[Snyk] Upgrade @kubernetes/client-node from 0.8.2 to 0.22.3

[zg-appsec]

Snyk has created this PR to upgrade @kubernetes/client-node from 0.8.2 to 0.22.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 38 versions ahead of your current version.

• The recommended version was released a year ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Improper Privilege Management SNYK-JS-SHELLJS-2332187	372	Proof of Concept
	Denial of Service (DoS) SNYK-JS-WS-7266574	372	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	372	Proof of Concept
	Arbitrary Code Injection SNYK-JS-UNDERSCORE-1080984	372	Proof of Concept
	Arbitrary Code Injection SNYK-JS-UNDERSCORE-1080984	372	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	372	Proof of Concept
	Command Injection SNYK-JS-JISON-570539	372	Proof of Concept
	Prototype Pollution SNYK-JS-JSYAML-13961110	372	No Known Exploit

Release notes

Package name: @kubernetes/client-node

• 0.22.3 - 2024-11-24
  

  What's Changed

  • Rev to new patch version. by @ brendandburns in #1994
  • build(deps-dev): bump mocha from 10.8.1 to 10.8.2 by @ dependabot in #1997
  • Update to version 0.22.3 by @ brendandburns in #1998
  • build(deps-dev): bump @ types/node from 22.8.4 to 22.8.6 by @ dependabot in #2005
  • build(deps): bump tslib from 2.8.0 to 2.8.1 by @ dependabot in #2003
  • build(deps-dev): bump mock-fs from 5.4.0 to 5.4.1 by @ dependabot in #2004
  • chore: run format as pre-commit hook by @ mstruebing in #2007
  • build(deps-dev): bump @ types/ws from 8.5.12 to 8.5.13 by @ dependabot in #2012
  • build(deps-dev): bump @ types/node from 22.8.6 to 22.8.7 by @ dependabot in #2011
  • build(deps-dev): bump typedoc from 0.26.10 to 0.26.11 by @ dependabot in #2013
  • build(deps-dev): bump @ types/node from 22.8.7 to 22.9.0 by @ dependabot in #2016
  • build(deps-dev): bump nock from 13.5.5 to 13.5.6 by @ dependabot in #2021
  • build(deps): bump JamesIves/github-pages-deploy-action from 4.6.8 to 4.6.9 by @ dependabot in #2022
  • Add write permissions to deploy docs by @ clayrosenthal in #2024
  • bump jsonpath-plus by @ liviarett in #2025
  • build(deps): bump jsonpath-plus from 10.1.0 to 10.2.0 by @ dependabot in #2029
  • Update codeql-analysis.yml by @ brendandburns in #2027
  • build(deps): bump cross-spawn from 7.0.3 to 7.0.5 by @ dependabot in #2030
  • chore: bump jsonpath-plus allowed version range by @ mstruebing in #2031
  • build(deps-dev): bump husky from 9.1.6 to 9.1.7 by @ dependabot in #2034
  • build(deps-dev): bump @ types/node from 22.9.0 to 22.9.1 by @ dependabot in #2040
  • build(deps-dev): bump @ types/mocha from 10.0.9 to 10.0.10 by @ dependabot in #2043
  • Add support for the v5 protocol by @ brendandburns in #2037

  New Contributors

  • @ clayrosenthal made their first contribution in #2024
  • @ liviarett made their first contribution in #2025

  Full Changelog: 0.22.2...0.22.3

• 0.22.2 - 2024-10-31
  

  Merge pull request #1997 from kubernetes-client/dependabot/npm_and_ya…

• 0.22.1 - 2024-10-15
  

  What's Changed

  • Fix cp promise returns by converting the exec callbacks into promises by @ joeferner in #1880
  • test: replace use of deprecated Buffer constructor by @ cjihrig in #1891
  • ci: test against node 22 by @ cjihrig in #1890
  • chore: update ws by @ mstruebing in #1888
  • ci: use node LTS in workflows by @ mstruebing in #1918

  New Contributors

  • @ joeferner made their first contribution in #1880

  Full Changelog: 0.22.0...0.22.1

• 0.22.0 - 2024-09-13
  

  What's Changed

  • Support for Kubernetes 1.30
  • Automated Generate from openapi release-1.30 by @ github-actions in #1672
  • Fix typos in FETCH_MIGRATION.md by @ lordrip in #1687
  • make namespace in Object header optional by @ schrodit in #1694
  • Properly parse metadata of custom Kubernetes objects by @ schrodit in #1695
  • add examples to generic api (inside object.ts) by @ zfrhv in #1705
  • add generic and typed watch to KubernetesObjectApi by @ schrodit in #1831
    client/javascript/pull/1876

  New Contributors

  • @ lordrip made their first contribution in #1687

  Full Changelog: 0.21.0...0.22.0

• 0.21.0 - 2024-05-03
• 0.20.0 - 2023-11-02
• 0.19.0 - 2023-09-17
• 0.18.1 - 2023-01-21
• 0.18.0 - 2022-12-15
• 0.17.1 - 2022-09-11
• 0.17.0 - 2022-06-27
• 0.16.3 - 2022-02-09
• 0.16.2 - 2022-01-19
• 0.16.1 - 2021-11-19
• 0.16.0 - 2021-11-12
• 0.15.1 - 2021-08-17
• 0.15.0 - 2021-06-25
• 0.14.3 - 2021-04-11
• 0.14.2 - 2021-04-08
• 0.14.1 - 2021-04-02
• 0.14.0 - 2021-02-18
• 0.13.2 - 2020-12-23
• 0.13.1 - 2020-12-19
• 0.13.0 - 2020-11-03
• 0.12.3 - 2020-10-23
• 0.12.2 - 2020-09-22
• 0.12.1 - 2020-09-17
• 0.12.0 - 2020-05-19
• 0.11.2 - 2020-04-21
• 0.11.1 - 2020-02-01
• 0.11.0 - 2019-10-14
• 0.10.3 - 2019-09-26
• 0.10.2 - 2019-06-20
• 0.10.1 - 2019-06-12
• 0.10.0 - 2019-06-10
• 0.9.2 - 2019-06-03
• 0.9.1 - 2019-05-31
• 0.9.0 - 2019-05-30
• 0.8.2 - 2019-03-15

from @kubernetes/client-node GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs