Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump node version to 14.20.0 #2101

Merged
merged 2 commits into from
Aug 9, 2022
Merged

Bump node version to 14.20.0 #2101

merged 2 commits into from
Aug 9, 2022

Conversation

ananzh
Copy link
Member

@ananzh ananzh commented Aug 9, 2022
edited by kavilla
Loading

CVE issue:
https://nvd.nist.gov/vuln/detail/CVE-2022-32214

Check List

  • New functionality includes testing.
    • All tests pass
      • yarn test:jest
      • yarn test:jest_integration
      • yarn test:ftr
  • New functionality has been documented.
  • Commits are signed per the DCO using --signoff

@ananzh ananzh requested a review from a team as a code owner August 9, 2022 17:57
@ananzh ananzh self-assigned this Aug 9, 2022
@ananzh ananzh added backport 2.2 backport 2.x v2.2.0 cve Security vulnerabilities detected by Dependabot or Mend labels Aug 9, 2022
@ananzh ananzh requested review from ashwin-pc and removed request for joshuarrrr August 9, 2022 18:08
@ananzh
Copy link
Member Author

ananzh commented Aug 9, 2022

sanity test looks fine. here is a list of tests:

  1. set dark mode
  2. load sample data
  3. set filter and search

Screen Shot 2022-08-09 at 11 09 41

  1. visualization graph display and save
  2. dashboard graph: use [Flights] Controls graph from sample flight data

seanneumann
seanneumann previously approved these changes Aug 9, 2022
View reviewed changes
@ananzh ananzh changed the title bump node version to 14.20.0 to solve CVE issue [CVE-2022-32214] bump node version to 14.20.0 to solve CVE issue Aug 9, 2022
@kavilla kavilla changed the title [CVE-2022-32214] bump node version to 14.20.0 to solve CVE issue Bump node version to 14.20.0 Aug 9, 2022
@kavilla
[Tests] fix issue with tests and 0 values for node version
fd73995 
The logic would convert it to a string which would fail the
tests for validating node version.

Signed-off-by: Kawika Avilla <kavilla414@gmail.com>
@kavilla
Copy link
Member

kavilla commented Aug 9, 2022

https://github.com/opensearch-project/OpenSearch-Dashboards/actions/runs/2827289518 all succeeded besides the unit tests and integration tests. Running locally. If pass will merge in before CI is complete.

@kavilla
Copy link
Member

kavilla commented Aug 9, 2022
edited
Loading

Unit tests succeeded and integration tests succeeded.

@kavilla kavilla merged commit c818d99 into opensearch-project:main Aug 9, 2022
opensearch-trigger-bot bot pushed a commit that referenced this pull request Aug 9, 2022
@ananzh @github-actions
Bump node version to 14.20.0 (#2101)
8fd76c8 
* bump node version to 14.20.0 to solve CVE issue

Issue: N/a

CVE issue: https://nvd.nist.gov/vuln/detail/CVE-2022-32214
[Tests] fix issue with tests and 0 values for node version

Signed-off-by: Anan Zhuang <ananzh@amazon.com>

Signed-off-by: Kawika Avilla <kavilla414@gmail.com>

Co-authored-by: Kawika Avilla <kavilla414@gmail.com>
(cherry picked from commit c818d99)
@opensearch-trigger-bot opensearch-trigger-bot bot mentioned this pull request Aug 9, 2022
Merged
opensearch-trigger-bot bot pushed a commit that referenced this pull request Aug 9, 2022
@ananzh @github-actions
Bump node version to 14.20.0 (#2101)
1dd3335 
* bump node version to 14.20.0 to solve CVE issue

Issue: N/a

CVE issue: https://nvd.nist.gov/vuln/detail/CVE-2022-32214
[Tests] fix issue with tests and 0 values for node version

Signed-off-by: Anan Zhuang <ananzh@amazon.com>

Signed-off-by: Kawika Avilla <kavilla414@gmail.com>

Co-authored-by: Kawika Avilla <kavilla414@gmail.com>
(cherry picked from commit c818d99)
@opensearch-trigger-bot opensearch-trigger-bot bot mentioned this pull request Aug 9, 2022
Merged
kavilla pushed a commit that referenced this pull request Aug 9, 2022
@opensearch-trigger-bot @ananzh
Bump node version to 14.20.0 (#2101) (#2109)
0a848a7 
* bump node version to 14.20.0 to solve CVE issue

Issue: N/a

CVE issue: https://nvd.nist.gov/vuln/detail/CVE-2022-32214
[Tests] fix issue with tests and 0 values for node version

Signed-off-by: Anan Zhuang <ananzh@amazon.com>

Signed-off-by: Kawika Avilla <kavilla414@gmail.com>

Co-authored-by: Kawika Avilla <kavilla414@gmail.com>
(cherry picked from commit c818d99)

Co-authored-by: Anan Zhuang <ananzh@amazon.com>
ananzh added a commit that referenced this pull request Aug 9, 2022
@opensearch-trigger-bot @ananzh
Bump node version to 14.20.0 (#2101) (#2108)
c25763c 
* bump node version to 14.20.0 to solve CVE issue

Issue: N/a

CVE issue: https://nvd.nist.gov/vuln/detail/CVE-2022-32214
[Tests] fix issue with tests and 0 values for node version

Signed-off-by: Anan Zhuang <ananzh@amazon.com>

Signed-off-by: Kawika Avilla <kavilla414@gmail.com>

Co-authored-by: Kawika Avilla <kavilla414@gmail.com>
(cherry picked from commit c818d99)

Co-authored-by: Anan Zhuang <ananzh@amazon.com>
This was referenced Aug 12, 2022
Closed
Closed
@ananzh ananzh deleted the bump_node branch September 18, 2022 19:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AMoo-Miki AMoo-Miki AMoo-Miki approved these changes

@kavilla kavilla kavilla approved these changes

@seanneumann seanneumann seanneumann left review comments

@kaddy645 kaddy645 Awaiting requested review from kaddy645

@ashwin-pc ashwin-pc Awaiting requested review from ashwin-pc ashwin-pc is a code owner

Assignees

@ananzh ananzh

Labels
backport 2.x cve Security vulnerabilities detected by Dependabot or Mend v2.2.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@ananzh @kavilla @seanneumann @AMoo-Miki