[MINOR] chore(zeppelin-web-angular): refresh lockfile to remediate npm audit findings#5208
Open
jongyoul wants to merge 1 commit intoapache:masterfrom
Open
[MINOR] chore(zeppelin-web-angular): refresh lockfile to remediate npm audit findings#5208jongyoul wants to merge 1 commit intoapache:masterfrom
jongyoul wants to merge 1 commit intoapache:masterfrom
Conversation
jongyoul
changed the title
jongyoul
force-pushed
the
copilot/fix-npm-audit-issues
branch
from
0e05df7 to
d2356a6
Compare
…findings Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
jongyoul
force-pushed
the
copilot/fix-npm-audit-issues
branch
5 times, most recently
from
01133e7 to
8e3be8b
Compare
There was a problem hiding this comment.
Pull request overview
Updates dependency lockfiles to address npm audit findings and includes small e2e/integration test adjustments to improve stability after dependency changes.
Changes:
- Refreshed
package-lock.jsonfiles underzeppelin-web-angular/(including thezeppelin-reactproject) with multiple dependency version bumps. - Added explicit 30s timeouts to several Playwright
waitForLoadState('networkidle')calls. - Updated Selenium-based integration-test login flow to better handle an already-open login modal and wait for login completion.
Reviewed changes
Copilot reviewed 10 out of 12 changed files in this pull request and generated 6 comments.
Show a summary per file
| File | Description |
|---|---|
| zeppelin-web-angular/projects/zeppelin-react/package-lock.json | Lockfile refresh with updated transitive dependency versions (e.g., brace-expansion, flatted, lodash, picomatch). |
| zeppelin-web-angular/package-lock.json | Main lockfile refresh with numerous transitive updates and additional metadata fields (licenses/engines). |
| zeppelin-web-angular/e2e/utils.ts | Adds explicit timeout to networkidle wait during login flow. |
| zeppelin-web-angular/e2e/tests/share/note-toc/note-toc.spec.ts | Adds explicit timeout to networkidle wait after navigation. |
| zeppelin-web-angular/e2e/tests/share/note-rename/note-rename.spec.ts | Adds explicit timeout to networkidle wait after navigation. |
| zeppelin-web-angular/e2e/tests/notebook/sidebar/sidebar-functionality.spec.ts | Adds explicit timeout to networkidle wait after navigation. |
| zeppelin-web-angular/e2e/tests/notebook/published/published-paragraph.spec.ts | Adds explicit timeout to networkidle wait after navigation. |
| zeppelin-web-angular/e2e/tests/notebook/paragraph/paragraph-functionality.spec.ts | Adds explicit timeout to networkidle wait after navigation. |
| zeppelin-web-angular/e2e/tests/notebook/main/notebook-container.spec.ts | Adds explicit timeout to networkidle wait after navigation. |
| zeppelin-web-angular/e2e/tests/notebook/keyboard/notebook-keyboard-shortcuts.spec.ts | Adds explicit timeout to networkidle wait for a newly opened tab. |
| zeppelin-web-angular/e2e/tests/notebook/action-bar/action-bar-functionality.spec.ts | Adds explicit timeout to networkidle waits in setup and post-action stabilization. |
| zeppelin-integration/src/test/java/org/apache/zeppelin/AbstractZeppelinIT.java | Enhances authentication flow (modal detection, field interactions, post-login wait, backdrop cleanup). |
Files not reviewed (1)
- zeppelin-web-angular/projects/zeppelin-react/package-lock.json: Language not supported
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
zeppelin-integration/src/test/java/org/apache/zeppelin/AbstractZeppelinIT.java
Outdated
Show resolved
Hide resolved
zeppelin-integration/src/test/java/org/apache/zeppelin/AbstractZeppelinIT.java
Outdated
Show resolved
Hide resolved
zeppelin-integration/src/test/java/org/apache/zeppelin/AbstractZeppelinIT.java
Outdated
Show resolved
Hide resolved
zeppelin-integration/src/test/java/org/apache/zeppelin/AbstractZeppelinIT.java
Outdated
Show resolved
Hide resolved
jongyoul
force-pushed
the
copilot/fix-npm-audit-issues
branch
2 times, most recently
from
33214d4 to
df96b41
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What is this PR for?
Refresh
package-lock.jsoninzeppelin-web-angularto remediate npm audit findings.Ran
npm audit fixon the latest master to resolve vulnerabilities that can be fixed without breaking changes.What type of PR is it?
Bug Fix / Improvement
Todos
What is the Jira issue?
How should this be tested?
cd zeppelin-web-angular && npm auditshould show fewer vulnerabilitiesScreenshots (if appropriate)
Questions: