OpenSearch-Dashboards
OpenSearch-Dashboards copied to clipboard
Published
20 hours ago •
opensearch-project
opensearch-project
[CVE-2024-27088] Bump es5-ext from `0.10.59` to `0.10.64`
Description
From https://www.mend.io/vulnerability-database/CVE-2024-27088:
es5-ext contains ECMAScript 5 extensions. Passing functions with very long names or complex default argument names into `function#copy` or `function#toStringTokens` may cause the script to stall. The vulnerability is patched in v0.10.63.
This PR bumps es5-ext from
=> Found "[email protected]"
info Reasons this module exists
- "_project_#gulp-sourcemaps#debug-fabulous#memoizee" depends on it
- Hoisted from "_project_#gulp-sourcemaps#debug-fabulous#memoizee#es5-ext"
- Hoisted from "_project_#gulp-sourcemaps#debug-fabulous#memoizee#es6-weak-map#es5-ext"
- Hoisted from "_project_#gulp-sourcemaps#debug-fabulous#memoizee#d#es5-ext"
- Hoisted from "_project_#gulp-sourcemaps#debug-fabulous#memoizee#event-emitter#es5-ext"
- Hoisted from "_project_#gulp-sourcemaps#debug-fabulous#memoizee#lru-queue#es5-ext"
- Hoisted from "_project_#gulp-sourcemaps#debug-fabulous#memoizee#timers-ext#es5-ext"
- Hoisted from "_project_#gulp-sourcemaps#debug-fabulous#memoizee#es5-ext#es6-iterator#es5-ext"
info Disk size without dependencies: "2.21MB"
info Disk size with unique dependencies: "2.48MB"
info Disk size with transitive dependencies: "6.16MB"
info Number of shared dependencies: 5
Done in 1.58s.
to
=> Found "[email protected]"
info Reasons this module exists
- "_project_#gulp-sourcemaps#debug-fabulous#memoizee" depends on it
- Hoisted from "_project_#gulp-sourcemaps#debug-fabulous#memoizee#es5-ext"
- Hoisted from "_project_#gulp-sourcemaps#debug-fabulous#memoizee#es6-weak-map#es5-ext"
- Hoisted from "_project_#gulp-sourcemaps#debug-fabulous#memoizee#d#es5-ext"
- Hoisted from "_project_#gulp-sourcemaps#debug-fabulous#memoizee#event-emitter#es5-ext"
- Hoisted from "_project_#gulp-sourcemaps#debug-fabulous#memoizee#lru-queue#es5-ext"
- Hoisted from "_project_#gulp-sourcemaps#debug-fabulous#memoizee#timers-ext#es5-ext"
- Hoisted from "_project_#gulp-sourcemaps#debug-fabulous#memoizee#es5-ext#es6-iterator#es5-ext"
- Hoisted from "_project_#gulp-sourcemaps#debug-fabulous#memoizee#es5-ext#esniff#es5-ext"
info Disk size without dependencies: "2.21MB"
info Disk size with unique dependencies: "3.41MB"
info Disk size with transitive dependencies: "7.18MB"
info Number of shared dependencies: 6
Done in 1.57s.
Issues Resolved
https://github.com/opensearch-project/OpenSearch-Dashboards/issues/6004
Check List
- [ ] All tests pass
- [ ]
yarn test:jest - [ ]
yarn test:jest_integration
- [ ]
- [ ] New functionality includes testing.
- [ ] New functionality has been documented.
- [x] Update CHANGELOG.md
- [x] Commits are signed per the DCO using --signoff
Codecov Report
All modified and coverable lines are covered by tests :white_check_mark:
Project coverage is 67.09%. Comparing base (
9901bea) to head (b6b3bba).
Additional details and impacted files
@@ Coverage Diff @@
## main #6021 +/- ##
==========================================
- Coverage 67.11% 67.09% -0.03%
==========================================
Files 3315 3315
Lines 63904 63904
Branches 10220 10220
==========================================
- Hits 42892 42874 -18
- Misses 18528 18543 +15
- Partials 2484 2487 +3
| Flag | Coverage Δ | |
|---|---|---|
| Linux_1 | 31.64% <ø> (ø) |
|
| Linux_2 | 55.07% <ø> (ø) |
|
| Linux_3 | 44.57% <ø> (-0.01%) |
:arrow_down: |
| Linux_4 | 35.17% <ø> (ø) |
|
| Windows_1 | 31.69% <ø> (ø) |
|
| Windows_2 | ? |
|
| Windows_3 | 44.59% <ø> (ø) |
|
| Windows_4 | 35.17% <ø> (ø) |
Flags with carried forward coverage won't be shown. Click here to find out more.
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
![codecov[bot] avatar](https://avatars.githubusercontent.com/in/254?v=4 "Published by a pub.dev verified publisher"){kind=small}
The backport to 2.x failed:
The process '/usr/bin/git' failed with exit code 128
To backport manually, run these commands in your terminal:
# Navigate to the root of your repository
cd $(git rev-parse --show-toplevel)
# Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add ../.worktrees/OpenSearch-Dashboards/backport-2.x 2.x
# Navigate to the new working tree
pushd ../.worktrees/OpenSearch-Dashboards/backport-2.x
# Create a new branch
git switch --create backport/backport-6021-to-2.x
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 3797fd882919ff3109ede788f18393613ab633ef
# Push it to GitHub
git push --set-upstream origin backport/backport-6021-to-2.x
# Go back to the original working tree
popd
# Delete the working tree
git worktree remove ../.worktrees/OpenSearch-Dashboards/backport-2.x
Then, create a pull request where the base branch is 2.x and the compare/head branch is backport/backport-6021-to-2.x.
![opensearch-trigger-bot[bot] avatar](https://avatars.githubusercontent.com/u/80134844?v=4 "Published by a pub.dev verified publisher"){kind=small}
Manual Backport https://github.com/opensearch-project/OpenSearch-Dashboards/pull/6140
