Skip to content

fix: resolve npm security vulnerabilities#189

Open
ANAMASGARD wants to merge 1 commit into
inspektor-gadget:mainfrom
ANAMASGARD:fix/npm-security-vulnerabilities
Open

fix: resolve npm security vulnerabilities#189
ANAMASGARD wants to merge 1 commit into
inspektor-gadget:mainfrom
ANAMASGARD:fix/npm-security-vulnerabilities

Conversation

@ANAMASGARD

@ANAMASGARD ANAMASGARD commented Jan 3, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

What this PR does

Resolves security vulnerabilities in npm dependencies by updating package-lock.json.

FIXES :- #188

Screenshot

Screenshot From 2026-01-03 14-19-40

Why it's needed

Running npm audit previously reported security vulnerabilities in transitive dependencies.

Changes

  • Updated package-lock.json to resolve vulnerable dependency versions
  • package.json may have minor version updates if applicable

Verification

npm install
npm audit
# Output: found 0 vulnerabilities

@netlify

netlify Bot commented Jan 3, 2026
edited
Loading

Copy link
Copy Markdown

Deploy Preview for inspektor-gadget ready!

Name Link
🔨 Latest commit e132d04
🔍 Latest deploy log https://app.netlify.com/projects/inspektor-gadget/deploys/6958dbcadb1f9800084cb5c2
😎 Deploy Preview https://deploy-preview-189--inspektor-gadget.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@ANAMASGARD
fix: resolve npm security vulnerabilities
e132d04 
Update package-lock.json to address security vulnerabilities reported
by npm audit. After this change, npm audit reports 0 vulnerabilities.

Signed-off-by: Gaurav Chaudhary <chaudharygaurav2004@gmail.com>
Signed-off-by: Gauarv Chaudhary <chaudharygaurav2004@gmail.com>
@ANAMASGARD ANAMASGARD force-pushed the fix/npm-security-vulnerabilities branch from 33e251c to e132d04 Compare January 3, 2026 09:05
mauriciovasquezbernal
mauriciovasquezbernal requested changes Jan 5, 2026
View reviewed changes

@mauriciovasquezbernal mauriciovasquezbernal left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it's missing an invocation of npm install to update package-lock.json.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mauriciovasquezbernal mauriciovasquezbernal mauriciovasquezbernal requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ANAMASGARD @mauriciovasquezbernal