fix for CVE-2025-69873

[rhdmalone]

fix for CVE-2025-69873
https://www.cve.org/CVERecord?id=CVE-2025-69873

Summary by CodeRabbit

Release Notes

• Chores
  • Updated a project dependency to the latest stable version for improved stability and compatibility.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Central YAML (inherited)

Review profile: CHILL

Plan: Pro

Run ID: 931a081c-74ac-4c17-8c04-ec8610036128

📥 Commits

Reviewing files that changed from the base of the PR and between 4b2ccc0 and 826e082.

⛔ Files ignored due to path filters (1)

• web/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• web/package.json

---

Walkthrough

Dependency version update of ajv from ^8.17.1 to ^8.18.0 in the web package configuration.

Changes

Cohort / File(s)	Summary
Dependency Update web/package.json	Updated ajv JSON schema validator from version ^8.17.1 to ^8.18.0

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'fix for CVE-2025-69873' accurately describes the main change: updating the ajv dependency to address a known CVE vulnerability.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Stable And Deterministic Test Names	✅ Passed	The repository contains no Ginkgo tests, only standard Go unit tests and frontend code. The PR only modifies web/package.json and does not change any test files.
Test Structure And Quality	✅ Passed	This custom check is not applicable. The PR only modifies web/package.json to update the ajv dependency version, with no test files added, modified, or removed.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: rhdmalone
Once this PR has been reviewed and has the lgtm label, please assign etmurasaki for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

@rhdmalone: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.