Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

v1.3.115 #4139

Merged
merged 8 commits into from
Mar 29, 2024
Merged

v1.3.115 #4139

merged 8 commits into from
Mar 29, 2024

Commits on Mar 27, 2024

  1. Match dev helm chart version from main (#4115)

    Co-authored-by: Joey Orlando <joey.orlando@grafana.com>
    Co-authored-by: GitHub Actions <actions@github.com>
    Co-authored-by: Joey Orlando <joseph.t.orlando@gmail.com>
    Co-authored-by: Matias Bordese <mbordese@gmail.com>
    Co-authored-by: Dominik Broj <dominik.broj@grafana.com>
    6 people committed Mar 27, 2024
    Configuration menu
    Copy the full SHA
    9ff7a9f View commit details
    Browse the repository at this point in the history
  2. Bump follow-redirects from 1.15.5 to 1.15.6 in /grafana-plugin (#4073)

    Bumps
    [follow-redirects](https://github.com/follow-redirects/follow-redirects)
    from 1.15.5 to 1.15.6.
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a
    href="https://github.com/follow-redirects/follow-redirects/commit/35a517c5861d79dc8bff7db8626013d20b711b06"><code>35a517c</code></a>
    Release version 1.15.6 of the npm package.</li>
    <li><a
    href="https://github.com/follow-redirects/follow-redirects/commit/c4f847f85176991f95ab9c88af63b1294de8649b"><code>c4f847f</code></a>
    Drop Proxy-Authorization across hosts.</li>
    <li><a
    href="https://github.com/follow-redirects/follow-redirects/commit/8526b4a1b2ab3a2e4044299377df623a661caa76"><code>8526b4a</code></a>
    Use GitHub for disclosure.</li>
    <li>See full diff in <a
    href="https://github.com/follow-redirects/follow-redirects/compare/v1.15.5...v1.15.6">compare
    view</a></li>
    </ul>
    </details>
    <br />
    
    
    [![Dependabot compatibility
    score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=follow-redirects&package-manager=npm_and_yarn&previous-version=1.15.5&new-version=1.15.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't
    alter it yourself. You can also trigger a rebase manually by commenting
    `@dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@dependabot rebase` will rebase this PR
    - `@dependabot recreate` will recreate this PR, overwriting any edits
    that have been made to it
    - `@dependabot merge` will merge this PR after your CI passes on it
    - `@dependabot squash and merge` will squash and merge this PR after
    your CI passes on it
    - `@dependabot cancel merge` will cancel a previously requested merge
    and block automerging
    - `@dependabot reopen` will reopen this PR if it is closed
    - `@dependabot close` will close this PR and stop Dependabot recreating
    it. You can achieve the same result by closing it manually
    - `@dependabot show <dependency name> ignore conditions` will show all
    of the ignore conditions of the specified dependency
    - `@dependabot ignore this major version` will close this PR and stop
    Dependabot creating any more for this major version (unless you reopen
    the PR or upgrade to it yourself)
    - `@dependabot ignore this minor version` will close this PR and stop
    Dependabot creating any more for this minor version (unless you reopen
    the PR or upgrade to it yourself)
    - `@dependabot ignore this dependency` will close this PR and stop
    Dependabot creating any more for this dependency (unless you reopen the
    PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the
    [Security Alerts
    page](https://github.com/grafana/oncall/network/alerts).
    
    </details>
    
    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    Co-authored-by: Joey Orlando <joey.orlando@grafana.com>
    dependabot[bot] and joeyorlando committed Mar 27, 2024
    Configuration menu
    Copy the full SHA
    dee5474 View commit details
    Browse the repository at this point in the history
  3. Allow custom values for Self Hosted Clusters (Slugs, Titles, Region) (#…

    …4121)
    
    # What this PR does
    Allows for environment variables to be set on Grafana OnCall Engine for
    Self Hosted users, giving them the ability to set values for Stack Slug,
    Org Slug/Title, Region & Cluster Slugs.
    
    This will mean then using the Grafana OnCall App, when adding multiple
    OSS Stacks, you can set the correct value of 'stack_slug' so you can
    differentiate between the stacks in the App.
    
    ## Which issue(s) this PR closes
    
    Closes [#4119](#4119)
    
    ## Checklist
    
    - [x] Unit, integration, and e2e (if applicable) tests updated
    - [ ] Documentation added (or `pr:no public docs` PR label added if not
    required)
    - [ ] Added the relevant release notes label (see labels prefixed w/
    `release:`). These labels dictate how your PR will
        show up in the autogenerated release notes.
    
    Co-authored-by: Joey Orlando <joey.orlando@grafana.com>
    elburnetto-intapp and joeyorlando committed Mar 27, 2024
    Configuration menu
    Copy the full SHA
    9118ccf View commit details
    Browse the repository at this point in the history
  4. add grafana_incident_enabled to GET /organization internal API re…

    …sponse (#4129)
    
    # What this PR does
    
    Needed for some mobile app work.
    
    ## Checklist
    
    - [x] Unit, integration, and e2e (if applicable) tests updated
    - [x] Documentation added (or `pr:no public docs` PR label added if not
    required)
    - [x] Added the relevant release notes label (see labels prefixed w/
    `release:`). These labels dictate how your PR will
        show up in the autogenerated release notes.
    joeyorlando committed Mar 27, 2024
    Configuration menu
    Copy the full SHA
    38a418a View commit details
    Browse the repository at this point in the history

Commits on Mar 28, 2024

  1. Fix chatops search (#4130)

    # What this PR does
    
    Added NPE guard to fix search issue on slack channels inside integration
    teodosii committed Mar 28, 2024
    Configuration menu
    Copy the full SHA
    b544a43 View commit details
    Browse the repository at this point in the history
  2. cleanup CustomButton backend code + add ngrok/express outgoing …

    …webhook e2e test (#2544)
    
    # What this PR does
    
    - removes unused "custom button" backend code now that we've migrated to
    outgoing webhooks
    - adds new e2e test for webhooks asserting that an `ngrok`/`express`
    webhook handler receives the call as expected + payload is as expected
    (related to #2691) - skipped for
    now, the test passes locally but fails on GitHub Actions CI, seems to be
    networking related
     
    ## Checklist
    
    - [x] Unit, integration, and e2e (if applicable) tests updated
    - [x] Documentation added (or `pr:no public docs` PR label added if not
    required)
    
    ---------
    
    Co-authored-by: Michael Derynck <michael.derynck@grafana.com>
    joeyorlando and mderynck committed Mar 28, 2024
    Configuration menu
    Copy the full SHA
    c5cd675 View commit details
    Browse the repository at this point in the history

Commits on Mar 29, 2024

  1. Fix validation of integration name when team is not present in reques…

    …t data (#4132)
    
    This PR fixes validation of integration name when team is not present in
    request data. Also it slightly improves code structure of this
    validation.
    Konstantinov-Innokentii committed Mar 29, 2024
    Configuration menu
    Copy the full SHA
    407b85e View commit details
    Browse the repository at this point in the history
  2. Bump express from 4.18.3 to 4.19.2 in /grafana-plugin (#4135)

    Bumps [express](https://github.com/expressjs/express) from 4.18.3 to
    4.19.2.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a
    href="https://github.com/expressjs/express/releases">express's
    releases</a>.</em></p>
    <blockquote>
    <h2>4.19.2</h2>
    <h2>What's Changed</h2>
    <ul>
    <li><a
    href="https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94">Improved
    fix for open redirect allow list bypass</a></li>
    </ul>
    <p><strong>Full Changelog</strong>: <a
    href="https://github.com/expressjs/express/compare/4.19.1...4.19.2">https://github.com/expressjs/express/compare/4.19.1...4.19.2</a></p>
    <h2>4.19.1</h2>
    <h2>What's Changed</h2>
    <ul>
    <li>Fix ci after location patch by <a
    href="https://github.com/wesleytodd"><code>@​wesleytodd</code></a> in <a
    href="https://redirect.github.com/expressjs/express/pull/5552">expressjs/express#5552</a></li>
    <li>fixed un-edited version in history.md for 4.19.0 by <a
    href="https://github.com/wesleytodd"><code>@​wesleytodd</code></a> in <a
    href="https://redirect.github.com/expressjs/express/pull/5556">expressjs/express#5556</a></li>
    </ul>
    <p><strong>Full Changelog</strong>: <a
    href="https://github.com/expressjs/express/compare/4.19.0...4.19.1">https://github.com/expressjs/express/compare/4.19.0...4.19.1</a></p>
    <h2>4.19.0</h2>
    <h2>What's Changed</h2>
    <ul>
    <li>fix typo in release date by <a
    href="https://github.com/UlisesGascon"><code>@​UlisesGascon</code></a>
    in <a
    href="https://redirect.github.com/expressjs/express/pull/5527">expressjs/express#5527</a></li>
    <li>docs: nominating <a
    href="https://github.com/wesleytodd"><code>@​wesleytodd</code></a> to be
    project captian by <a
    href="https://github.com/wesleytodd"><code>@​wesleytodd</code></a> in <a
    href="https://redirect.github.com/expressjs/express/pull/5511">expressjs/express#5511</a></li>
    <li>docs: loosen TC activity rules by <a
    href="https://github.com/wesleytodd"><code>@​wesleytodd</code></a> in <a
    href="https://redirect.github.com/expressjs/express/pull/5510">expressjs/express#5510</a></li>
    <li>Add note on how to update docs for new release by <a
    href="https://github.com/crandmck"><code>@​crandmck</code></a> in <a
    href="https://redirect.github.com/expressjs/express/pull/5541">expressjs/express#5541</a></li>
    <li><a
    href="https://redirect.github.com/expressjs/express/pull/5551/commits/660ccf5fa33dd0baab069e5c8ddd9ffe7d8bbff1">Prevent
    open redirect allow list bypass due to encodeurl</a></li>
    <li>Release 4.19.0 by <a
    href="https://github.com/wesleytodd"><code>@​wesleytodd</code></a> in <a
    href="https://redirect.github.com/expressjs/express/pull/5551">expressjs/express#5551</a></li>
    </ul>
    <h2>New Contributors</h2>
    <ul>
    <li><a href="https://github.com/crandmck"><code>@​crandmck</code></a>
    made their first contribution in <a
    href="https://redirect.github.com/expressjs/express/pull/5541">expressjs/express#5541</a></li>
    </ul>
    <p><strong>Full Changelog</strong>: <a
    href="https://github.com/expressjs/express/compare/4.18.3...4.19.0">https://github.com/expressjs/express/compare/4.18.3...4.19.0</a></p>
    </blockquote>
    </details>
    <details>
    <summary>Changelog</summary>
    <p><em>Sourced from <a
    href="https://github.com/expressjs/express/blob/master/History.md">express's
    changelog</a>.</em></p>
    <blockquote>
    <h1>4.19.2 / 2024-03-25</h1>
    <ul>
    <li>Improved fix for open redirect allow list bypass</li>
    </ul>
    <h1>4.19.1 / 2024-03-20</h1>
    <ul>
    <li>Allow passing non-strings to res.location with new encoding handling
    checks</li>
    </ul>
    <h1>4.19.0 / 2024-03-20</h1>
    <ul>
    <li>Prevent open redirect allow list bypass due to encodeurl</li>
    <li>deps: cookie@0.6.0</li>
    </ul>
    </blockquote>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a
    href="https://github.com/expressjs/express/commit/04bc62787be974874bc1467b23606c36bc9779ba"><code>04bc627</code></a>
    4.19.2</li>
    <li><a
    href="https://github.com/expressjs/express/commit/da4d763ff6ba9df6dbd8f1f0b1d05412dda934d5"><code>da4d763</code></a>
    Improved fix for open redirect allow list bypass</li>
    <li><a
    href="https://github.com/expressjs/express/commit/4f0f6cc67d531431c096ea006c2191b92931bbc3"><code>4f0f6cc</code></a>
    4.19.1</li>
    <li><a
    href="https://github.com/expressjs/express/commit/a003cfab034fbadb1c78ae337ee8ab389adda217"><code>a003cfa</code></a>
    Allow passing non-strings to res.location with new encoding handling
    checks f...</li>
    <li><a
    href="https://github.com/expressjs/express/commit/a1fa90fcea7d8e844e1c9938ad095d62669c3abd"><code>a1fa90f</code></a>
    fixed un-edited version in history.md for 4.19.0</li>
    <li><a
    href="https://github.com/expressjs/express/commit/11f2b1db227fd42c2508c427032c1ec671b306be"><code>11f2b1d</code></a>
    build: fix build due to inconsistent supertest behavior in older
    versions</li>
    <li><a
    href="https://github.com/expressjs/express/commit/084e36506a18774f85206a65d8da04dc1107fc1b"><code>084e365</code></a>
    4.19.0</li>
    <li><a
    href="https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd"><code>0867302</code></a>
    Prevent open redirect allow list bypass due to encodeurl</li>
    <li><a
    href="https://github.com/expressjs/express/commit/567c9c665d0de4c344b8e160146050770233783c"><code>567c9c6</code></a>
    Add note on how to update docs for new release (<a
    href="https://redirect.github.com/expressjs/express/issues/5541">#5541</a>)</li>
    <li><a
    href="https://github.com/expressjs/express/commit/69a4cf2819c4449ec6ea45649691fb43a528d5d1"><code>69a4cf2</code></a>
    deps: cookie@0.6.0</li>
    <li>Additional commits viewable in <a
    href="https://github.com/expressjs/express/compare/4.18.3...4.19.2">compare
    view</a></li>
    </ul>
    </details>
    <details>
    <summary>Maintainer changes</summary>
    <p>This version was pushed to npm by <a
    href="https://www.npmjs.com/~wesleytodd">wesleytodd</a>, a new releaser
    for express since your current version.</p>
    </details>
    <br />
    
    
    [![Dependabot compatibility
    score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=express&package-manager=npm_and_yarn&previous-version=4.18.3&new-version=4.19.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't
    alter it yourself. You can also trigger a rebase manually by commenting
    `@dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@dependabot rebase` will rebase this PR
    - `@dependabot recreate` will recreate this PR, overwriting any edits
    that have been made to it
    - `@dependabot merge` will merge this PR after your CI passes on it
    - `@dependabot squash and merge` will squash and merge this PR after
    your CI passes on it
    - `@dependabot cancel merge` will cancel a previously requested merge
    and block automerging
    - `@dependabot reopen` will reopen this PR if it is closed
    - `@dependabot close` will close this PR and stop Dependabot recreating
    it. You can achieve the same result by closing it manually
    - `@dependabot show <dependency name> ignore conditions` will show all
    of the ignore conditions of the specified dependency
    - `@dependabot ignore this major version` will close this PR and stop
    Dependabot creating any more for this major version (unless you reopen
    the PR or upgrade to it yourself)
    - `@dependabot ignore this minor version` will close this PR and stop
    Dependabot creating any more for this minor version (unless you reopen
    the PR or upgrade to it yourself)
    - `@dependabot ignore this dependency` will close this PR and stop
    Dependabot creating any more for this dependency (unless you reopen the
    PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the
    [Security Alerts
    page](https://github.com/grafana/oncall/network/alerts).
    
    </details>
    
    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    dependabot[bot] committed Mar 29, 2024
    Configuration menu
    Copy the full SHA
    e95125a View commit details
    Browse the repository at this point in the history