Skip to content

Release#502

Merged
Nikhil-Nandagopal merged 49 commits into
masterfrom
release
Sep 5, 2020
Merged

Release#502
Nikhil-Nandagopal merged 49 commits into
masterfrom
release

Conversation

@Nikhil-Nandagopal

Copy link
Copy Markdown
Contributor

No description provided.

Nikhil-Nandagopal and others added 30 commits August 28, 2020 18:02
…ters (#411)

* Table widget filter type attribute displayed in column options
Integrated react router for better performance reporting
Added Sentry Profiler for editor, appviewer and widgets

Co-authored-by: Nikhil Nandagopal <nikhil@appsmith.com>
* Members and org settings page.

* Adding link back to applications

* Making UI look better.

* Fixing some more css

* Table dropdown onBlur, UI transparency, Popover issue fixed. Added sort arrow (#413)

* table dropdown ui issue and onblur click fixed

* position props value fixed

* tabs tripple click fixed

* Position props in table dropdown made optional

* tabs background color bug removed

* General settings page is bug free.

* Getting the manage users page to work.

* Moving general settings into its own file.

* Removing some unwanted URLs

* User cant change their role or remove themselves

* Changing onClick prop for Icon.

* Fixing tests

* Added loading states to text inputs.

* Added validators for text input

* Fixed border of skeleton for text input

* Adding a loader for Members screen

* Adding Noop to icon button

* Removing console.log

* Fixing imports.

* Moving org reducer to immer.

* Using utils email validator.

* Removing placeholder from text input props.

Co-authored-by: devrk96 <rohit.kumawat@primathon.in>
* appIcon color, icon enums and size fixed

* icon import updated
* Update host field with validation properties
* Entity explorer performance enhancements
* text component props updated

* case prop updated

* className added in text component and used enum values as array in stories
* className added in icon component and used icon names as an array in stories

* button component semicolon fixed

* fill prop added in button component

* name prop and iconName import updated.
* Start with new controller for assets

* Progress on uploading logo image

* Saving and loading organization logo assets now works

* Remove existing logo asset before saving a new one

* Fix 500 when uploading logo for the first time

* Fix URL in response for uploading logo image

* Add test for uploading logo for ogranization

* Mild refactoring in tests
* Add validation for host values in DB datasources

* Mild refactoring, for a dummy commit

* Add test for host name validation in datasources
* Deprecate Navbar. Sidebar becomes a panelStack. It now has two panels, WidgetSidebar and Explorer

Co-authored-by: Nandan <nandan@thinkify.io>
* dropdown with text and icon implemented

* dropdown with lable implemented and story updated

* Icon import and storyWrapper import updated

* onclick cleaned
* Trying to move horizontal rules into separate function

* Delete install_dir if exists already, after confirmation

* Add confirm function to take user conformations

* Resolve warnings on read command without -r option

* Use temporary directory for downloaded templates

* Fix inverted calls to confirm

* nginx template doesn't use global variables now

* docker compose template doesn't depend on global vars now

* Fix port checking for CentOS

* Fix encryption.env to not use global variables

* Fix mongo-init to not use global variables

* Fix docker.env file to not use any global variables

* Fix letsencrypt script to not use any global variables

* Set mongo_database in the docker-compose file

Spotted this after global variables were reduced. The `mongo_database`
was not being used anywhere.

* Move password generation into a function

* Attempt to add watchtower

* Fix port checking in install script for CentOS

* Don't offer to delete install dir if it already exists

* Remove vagrant source for templates (it's a dev-time thing only)
* Add a node.js script to dump examples organization

This dump file is used to setup initial examples organization
in a self-hosted setup.

* Remove unused variable

* Add npm run shortcut for dump script
* Fix aliases not showing up for MySQL actions

* Fix date column display for MySQL actions

* Fix datetime columns for MySQL actions

* Add support for timestamp and year data types for MySQL actions

* Fix column label for MySQL plugin

* Add tests for MySQL temporal data types

* Add tests for alias columns in MySQL and Postgres
* query and datasource related tests

* review comment incorporated

* Adding multiple widgets test

* Table widget related search/filter/compact mode tests

* Added tests related to visiblity funvtionality in table widget

* Validate action type in explorer

* updated test

* Test updated in accordance with new UI
@Nikhil-Nandagopal Nikhil-Nandagopal merged commit d7c10fb into master Sep 5, 2020
subrata71 added a commit that referenced this pull request Jun 2, 2026
## Description

Bulk update of Yarn resolution overrides in `app/client/package.json` to
resolve **72 open Dependabot security alerts** across **19 npm
packages**. This is the single highest-leverage PR for the SOC2
vulnerability remediation effort — it addresses 50% of all open CE
alerts by updating version pins in one file.

