z0-9]{1,63}$/ and make sure it align with framework object
Signed-off-by: siaimes <34199488+siaimes@users.noreply.github.com>
2022-04-18 10:42:13 +08:00
02442f3569
Bump marked from 0.7.0 to 4.0.10 in /src/webportal ( #5684 )
...
Bumps [marked](https://github.com/markedjs/marked ) from 0.7.0 to 4.0.10.
- [Release notes](https://github.com/markedjs/marked/releases )
- [Changelog](https://github.com/markedjs/marked/blob/master/.releaserc.json )
- [Commits](https://github.com/markedjs/marked/compare/v0.7.0...v4.0.10 )
---
updated-dependencies:
- dependency-name: marked
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-09 11:01:17 +08:00
999bda4bd8
Bump moment from 2.24.0 to 2.29.2 in /src/webportal ( #5757 )
...
Bumps [moment](https://github.com/moment/moment ) from 2.24.0 to 2.29.2.
- [Release notes](https://github.com/moment/moment/releases )
- [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/moment/moment/compare/2.24.0...2.29.2 )
---
updated-dependencies:
- dependency-name: moment
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-09 10:59:20 +08:00
d2dad90a0d
fix critical dependant alerts ( #5756 )
2022-04-08 21:52:22 +08:00
2330ecc33b
Bump ajv from 6.10.0 to 6.12.6 in /contrib/submit-job-v2 ( #5713 )
2022-04-08 21:14:36 +08:00
c1e3058b52
Bump ansi-regex from 4.1.0 to 4.1.1 in /src/rest-server ( #5755 )
2022-04-08 21:09:25 +08:00
808602177b
Bump ajv from 6.10.0 to 6.12.3 in /src/rest-server ( #5712 )
2022-04-08 21:08:41 +08:00
fb481103d5
Bump follow-redirects from 1.14.7 to 1.14.9 in /src/webportal ( #5751 )
2022-04-08 21:04:19 +08:00
9c138b2254
Bump axios from 0.21.1 to 0.21.2 in /src/rest-server ( #5754 )
2022-04-08 21:03:42 +08:00
dc2e373d40
upgrade axios ( #5753 )
2022-04-08 20:59:00 +08:00
e63e7e7b97
Bump follow-redirects from 1.14.7 to 1.14.9 in /contrib/submit-job-v2 ( #5750 )
2022-04-08 20:46:08 +08:00
7e4bf6d701
update `minimist` manually ( #5752 )
2022-04-08 20:13:21 +08:00
2434a05e40
Bump ansi-regex from 3.0.0 to 3.0.1 in /src/database-controller/src ( #5742 )
2022-04-08 19:48:19 +08:00
2a89bae984
Bump follow-redirects in /src/alert-manager/src/alert-handler ( #5717 )
2022-04-08 19:41:10 +08:00
578aaae155
Bump ansi-regex in /src/alert-manager/src/alert-handler ( #5741 )
2022-04-08 19:40:13 +08:00
e9de6d33a4
Bump pyyaml from 5.3.1 to 5.4 in /contrib/hived-config-adapter ( #5746 )
...
Bumps [pyyaml](https://github.com/yaml/pyyaml ) from 5.3.1 to 5.4.
- [Release notes](https://github.com/yaml/pyyaml/releases )
- [Changelog](https://github.com/yaml/pyyaml/blob/master/CHANGES )
- [Commits](https://github.com/yaml/pyyaml/compare/5.3.1...5.4 )
---
updated-dependencies:
- dependency-name: pyyaml
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-08 13:59:03 +08:00
6c5cff1104
Bump pathval from 1.1.0 to 1.1.1 in /src/rest-server ( #5711 )
...
Bumps [pathval](https://github.com/chaijs/pathval ) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/chaijs/pathval/releases )
- [Changelog](https://github.com/chaijs/pathval/blob/master/CHANGELOG.md )
- [Commits](https://github.com/chaijs/pathval/compare/v1.1.0...v1.1.1 )
---
updated-dependencies:
- dependency-name: pathval
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-08 13:50:47 +08:00
8165525063
Bump minimist from 1.2.5 to 1.2.6 in /src/database-controller/src ( #5729 )
...
Bumps [minimist](https://github.com/substack/minimist ) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/substack/minimist/releases )
- [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6 )
---
updated-dependencies:
- dependency-name: minimist
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-08 13:49:40 +08:00
348b74bffd
Bump minimist from 1.2.5 to 1.2.6 in /src/database-controller/sdk ( #5728 )
...
Bumps [minimist](https://github.com/substack/minimist ) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/substack/minimist/releases )
- [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6 )
---
updated-dependencies:
- dependency-name: minimist
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-08 13:49:13 +08:00
1158313e7c
Bump ansi-regex from 3.0.0 to 3.0.1 in /src/database-controller/sdk ( #5743 )
...
Bumps [ansi-regex](https://github.com/chalk/ansi-regex ) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/chalk/ansi-regex/releases )
- [Commits](https://github.com/chalk/ansi-regex/compare/v3.0.0...v3.0.1 )
---
updated-dependencies:
- dependency-name: ansi-regex
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-08 13:48:35 +08:00
0fc2924616
Bump minimist in /src/alert-manager/src/alert-handler ( #5734 )
...
Bumps [minimist](https://github.com/substack/minimist ) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/substack/minimist/releases )
- [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6 )
---
updated-dependencies:
- dependency-name: minimist
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-07 11:12:29 +08:00
2449771c98
Bump url-parse from 1.5.3 to 1.5.10 in /src/webportal ( #5722 )
...
Bumps [url-parse](https://github.com/unshiftio/url-parse ) from 1.5.3 to 1.5.10.
- [Release notes](https://github.com/unshiftio/url-parse/releases )
- [Commits](https://github.com/unshiftio/url-parse/compare/1.5.3...1.5.10 )
---
updated-dependencies:
- dependency-name: url-parse
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-07 11:11:39 +08:00
61fe82d9e4
Bump url-parse from 1.5.3 to 1.5.10 in /contrib/submit-job-v2 ( #5723 )
...
Bumps [url-parse](https://github.com/unshiftio/url-parse ) from 1.5.3 to 1.5.10.
- [Release notes](https://github.com/unshiftio/url-parse/releases )
- [Commits](https://github.com/unshiftio/url-parse/compare/1.5.3...1.5.10 )
---
updated-dependencies:
- dependency-name: url-parse
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-07 11:10:57 +08:00
698e3df530
Bump cached-path-relative from 1.0.2 to 1.1.0 in /src/webportal ( #5706 )
2022-02-07 05:17:16 +00:00
b3c196f335
Bump node-fetch from 2.6.1 to 2.6.7 in /src/webportal ( #5705 )
2022-01-25 05:19:06 +00:00
1bf5fe8f87
Bump jinja2 from 2.11.2 to 2.11.3 in /contrib/kubespray/script ( #5704 )
2022-01-25 12:38:36 +08:00
cc630beaae
Bump ws from 7.3.1 to 7.5.6 in /src/alert-manager/src/alert-handler ( #5698 )
2022-01-25 12:28:03 +08:00
2e5ccf606b
Bump nodemailer in /src/alert-manager/src/alert-handler ( #5694 )
2022-01-25 12:27:02 +08:00
11865346c8
Upgrade k8s to v1.16.x ( #5703 )
2022-01-25 12:13:51 +08:00
14c444fe3d
Bump pug-code-gen in /src/alert-manager/src/alert-handler ( #5701 )
2022-01-25 02:10:08 +00:00
932397c554
Bump node-fetch from 2.6.1 to 2.6.7 in /src/database-controller/src ( #5702 )
2022-01-25 02:09:31 +00:00
1b9d01c536
Bump shelljs from 0.8.3 to 0.8.5 in /src/rest-server ( #5685 )
2022-01-25 02:04:47 +00:00
2bbd921a78
Bump normalize-url in /src/alert-manager/src/alert-handler ( #5695 )
2022-01-25 02:04:15 +00:00
c199ba1db4
Bump glob-parent in /src/alert-manager/src/alert-handler ( #5696 )
2022-01-25 02:03:50 +00:00
cd606074df
Bump hosted-git-info in /src/alert-manager/src/alert-handler ( #5697 )
2022-01-25 02:03:28 +00:00
be59c63fd4
Bump lodash in /src/alert-manager/src/alert-handler ( #5700 )
2022-01-25 02:02:54 +00:00
aa89c87943
Bump jose from 2.0.2 to 2.0.5 in /src/alert-manager/src/alert-handler ( #5699 )
2022-01-25 01:55:13 +00:00
c4f436b9fd
Bump shelljs from 0.8.4 to 0.8.5 in /src/database-controller/src ( #5686 )
2022-01-25 01:50:23 +00:00
7122314042
[Doc] Fix typo ( #5678 )
2022-01-25 09:49:32 +08:00
ced65dcef9
Bump path-parse in /src/alert-manager/src/alert-handler ( #5690 )
2022-01-25 01:48:43 +00:00
3db7f716cb
Bump tar from 6.0.5 to 6.1.11 in /src/alert-manager/src/alert-handler ( #5692 )
2022-01-25 01:45:49 +00:00
Binyang Li
Scarlett Li
Yuqi Wang
microsoft-github-policy-service[bot]
siaimes
dependabot[bot]
Guoxin
Lijiaoa