OpenSearch-Dashboards
OpenSearch-Dashboards copied to clipboard
opensearch-project
[CVE-2024-33883] Bump ejs from `3.1.7` to `3.1.101
Issue Resolved
https://github.com/opensearch-project/OpenSearch-Dashboards/issues/6769
Changelog
- security: [CVE-2024-33883] Bump ejs from
3.1.7to `3.1.101
Check List
- [ ] All tests pass
- [ ]
yarn test:jest - [ ]
yarn test:jest_integration
- [ ]
- [ ] New functionality includes testing.
- [ ] New functionality has been documented.
- [ ] Update CHANGELOG.md
- [ ] Commits are signed per the DCO using --signoff
Codecov Report
All modified and coverable lines are covered by tests :white_check_mark:
Project coverage is 55.12%. Comparing base (
8d50974) to head (02a3799). Report is 13 commits behind head on main.
Additional details and impacted files
@@ Coverage Diff @@
## main #6770 +/- ##
===========================================
- Coverage 67.38% 55.12% -12.27%
===========================================
Files 3443 1204 -2239
Lines 67795 24625 -43170
Branches 11032 4168 -6864
===========================================
- Hits 45683 13574 -32109
+ Misses 19440 10400 -9040
+ Partials 2672 651 -2021
| Flag | Coverage Δ | |
|---|---|---|
| Linux_1 | ? |
|
| Linux_2 | 55.12% <ø> (ø) |
|
| Linux_3 | ? |
|
| Linux_4 | ? |
|
| Windows_1 | ? |
|
| Windows_2 | ? |
|
| Windows_3 | ? |
|
| Windows_4 | ? |
Flags with carried forward coverage won't be shown. Click here to find out more.
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
![codecov[bot] avatar](https://avatars.githubusercontent.com/in/254?v=4 "Published by a pub.dev verified publisher"){kind=small}
@bandinib-amzn @virajsanghvi I corrected the typo. Could you two help me to re-check this fix?
The backport to 2.x failed:
The process '/usr/bin/git' failed with exit code 128
To backport manually, run these commands in your terminal:
# Navigate to the root of your repository
cd $(git rev-parse --show-toplevel)
# Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add ../.worktrees/OpenSearch-Dashboards/backport-2.x 2.x
# Navigate to the new working tree
pushd ../.worktrees/OpenSearch-Dashboards/backport-2.x
# Create a new branch
git switch --create backport/backport-6770-to-2.x
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 016dcfd82bb93ca3e64d4eaf54d9a34795c02891
# Push it to GitHub
git push --set-upstream origin backport/backport-6770-to-2.x
# Go back to the original working tree
popd
# Delete the working tree
git worktree remove ../.worktrees/OpenSearch-Dashboards/backport-2.x
Then, create a pull request where the base branch is 2.x and the compare/head branch is backport/backport-6770-to-2.x.
![opensearch-trigger-bot[bot] avatar](https://avatars.githubusercontent.com/u/80134844?v=4 "Published by a pub.dev verified publisher"){kind=small}
The backport to 2.x failed:
The process '/usr/bin/git' failed with exit code 128
To backport manually, run these commands in your terminal:
# Navigate to the root of your repository
cd $(git rev-parse --show-toplevel)
# Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add ../.worktrees/OpenSearch-Dashboards/backport-2.x 2.x
# Navigate to the new working tree
pushd ../.worktrees/OpenSearch-Dashboards/backport-2.x
# Create a new branch
git switch --create backport/backport-6770-to-2.x
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 016dcfd82bb93ca3e64d4eaf54d9a34795c02891
# Push it to GitHub
git push --set-upstream origin backport/backport-6770-to-2.x
# Go back to the original working tree
popd
# Delete the working tree
git worktree remove ../.worktrees/OpenSearch-Dashboards/backport-2.x
Then, create a pull request where the base branch is 2.x and the compare/head branch is backport/backport-6770-to-2.x.
Thanks @ananzh ! Found we have a manual backport #6924, thus removed the failed backport label