All changes are confined to resolution overrides and the regenerated
`yarn.lock`. No application code changes.

Fixes https://linear.app/appsmith/issue/APP-15271

### Updated Existing Resolutions (38 alerts)

| Package | Previous | New | Alerts Fixed |
|---|---|---|---|
| `axios` | `^1.15.0` | `^1.16.1` | 15 |
| `protobufjs` | `^7.5.5` | `^7.5.8` | 8 |
| `undici` | `6.21.2` | `6.24.0` | 6 |
| `minimatch` | `^5.0.0` | `^5.1.8` | 3 |
| `fast-xml-parser` | `4.5.4` | `4.5.5` | 2 |
| `brace-expansion` | `1.1.12` | `1.1.13` | 1 |
| `postcss` | `8.4.31` | `8.5.15` | 1 |
| `webpack` | `5.98.0` | `5.104.1` | 2 |

### New Resolutions Added (34 alerts)

| Package | Version | Alerts Fixed |
|---|---|---|
| `lodash` | `4.18.1` | 9 |
| `lodash-es` | `4.18.1` | 3 |
| `node-forge` | `1.4.0` | 7 |
| `@xmldom/xmldom` | `0.8.13` | 5 |
| `picomatch` | `2.3.2` | 2 |
| `underscore` | `1.13.8` | 1 |
| `defu` | `6.1.5` | 1 |
| `immutable` | `4.3.8` | 1 |
| `js-cookie` | `3.0.7` | 1 |
| `simple-git` | `3.36.0` | 1 |
| `@protobufjs/utf8` | `1.1.1` | 1 |

Also bumps direct dependency `node-forge` from `^1.3.0` to `^1.4.0`.

### Related Dependabot Alerts

This PR is expected to resolve the following alerts on merge:

**axios** (15):
[#602](https://github.com/appsmithorg/appsmith/security/dependabot/602),
[#603](https://github.com/appsmithorg/appsmith/security/dependabot/603),
[#604](https://github.com/appsmithorg/appsmith/security/dependabot/604),
[#605](https://github.com/appsmithorg/appsmith/security/dependabot/605),
[#606](https://github.com/appsmithorg/appsmith/security/dependabot/606),
[#607](https://github.com/appsmithorg/appsmith/security/dependabot/607),
[#608](https://github.com/appsmithorg/appsmith/security/dependabot/608),
[#609](https://github.com/appsmithorg/appsmith/security/dependabot/609),
[#610](https://github.com/appsmithorg/appsmith/security/dependabot/610),
[#611](https://github.com/appsmithorg/appsmith/security/dependabot/611),
[#612](https://github.com/appsmithorg/appsmith/security/dependabot/612),
[#613](https://github.com/appsmithorg/appsmith/security/dependabot/613),
[#614](https://github.com/appsmithorg/appsmith/security/dependabot/614),
[#641](https://github.com/appsmithorg/appsmith/security/dependabot/641),
[#642](https://github.com/appsmithorg/appsmith/security/dependabot/642)

**lodash + lodash-es** (12):
[#472](https://github.com/appsmithorg/appsmith/security/dependabot/472),
[#473](https://github.com/appsmithorg/appsmith/security/dependabot/473),
[#474](https://github.com/appsmithorg/appsmith/security/dependabot/474),
[#565](https://github.com/appsmithorg/appsmith/security/dependabot/565),
[#566](https://github.com/appsmithorg/appsmith/security/dependabot/566),
[#567](https://github.com/appsmithorg/appsmith/security/dependabot/567),
[#568](https://github.com/appsmithorg/appsmith/security/dependabot/568),
[#569](https://github.com/appsmithorg/appsmith/security/dependabot/569),
[#570](https://github.com/appsmithorg/appsmith/security/dependabot/570),
[#471](https://github.com/appsmithorg/appsmith/security/dependabot/471),
[#562](https://github.com/appsmithorg/appsmith/security/dependabot/562),
[#564](https://github.com/appsmithorg/appsmith/security/dependabot/564)

**protobufjs + @protobufjs/utf8** (9):
[#621](https://github.com/appsmithorg/appsmith/security/dependabot/621),
[#622](https://github.com/appsmithorg/appsmith/security/dependabot/622),
[#623](https://github.com/appsmithorg/appsmith/security/dependabot/623),
[#624](https://github.com/appsmithorg/appsmith/security/dependabot/624),
[#625](https://github.com/appsmithorg/appsmith/security/dependabot/625),
[#626](https://github.com/appsmithorg/appsmith/security/dependabot/626),
[#627](https://github.com/appsmithorg/appsmith/security/dependabot/627),
[#628](https://github.com/appsmithorg/appsmith/security/dependabot/628),
[#639](https://github.com/appsmithorg/appsmith/security/dependabot/639)

