[Snyk] Fix for 3 vulnerabilities

[MarcelRaschke]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-applications-catalog/hadoop-yarn-applications-catalog-webapp/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKDOWNIT-2331914	No	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKDOWNIT-459438	No	Proof of Concept
	676/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.1	Improper Privilege Management SNYK-JS-SHELLJS-2332187	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: apidoc

The new version differs by 250 commits.

• 14f8ddf npm upgrade
• 159cae6 fix parser error with little endpoints (HDDS-1736. Cleanup 2phase old HA code for Key requests. apache/hadoop#1038)
• 098d213 fix adding parameters to the query string ( YARN-9655: add a UT for lost applicationPriority in FederationInterceptor apache/hadoop#1036)
• 4295c77 Fix apiDoc params detection (HDDS-1733. Fix Ozone documentation apache/hadoop#1031)
• 59adf08 fix display when "apiVersion" is not used (HDDS-1391 : Add ability in OM to serve delta updates through an API. apache/hadoop#1033) (HDDS-1721 : Client Metrics are not being pushed to the configured sin… apache/hadoop#1034)
• fd288f7 changelog
• 151d60b fix no route diff between two versions (HDFS-14564: Add libhdfs APIs for readFully; add readFully to ByteBufferPositionedReadable apache/hadoop#963) (ArrayList is not thread safe. Field timedOutItems is typically protected by synchronization on itself. However, in one place, the field is inside a synchronized on a different object, which does not ensure protection apache/hadoop#1030)
• eb570bc Fix menu items in aloneDisplay mode (HDDS-1384. TestBlockOutputStreamWithFailures is failing apache/hadoop#1029)
• a065888 update path-to-regexp
• aafdbb7 npm upgrade
• c44471f Fix issue with compare code (HDDS-1730. Implement File CreateDirectory Request to use Cache and Do… apache/hadoop#1026)
• f37117b changelog
• c88626e fix header/footer in aloneDisplay mode (Changing abfs default blocksize to 256 MB apache/hadoop#1027)
• 6a8bd05 fix duplicated content with aloneDisplay (HDDS-373. Genconf tool must generate ozone-site.xml with sample values apache/hadoop#1025)
• 6048fc1 Take standard parameters of URL query string into account (HDDS-1727. Use generation of resourceName for locks in OzoneManagerLock. apache/hadoop#1014)
• b267f36 fix apiSampleRequest not working (YARN-9655:AllocateResponse in FederationInterceptor lost applicationPriority apache/hadoop#1023)
• d3dda6c fix error with parenthesis in apiGroup (HDDS-1728. Add metrics for leader's latency in ContainerStateMachine. Contributed by Mukul Kumar Singh. apache/hadoop#1022)
• a5651e6 allow colon in apiDefine (huowang apache/hadoop#1021)
• caa8cb6 fix comment
• a6550cc make eslint work on .mjs files too
• cb5c895 npm update
• 366b623 do a bit of refactoring
• a736fb5 add description meta tag
• bafea33 use project's title, then name for title of page

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.