Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the version of json5 from 1.0.1 to 1.0.2 #1289

Closed
wants to merge 1 commit into from
Closed

Bump the version of json5 from 1.0.1 to 1.0.2 #1289

wants to merge 1 commit into from

Conversation

RyanL1997
Copy link
Collaborator

Signed-off-by: Ryan Liang jiallian@amazon.com

Description

Bump the version of json5 from 1.0.1 to 1.0.2

Category

Maintenance

Issues Resolved

Testing

[Please provide details of testing done: unit testing, integration testing and manual testing]

Check List

  • New functionality includes testing
  • New functionality has been documented
  • Commits are signed per the DCO using --signoff

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

@RyanL1997
Bump the version of json5 from 1.0.1 to 1.0.2
498bdde 
Signed-off-by: Ryan Liang <jiallian@amazon.com>
@RyanL1997 RyanL1997 requested a review from a team January 6, 2023 18:09
@RyanL1997
Copy link
Collaborator Author

This PR is blocked by the version update of 1.3.8. Once the version increment is done I will re-run the integ test.

@cwperks
Copy link
Member

cwperks commented Jan 6, 2023

@RyanL1997 It won't be fixed until the security plugin is incremented to 1.3.8 and added to the build manifest. This PR (opensearch-project/security#2344) needs to be merged, but its currently blocked by failing plugin install workflow which is because the version increment is not being applied to all necessary files.

peternied
peternied requested changes Jan 6, 2023
View reviewed changes
Copy link
Member

@peternied peternied left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dashboards is still on version 1.0.1 per their package.json in branch 1.3 [1]. As this is a transitive dependency should we wait for the issue to be fixed in their 1.3 branch?

@RyanL1997
Copy link
Collaborator Author

Dashboards is still on version 1.0.1 per their package.json in branch 1.3 [1]. As this is a transitive dependency should we wait for the issue to be fixed in their 1.3 branch?

@peternied Got it! I will track this PR (opensearch-project/OpenSearch-Dashboards#3201), and once it gets merged and backported, let's do this one.

@RyanL1997
Copy link
Collaborator Author

Closing this one, since the latest CVE fix for 1.3 branch has removed the json5 dependency: #1308

@RyanL1997 RyanL1997 closed this Jan 27, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@peternied peternied peternied requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@RyanL1997 @cwperks @peternied