**node-forge** (7):
[#448](https://github.com/appsmithorg/appsmith/security/dependabot/448),
[#449](https://github.com/appsmithorg/appsmith/security/dependabot/449),
[#450](https://github.com/appsmithorg/appsmith/security/dependabot/450),
[#543](https://github.com/appsmithorg/appsmith/security/dependabot/543),
[#554](https://github.com/appsmithorg/appsmith/security/dependabot/554),
[#555](https://github.com/appsmithorg/appsmith/security/dependabot/555),
[#556](https://github.com/appsmithorg/appsmith/security/dependabot/556)

**undici** (6):
[#464](https://github.com/appsmithorg/appsmith/security/dependabot/464),
[#526](https://github.com/appsmithorg/appsmith/security/dependabot/526),
[#527](https://github.com/appsmithorg/appsmith/security/dependabot/527),
[#528](https://github.com/appsmithorg/appsmith/security/dependabot/528),
[#529](https://github.com/appsmithorg/appsmith/security/dependabot/529),
[#530](https://github.com/appsmithorg/appsmith/security/dependabot/530)

**@xmldom/xmldom** (5):
[#560](https://github.com/appsmithorg/appsmith/security/dependabot/560),
[#586](https://github.com/appsmithorg/appsmith/security/dependabot/586),
[#587](https://github.com/appsmithorg/appsmith/security/dependabot/587),
[#588](https://github.com/appsmithorg/appsmith/security/dependabot/588),
[#589](https://github.com/appsmithorg/appsmith/security/dependabot/589)

**minimatch** (3):
[#502](https://github.com/appsmithorg/appsmith/security/dependabot/502),
[#506](https://github.com/appsmithorg/appsmith/security/dependabot/506),
[#508](https://github.com/appsmithorg/appsmith/security/dependabot/508)

**picomatch** (3):
[#540](https://github.com/appsmithorg/appsmith/security/dependabot/540),
[#541](https://github.com/appsmithorg/appsmith/security/dependabot/541),
[#542](https://github.com/appsmithorg/appsmith/security/dependabot/542)

**fast-xml-parser** (3):
[#536](https://github.com/appsmithorg/appsmith/security/dependabot/536),
[#576](https://github.com/appsmithorg/appsmith/security/dependabot/576),
[#591](https://github.com/appsmithorg/appsmith/security/dependabot/591)

**webpack** (2):
[#487](https://github.com/appsmithorg/appsmith/security/dependabot/487),
[#488](https://github.com/appsmithorg/appsmith/security/dependabot/488)

**postcss** (1):
[#595](https://github.com/appsmithorg/appsmith/security/dependabot/595)
**brace-expansion** (1):
[#558](https://github.com/appsmithorg/appsmith/security/dependabot/558)
**defu** (1):
[#571](https://github.com/appsmithorg/appsmith/security/dependabot/571)
**immutable** (1):
[#521](https://github.com/appsmithorg/appsmith/security/dependabot/521)
**js-cookie** (1):
[#634](https://github.com/appsmithorg/appsmith/security/dependabot/634)
**simple-git** (1):
[#615](https://github.com/appsmithorg/appsmith/security/dependabot/615)
**underscore** (1):
[#515](https://github.com/appsmithorg/appsmith/security/dependabot/515)

### Slack Thread
https://theappsmith.slack.com/archives/C09NG5BJ18S/p1780304878402439

## Automation

/ok-to-test tags="@tag.All"

### 🔍 Cypress test results
<!-- This comment will be updated by the CI/CD pipeline -->

## Communication
Should the DevRel and Marketing teams inform users about this change?
- [ ] Yes
- [x] No

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Chores**
  * Updated `node-forge` dependency to latest version.
* Updated multiple dependency resolutions including `minimatch`,
`webpack`, `postcss`, `axios`, `undici`, and others to ensure
compatibility and stability.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->

<!-- This is an auto-generated comment: Cypress test results  -->
> [!TIP]
> 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉
> Workflow run:
<https://github.com/appsmithorg/appsmith/actions/runs/26758373297>
> Commit: 84dcd36
> <a
href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=26758373297&attempt=2"
target="_blank">Cypress dashboard</a>.
> Tags: `@tag.All`
> Spec:
> <hr>Mon, 01 Jun 2026 16:17:46 UTC
<!-- end of auto-generated comment: Cypress test results  -->
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

10 participants