Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Application Dependency Vulnerabilities #3

Open
2 of 9 tasks
slcardinal opened this issue Nov 28, 2023 · 1 comment
Open
2 of 9 tasks

Application Dependency Vulnerabilities #3

slcardinal opened this issue Nov 28, 2023 · 1 comment

Comments

@slcardinal
Copy link

Stratos Version

Version: 4.4.0

Frontend Deployment type

  • Cloud Foundry Application (cf push)
  • Kubernetes, using a helm chart
  • Docker, single container deploying all components
  • npm run start
  • Other (please specify below)

Backend (Jet Stream) Deployment type

  • Cloud Foundry Application (cf push)
  • Kubernetes, using a helm chart
  • Docker, single container deploying all components
  • Other (please specify below)

Expected behaviour

Address Critical applicaiton dependency vulnerabilities.

I am not a developer, I just support the Stratos UI that is used with our internal deployment of Cloud Foundry. We have clone of this repository in our Enterprise Version of GitHub and our security team has enabled Dependabot to help with vulnerabilities. Due to these critical vulnerabilities, we have been asked to stop using this UI as part of our Cloud Foundry deployment. We would like to continue to use Stratos, as our internal customers prefer Stratos to the home grown Cloud Foundry UI that was developed. Would someone in the community be willing to have a look at remeidating the application dependencies in the Stratos UI?

Actual behaviour

Need to have Dependabot recommendations resolved.

Steps to reproduce the behavior

Turn on dependabot recommendations for the community repostiory for Stratos.

Log output covering before error and any error statements

Insert log hereCopy

Detailed Description

Context

Possible Implementation

@norman-abramovitz
Copy link
Contributor

Stratus being updated will done over the next couple of months.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants