Fix CVE-2022-46175 #453
Merged
Fix CVE-2022-46175 #453
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: bowenlan-amzn <bowenlan23@gmail.com>
Angie-Zhang
approved these changes
Jan 23, 2023
AWSHurneyt
approved these changes
Jan 23, 2023
AWSHurneyt
pushed a commit
that referenced
this pull request
Jan 23, 2023
AWSHurneyt
pushed a commit
that referenced
this pull request
Jan 23, 2023
lezzago
added a commit
that referenced
this pull request
Feb 13, 2023
* Bumped version from 2.3 to 2.4. (#346) * Bumping version from 2.3 to 2.4. Signed-off-by: AWSHurneyt <hurneyt@amazon.com> * Adjusted OSD version used by unit test workflow to last version that allowed the tests to pass. Signed-off-by: AWSHurneyt <hurneyt@amazon.com> Signed-off-by: AWSHurneyt <hurneyt@amazon.com> * Bumped d3-color version. (#350) Signed-off-by: AWSHurneyt <hurneyt@amazon.com> Signed-off-by: AWSHurneyt <hurneyt@amazon.com> * Support windows CI (#354) * Support windows CI Signed-off-by: Ashish Agrawal <ashisagr@amazon.com> Signed-off-by: Ashish Agrawal <ashisagr@amazon.com> * Add 2.4 release notes (#357) Signed-off-by: Ashish Agrawal <ashisagr@amazon.com> Signed-off-by: Ashish Agrawal <ashisagr@amazon.com> * Fix confidence bug (#360) This PR fixed a bug when showing confidence in trigger definition. Confidence is usually a non-decreasing function on an interval. But we incorrectly only show confidence when the corresponding anomaly grade is larger than 0. Testing done: 1. manually tested that the bug is fixed. See attached snapshots. 2. yarn test:jest Signed-off-by: Kaituo Li <kaituo@amazon.com> * Bumped loader-utils version to address dependabot alert. (#361) Signed-off-by: AWSHurneyt <hurneyt@amazon.com> Signed-off-by: AWSHurneyt <hurneyt@amazon.com> * updated link to dashboards developer guide (#349) Signed-off-by: Amardeepsingh Siglani <amardeep7194@gmail.com> Signed-off-by: Amardeepsingh Siglani <amardeep7194@gmail.com> * Fixed a bug that prevented the throttling settings from displaying for PER_ALERT bucket level trigger actions. (#328) Signed-off-by: AWSHurneyt <hurneyt@amazon.com> Signed-off-by: AWSHurneyt <hurneyt@amazon.com> * Adjust OpenSearch-Dashboards version used by test workflows. (#363) Signed-off-by: AWSHurneyt <hurneyt@amazon.com> Signed-off-by: AWSHurneyt <hurneyt@amazon.com> * avoid nesting search inside search (#382) Signed-off-by: Amardeepsingh Siglani <amardeep7194@gmail.com> Signed-off-by: Amardeepsingh Siglani <amardeep7194@gmail.com> * Bumped loader-utils version to address dependabot alert. (#379) Signed-off-by: AWSHurneyt <hurneyt@amazon.com> Signed-off-by: AWSHurneyt <hurneyt@amazon.com> * [BUG] Issues in the UI above 200 destinations paging issue #195 (#375) * [BUG] Issues in the UI above 200 destinations #195 Signed-off-by: Jovan Cvetkovic <jovanca.cvetkovic@gmail.com> * [BUG] Issues in the UI above 200 destinations #195 Signed-off-by: Jovan Cvetkovic <jovanca.cvetkovic@gmail.com> * [BUG] Issues in the UI above 200 destinations #195 Signed-off-by: Jovan Cvetkovic <jovanca.cvetkovic@gmail.com> Signed-off-by: Jovan Cvetkovic <jovanca.cvetkovic@gmail.com> * sorted data by date (#385) Signed-off-by: Amardeepsingh Siglani <amardeep7194@gmail.com> Signed-off-by: Amardeepsingh Siglani <amardeep7194@gmail.com> * Align all flyout components to be overlay kind and add close button X in header (#373) * align all flyout components to overlay Signed-off-by: Aleksandar Djindjic <djindjic@gmail.com> * simplify if statement Signed-off-by: Aleksandar Djindjic <djindjic@gmail.com> * fix snapshot Signed-off-by: Aleksandar Djindjic <djindjic@gmail.com> * add close button to flyout header, remove footer Signed-off-by: Aleksandar Djindjic <djindjic@gmail.com> * simplify flex layout Signed-off-by: Aleksandar Djindjic <djindjic@gmail.com> * update snapshot Signed-off-by: Aleksandar Djindjic <djindjic@gmail.com> * add data-test-subject on flyout header title Signed-off-by: Aleksandar Djindjic <djindjic@gmail.com> * fix cypress tests, overflow on flyout title Signed-off-by: Aleksandar Djindjic <djindjic@gmail.com> * fix snapshot Signed-off-by: Aleksandar Djindjic <djindjic@gmail.com> * eui-textTruncate on flyout titles Signed-off-by: Aleksandar Djindjic <djindjic@gmail.com> Signed-off-by: Aleksandar Djindjic <djindjic@gmail.com> * Bumped decode-uri-component version to address CVE-2022-38900. (#400) Signed-off-by: AWSHurneyt <hurneyt@amazon.com> Signed-off-by: AWSHurneyt <hurneyt@amazon.com> * Fixed an issue that was causing the results of the ctx object to be empty. (#334) * Fixed an issue that was causing the results of the ctx object to be empty. Signed-off-by: AWSHurneyt <hurneyt@amazon.com> * Fixed an issue that was causing the results of the ctx object to be empty. Signed-off-by: AWSHurneyt <hurneyt@amazon.com> * Consolidated duplicate code. Signed-off-by: AWSHurneyt <hurneyt@amazon.com> Signed-off-by: AWSHurneyt <hurneyt@amazon.com> * Keep monitor table cell width flexible; Check for whether monitor is enabled when displaying related action (#402) * made table cells flexible; added monitor enabled check for actions Signed-off-by: Amardeepsingh Siglani <amardeep7194@gmail.com> * updated snapshot Signed-off-by: Amardeepsingh Siglani <amardeep7194@gmail.com> * minor updates Signed-off-by: Amardeepsingh Siglani <amardeep7194@gmail.com> * updated jest snapshots Signed-off-by: Amardeepsingh Siglani <amardeep7194@gmail.com> Signed-off-by: Amardeepsingh Siglani <amardeep7194@gmail.com> * Add release notes for 2.4.1 (#420) Signed-off-by: Saurabh Singh <sisurab@amazon.com> Signed-off-by: Saurabh Singh <sisurab@amazon.com> * Bumped version to 2.5. (#437) * Bumped version to 2.5. Signed-off-by: AWSHurneyt <hurneyt@amazon.com> * Adjusted test workflows to not use 2.5 tag for OSD as it hasn't been created yet. Signed-off-by: AWSHurneyt <hurneyt@amazon.com> Signed-off-by: AWSHurneyt <hurneyt@amazon.com> * 2.5.0 release notes. (#440) * Drafted 2.5 release notes. Signed-off-by: AWSHurneyt <hurneyt@amazon.com> * Drafted 2.5 release notes. Signed-off-by: AWSHurneyt <hurneyt@amazon.com> Signed-off-by: AWSHurneyt <hurneyt@amazon.com> * Refactored the help text elements displayed when users access the destinations list page after destinations deprecation. (#413) (#438) (#443) * Refactored the help text elements displayed when users access the destinations list page after destinations deprecation. Signed-off-by: AWSHurneyt <hurneyt@amazon.com> * Refactored the help text elements displayed when users access the destinations list page after destinations deprecation. Signed-off-by: AWSHurneyt <hurneyt@amazon.com> * Updated snapshot. Signed-off-by: AWSHurneyt <hurneyt@amazon.com> * Updated button text. Signed-off-by: AWSHurneyt <hurneyt@amazon.com> * Updated snapshot files. Signed-off-by: AWSHurneyt <hurneyt@amazon.com> * Refactored landing page logic. Signed-off-by: AWSHurneyt <hurneyt@amazon.com> Signed-off-by: AWSHurneyt <hurneyt@amazon.com> (cherry picked from commit 58dee83) Co-authored-by: AWSHurneyt <hurneyt@amazon.com> Co-authored-by: opensearch-trigger-bot[bot] <98922864+opensearch-trigger-bot[bot]@users.noreply.github.com> * Fix CVE-2022-46175 (#453) Signed-off-by: bowenlan-amzn <bowenlan23@gmail.com> Signed-off-by: bowenlan-amzn <bowenlan23@gmail.com> * Updated MAINTAINERS.md to match recommended opensearch-project format. (#435) Signed-off-by: dblock <dblock@amazon.com> Signed-off-by: dblock <dblock@amazon.com> * Refactored cypress and unit test workflows to use the 2.5.0 tag as the OSD repo reference. (#462) Signed-off-by: AWSHurneyt <hurneyt@amazon.com> --------- Signed-off-by: AWSHurneyt <hurneyt@amazon.com> Signed-off-by: Ashish Agrawal <ashisagr@amazon.com> Signed-off-by: Kaituo Li <kaituo@amazon.com> Signed-off-by: Amardeepsingh Siglani <amardeep7194@gmail.com> Signed-off-by: Jovan Cvetkovic <jovanca.cvetkovic@gmail.com> Signed-off-by: Aleksandar Djindjic <djindjic@gmail.com> Signed-off-by: Saurabh Singh <sisurab@amazon.com> Signed-off-by: bowenlan-amzn <bowenlan23@gmail.com> Signed-off-by: dblock <dblock@amazon.com> Co-authored-by: AWSHurneyt <hurneyt@amazon.com> Co-authored-by: Kaituo Li <kaituo@amazon.com> Co-authored-by: Amardeepsingh Siglani <amardeep7194@gmail.com> Co-authored-by: Jovan Cvetkovic <jovanca.cvetkovic@gmail.com> Co-authored-by: Aleksandar Djindjic <djindjic@gmail.com> Co-authored-by: Saurabh Singh <sisurab@amazon.com> Co-authored-by: opensearch-trigger-bot[bot] <98922864+opensearch-trigger-bot[bot]@users.noreply.github.com> Co-authored-by: bowenlan-amzn <bowenlan23@gmail.com> Co-authored-by: Daniel (dB.) Doubrovkine <dblock@amazon.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Signed-off-by: bowenlan-amzn bowenlan23@gmail.com
Description
Refer to opensearch-project/index-management-dashboards-plugin#586
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.