Safety vulnerability ID: 74084
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Model-registry 0.2.10 updates its NPM dependency 'http-proxy-middleware' to v2.0.7 to include a security fix.
Latest version: 0.2.10
Client for Kubeflow Model Registry
> **Alpha**
> This Kubeflow component has alpha status with limited support. See the [Kubeflow versioning policies](https://www.kubeflow.org/docs/started/support/#application-status). The Kubeflow team is interested in your [feedback](https://github.com/kubeflow/model-registry)about the usability of the feature.
What's Changed
* docs: update readme link by tarilabs in https://github.com/kubeflow/model-registry/pull/487
* chore: version bump and add alpha version policy in readme by tarilabs in https://github.com/kubeflow/model-registry/pull/489
* feat(csi): add CSI manifests by Al-Pragliola in https://github.com/kubeflow/model-registry/pull/491
* build(deps): bump github.com/kubeflow/model-registry from 0.2.8-alpha to 0.2.9 in /csi by dependabot in https://github.com/kubeflow/model-registry/pull/494
* build(deps-dev): bump mypy from 1.11.2 to 1.12.1 in /clients/python by dependabot in https://github.com/kubeflow/model-registry/pull/500
* build(deps-dev): bump ruff from 0.6.9 to 0.7.0 in /clients/python by dependabot in https://github.com/kubeflow/model-registry/pull/501
* build(deps-dev): bump coverage from 7.6.3 to 7.6.4 in /clients/python by dependabot in https://github.com/kubeflow/model-registry/pull/502
* build(deps): bump huggingface-hub from 0.25.2 to 0.26.1 in /clients/python by dependabot in https://github.com/kubeflow/model-registry/pull/507
* chore: format kustomization file by tarilabs in https://github.com/kubeflow/model-registry/pull/506
* feat(csi): support multiple model registries by Al-Pragliola in https://github.com/kubeflow/model-registry/pull/508
* chore(manifests): remove unnecessary -2 prefix from csi manifest by Al-Pragliola in https://github.com/kubeflow/model-registry/pull/510
* build(deps): bump github.com/kubeflow/model-registry from 0.2.8-alpha to 0.2.9 in /clients/ui/bff by dependabot in https://github.com/kubeflow/model-registry/pull/492
* Apply PF Breaking Change Best Practices to MUI Theme Stylesheet by jenny-s51 in https://github.com/kubeflow/model-registry/pull/484
* build(deps-dev): bump webpack from 5.94.0 to 5.95.0 in /clients/ui/frontend by dependabot in https://github.com/kubeflow/model-registry/pull/496
* build(deps-dev): bump serve from 14.2.3 to 14.2.4 in /clients/ui/frontend by dependabot in https://github.com/kubeflow/model-registry/pull/498
* build(deps-dev): bump mui/icons-material from 6.1.2 to 6.1.4 in /clients/ui/frontend by dependabot in https://github.com/kubeflow/model-registry/pull/499
* Add golangci-lint timeout to fix CI by Griffin-Sullivan in https://github.com/kubeflow/model-registry/pull/504
* docs: typo fix by tarilabs in https://github.com/kubeflow/model-registry/pull/509
* build(deps-dev): bump ruff from 0.7.0 to 0.7.1 in /clients/python by dependabot in https://github.com/kubeflow/model-registry/pull/516
* build(deps): bump aiohttp-retry from 2.8.3 to 2.9.0 in /clients/python by dependabot in https://github.com/kubeflow/model-registry/pull/515
* build(deps-dev): bump mypy from 1.12.1 to 1.13.0 in /clients/python by dependabot in https://github.com/kubeflow/model-registry/pull/517
* build(deps): bump k8s.io/apimachinery from 0.31.1 to 0.31.2 in /clients/ui/bff by dependabot in https://github.com/kubeflow/model-registry/pull/512
* build(deps): bump k8s.io/client-go from 0.31.1 to 0.31.2 in /clients/ui/bff by dependabot in https://github.com/kubeflow/model-registry/pull/513
* build(deps): bump sigs.k8s.io/controller-runtime from 0.19.0 to 0.19.1 in /clients/ui/bff by dependabot in https://github.com/kubeflow/model-registry/pull/514
* build(deps-dev): bump mui/icons-material from 6.1.4 to 6.1.5 in /clients/ui/frontend by dependabot in https://github.com/kubeflow/model-registry/pull/519
* build(deps-dev): bump html-webpack-plugin from 5.6.0 to 5.6.3 in /clients/ui/frontend by dependabot in https://github.com/kubeflow/model-registry/pull/520
* build(deps-dev): bump testing-library/jest-dom from 6.5.0 to 6.6.2 in /clients/ui/frontend by dependabot in https://github.com/kubeflow/model-registry/pull/521
* Applies bug fixes to UI screens by jenny-s51 in https://github.com/kubeflow/model-registry/pull/523
* feat(bff): Use envtest for kubernetes testing instead of hardcoded mock by ederign in https://github.com/kubeflow/model-registry/pull/490
* build(deps): bump github.com/onsi/gomega from 1.33.1 to 1.35.1 in /clients/ui/bff by dependabot in https://github.com/kubeflow/model-registry/pull/533
* Multiple versions bumps: patternfly (6.0.0), eslint-plugin-jsx-a11y (6.10.2), eslint-plugin-react (7.37.2) and http-proxy-middleware (cve) by ederign in https://github.com/kubeflow/model-registry/pull/526
* build(deps-dev): bump cypress/code-coverage from 3.13.4 to 3.13.5 in /clients/ui/frontend by dependabot in https://github.com/kubeflow/model-registry/pull/530
* build(deps): bump dompurify from 3.1.6 to 3.1.7 in /clients/ui/frontend by dependabot in https://github.com/kubeflow/model-registry/pull/531
* build(deps): bump github.com/brianvoe/gofakeit/v7 from 7.0.4 to 7.1.2 in /clients/ui/bff by dependabot in https://github.com/kubeflow/model-registry/pull/532
* build(deps): bump github.com/onsi/ginkgo/v2 from 2.19.0 to 2.21.0 in /clients/ui/bff by dependabot in https://github.com/kubeflow/model-registry/pull/534
* core: openapi factories, do not require artifactType by Al-Pragliola in https://github.com/kubeflow/model-registry/pull/538
* build(deps): bump typescript-eslint/parser from 8.9.0 to 8.12.2 in clients/ui/frontend by ederign in https://github.com/kubeflow/model-registry/pull/539
* Fixing slog.Logger.Error arg err should be a string or a slog.Attr (possible missing key or value) by ederign in https://github.com/kubeflow/model-registry/pull/540
* Add NotificationContext and useNotification hook by Griffin-Sullivan in https://github.com/kubeflow/model-registry/pull/524
* chore: align manifest for 0.2.10 by tarilabs in https://github.com/kubeflow/model-registry/pull/544
**Full Changelog**: https://github.com/kubeflow/model-registry/compare/v0.2.9...v0.2.10
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application