Skip to content

Commit 275be25

Browse files
sbouchetsbouchet
authored
Fix critical CVEs by replacing deprecated 'request' package (che-incubator#604)
* Fix critical CVEs by replacing deprecated 'request' package Removed deprecated 'request' package and replaced with axios to fix CVE-2023-28155. Applied fixes across launcher and che extensions for ESM compatibility. Changes: - Replaced 'request' with 'axios' in package.json - Upgraded @kubernetes/client-node from 0.22.0 to 1.4.0 - Updated ts-jest from 29.2.5 to 29.4.5 for better ESM compatibility - Added transformIgnorePatterns for @kubernetes/client-node - Fixed test mocks for ESM compatibility 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> Signed-off-by: Stephane Bouchet <sbouchet@redhat.com> * changes after review: - removed unecessary rebase changelog entry - re-run npm install and fix missing package-lock.json entries Signed-off-by: Stephane Bouchet <sbouchet@redhat.com> --------- Signed-off-by: Stephane Bouchet <sbouchet@redhat.com>
1 parent d2b4e4a commit 275be25

36 files changed

Lines changed: 6067 additions & 12977 deletions

.rebase/CHANGELOG.md

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,12 @@ https://github.com/che-incubator/che-code/pull/607
88
- code/extensions/vscode-api-tests/package.json
99
---
1010

11+
#### @sbouchet
12+
https://github.com/che-incubator/che-code/pull/604
13+
14+
- code/remote/package.json
15+
---
16+
1117
#### @sbouchet
1218
https://github.com/che-incubator/che-code/pull/589
1319

@@ -60,12 +66,6 @@ https://github.com/che-incubator/che-code/pull/571
6066
- code/package.json
6167
---
6268

63-
#### @sbouchet
64-
https://github.com/che-incubator/che-code/pull/566
65-
66-
- code/remote/package.json
67-
---
68-
6969
#### @sbouchet
7070
https://github.com/che-incubator/che-code/pull/561
7171

.rebase/add/code/remote/package.json

Lines changed: 1 addition & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -2,14 +2,11 @@
22
"dependencies": {
33
"ws": "8.2.3",
44
"js-yaml": "^4.1.0",
5-
"@kubernetes/client-node": "^0.22.0"
5+
"@kubernetes/client-node": "^1.4.0"
66
},
77
"overrides": {
88
"prebuild-install": {
99
"tar-fs": "2.1.4"
10-
},
11-
"request": {
12-
"form-data": "2.5.5"
1310
}
1411
}
1512
}

code/extensions/che-activity-tracker/package-lock.json

Lines changed: 0 additions & 15 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)