-
Notifications
You must be signed in to change notification settings - Fork 143
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore(deps): CVE-2024-37890 force ws resolution to 8.17.1 [1.3] #1755
chore(deps): CVE-2024-37890 force ws resolution to 8.17.1 [1.3] #1755
Conversation
Signed-off-by: RHDH Build (rhdh-bot) <[email protected]>
…rn.lock" This reverts commit dfe9a07.
…-idp#1300) * feat: support catalog entity extra context menu items. This is required to support adding plugins like the `badges` or `playlist` plugins as dynamic plugins. Signed-off-by: David Festal <[email protected]> * fix some Sonar warnings. Signed-off-by: David Festal <[email protected]> --------- Signed-off-by: David Festal <[email protected]> Co-authored-by: David Festal <[email protected]>
…er permissions (janus-idp#1301) * chore: add patches for scaffolder audit logging * chore: update scaffolder backend patch Signed-off-by: Frank Kong <[email protected]> * chore: add scaffolder permission via patch Signed-off-by: Frank Kong <[email protected]> * chore: update patch to depend on the audit-log-node package Signed-off-by: Frank Kong <[email protected]> --------- Signed-off-by: Frank Kong <[email protected]> Co-authored-by: Frank Kong <[email protected]>
This change exposes the dynamic UI configuration to dynamic plugins via the scalprum API holder available with the scalprum React API. This change also moves around some blocks for consistency and improves the typing for the DynamicRootContext objects. Signed-off-by: Stan Lewis <[email protected]> Co-authored-by: Stan Lewis <[email protected]>
…#1303) * feat: add the scaffolder relation processor plugin Signed-off-by: Frank Kong <[email protected]> * chore: update default dynamic plugin config path Signed-off-by: Frank Kong <[email protected]> * chore: update dynamic-plugins-info UI E2E test Signed-off-by: Frank Kong <[email protected]> --------- Signed-off-by: Frank Kong <[email protected]> Co-authored-by: Frank Kong <[email protected]>
* chore(deps): update janus deps Signed-off-by: Paul Schultz <[email protected]> * Update dynamic-plugins/imports/package.json * update deps Signed-off-by: Paul Schultz <[email protected]> * fix test Signed-off-by: Paul Schultz <[email protected]> * update plugins Signed-off-by: Paul Schultz <[email protected]> --------- Signed-off-by: Paul Schultz <[email protected]> Co-authored-by: Nick Boldt <[email protected]>
…anus-idp#1313) * chore(auth): make oidc auth provider resolvers configurable Signed-off-by: Frank Kong <[email protected]> * deps(auth): pin oidc auth provider module version Signed-off-by: Frank Kong <[email protected]> --------- Signed-off-by: Frank Kong <[email protected]> Co-authored-by: Frank Kong <[email protected]>
* RHDH pre-submit and post-submit job for 1.2.x * RHDH pre-submit and post-submit job for 1.2.x * RHDH pre-submit and post-submit job for 1.2.x * RHDH pre-submit and post-submit job for 1.2.x * RHDH pre-submit and post-submit job for 1.2.x * RHDH pre-submit and post-submit job for 1.2.x --------- Co-authored-by: Subhash Khileri <[email protected]>
Co-authored-by: Patrick <[email protected]> Co-authored-by: Nick Boldt <[email protected]>
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
…us-idp#1329) * chore(auth): add default resolver for OIDC auth provider Signed-off-by: Frank Kong <[email protected]> * docs(auth): update oidc and guest configuration docs Signed-off-by: Frank Kong <[email protected]> --------- Signed-off-by: Frank Kong <[email protected]> Co-authored-by: Frank Kong <[email protected]>
…anus-idp#1324) * chore(metadata): add metadata to wrapped plugins and set as TP or GA based on https://docs.google.com/spreadsheets/d/1dNUAGTeosEzreX9fxFTW1Vq3oGCbHroZ_DFEL8sjfjY/edit#gid=0 (RHIDP-2326, RHIDP-1502) Signed-off-by: Nick Boldt <[email protected]> * switch to RH as author of the wrapped plugins and use RHIDP jira instead of https://github.com/janus-idp/backstage-plugins/issues Signed-off-by: Nick Boldt <[email protected]> --------- Signed-off-by: Nick Boldt <[email protected]>
Signed-off-by: RHDH Build (rhdh-bot) <[email protected]> Co-authored-by: RHDH Build (rhdh-bot) <[email protected]>
…janus-idp#1346) Signed-off-by: Nick Boldt <[email protected]>
….lock (janus-idp#1348) Signed-off-by: Nick Boldt <[email protected]> Co-authored-by: Nick Boldt <[email protected]>
…y to 1.2.x branch of janus-showcase because it is the new scope. (janus-idp#1367) * Pulling in scaffolder-relation-processor plugin from @backstage-community because it is the new scope. * add @backstage-community/plugin-catalog-backend-module-scaffolder-relation-processor to the dependencies section rather than the peerDependencies section for automatic installtion and direct dependency * add @backstage-community/plugin-catalog-backend-module-scaffolder-relation-processor * install dependencies --------- Co-authored-by: Nick Boldt <[email protected]>
Signed-off-by: Frank Kong <[email protected]>
…community to 1.2.x branch of janus-showcase because it is the new scope. (janus-idp#1367)" This reverts commit b3561bf.
Co-authored-by: Zbyněk Drápela <[email protected]>
Co-authored-by: Joseph Kim <[email protected]>
… page (RHIDP-2961) (janus-idp#1423) Signed-off-by: Nick Boldt <[email protected]>
Signed-off-by: Christoph Jerolimov <[email protected]>
Signed-off-by: Yi Cai <[email protected]> Co-authored-by: Yi Cai <[email protected]>
Signed-off-by: Nick Boldt <[email protected]> Co-authored-by: Nick Boldt <[email protected]>
Co-authored-by: Subhash Khileri <[email protected]>
…anus-idp#1487) Signed-off-by: Kim Tsao <[email protected]>
* chore: [1.2.x] fix CVE-2024-39338 Signed-off-by: Kim Tsao <[email protected]> * chore: re-run yarn install, remove name property Signed-off-by: Kim Tsao <[email protected]> --------- Signed-off-by: Kim Tsao <[email protected]>
…-idp#1593) Signed-off-by: Nick Boldt <[email protected]> Co-authored-by: Nick Boldt <[email protected]>
…mestamp` fix (janus-idp#1611) * [e2e] Switch `droute` pod for RP and update (janus-idp#1576) * Try new pod for droute e2e * Get podname * Avoid droute failure marking test run as failed * Update droute to 1.2 * Revert "Avoid droute failure marking test run as failed" This reverts commit b6678e4. * Add TFA auto finalization for droute RP * Fix for prettier * Move `droute_send` to `utils.sh` * Add (Gi|Mi) instead of Gi in regex * cherrypick catalog-timestamp fix * Update e2e-tests/playwright/e2e/plugins/ocm.spec.ts Co-authored-by: Subhash Khileri <[email protected]> * Disable Keycloak temporarily * Skip Quay.io test * Add dependent changes to the test fix * Fix GH tests * Add utils.sh --------- Co-authored-by: Subhash Khileri <[email protected]>
…janus-idp#1693) Signed-off-by: Nick Boldt <[email protected]>
Signed-off-by: Gustavo Lira <[email protected]> Co-authored-by: Gustavo Lira <[email protected]>
* Update KEYCLOAK_BASE_URL secret handling (janus-idp#1731) The KEYCLOAK_BASE_URL is now fetched from a file instead of being hard-coded. This change enhances security by avoiding the storage of sensitive URLs directly in the configuration files. Additionally, the corresponding base64 value in the secrets YAML has been updated to a placeholder. Signed-off-by: Gustavo Lira <[email protected]> * Fix `droute` limiting attachment size (janus-idp#1741) --------- Signed-off-by: Gustavo Lira <[email protected]> Co-authored-by: Gustavo Lira e Silva <[email protected]>
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
The image is available at: |
* update ocm-backend * update @janus-idp/cli to 1.10.1
Quality Gate passedIssues Measures |
Looks good - should there be a PR for 1.3 branch too? |
This should have been for |
hmm... moved target to release-1.3 and created a lot of conflicts. Oops. Might be best to start over with a fresh PR @Fortune-Ndlovu |
The image is available at: |
Sounds good. Creating fresh PR... |
@Fortune-Ndlovu: The following tests failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
fresh pr: #1762 |
Description
CVE 2024 37890 force ws resolution to 8.17.1 [release-1.3]
Corresponding PR: #1728
Which issue(s) does this PR fix
PR acceptance criteria
Please make sure that the following steps are complete:
How to test changes / Special notes to the reviewer