Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Node.js v14 Upgrade #920

Closed
15 tasks done
boktorbb opened this issue Nov 8, 2021 · 4 comments · Fixed by #1028
Closed
15 tasks done

Node.js v14 Upgrade #920

boktorbb opened this issue Nov 8, 2021 · 4 comments · Fixed by #1028
Assignees
@tmarkley @boktorbb
Labels
build Build related additions or modifications dependencies Pull requests that update a dependency file v2.0.0

Comments

@boktorbb
Copy link
Contributor

boktorbb commented Nov 8, 2021
edited by tmarkley
Loading

OpenSearch Dashboards needs to upgrade the Node.js version from the current version, 10.24.1, to mitigate high severity CVEs affecting the application. The target version of node for the upgrade will be v14.18.1. Node v14 will be in LTS until 2023.

We will be prioritizing only updating dependencies, code, and tests that break during the upgrade to 14.18.1. Other dependencies, improvements, and refactoring will not be in scope.

Reference to parent Node upgrade issue: #406

Reference to similar issue for future upgrade to Node v16 with more details on methodology: #835

Update

All tests are passing with the upgrade, PR is out: #1028

To-Do Items:

Impacted Packages:
@boktorbb boktorbb added build Build related additions or modifications dependencies Pull requests that update a dependency file labels Nov 8, 2021
@boktorbb boktorbb self-assigned this Nov 8, 2021
@boktorbb boktorbb mentioned this issue Nov 8, 2021
Closed
2 tasks
@seanneumann seanneumann pinned this issue Nov 8, 2021
@tmarkley tmarkley mentioned this issue Nov 29, 2021
Closed
7 tasks
@tmarkley tmarkley self-assigned this Nov 30, 2021
@boktorbb
Copy link
Contributor Author

boktorbb commented Dec 1, 2021
edited
Loading

Progress Update:

Dashboards is upgraded to Node v14.18.1 and bootstraps correctly. The application starts and seems to be working based on sanity testing. There are two major items being worked on at the current moment:

  1. Unit tests are failing due to a jest issue outlined in [Node.js upgrade] Fix failing unit tests #990. It seems like we're running into an issue where jest doesn't seem to support ES modules and causes two unit tests to fail: cluster_manager.test.ts and legacy_service.test.ts. Currently exploring transformIgnorePatterns and upgrading jest to deal with the jest issue.
  2. Integration tests are failing partly due to the same jest issue as in the unit tests and partly because of other unrelated issues per [Node.js upgrade] Fix failing integration tests #991 . Currently exploring the same solutions as for the unit tests to deal with jest

@seanneumann
Copy link
Contributor

Thanks for the update!

@kavilla kavilla mentioned this issue Dec 13, 2021
Closed
@boktorbb boktorbb mentioned this issue Dec 14, 2021
Merged
7 tasks
@tmarkley tmarkley linked a pull request Dec 14, 2021 that will close this issue
[Node 14] Upgrades Node version to 14.18.2 #1028
Merged
7 tasks
@tmarkley tmarkley mentioned this issue Dec 14, 2021
Closed
@boktorbb
Copy link
Contributor Author

Status Update

Dashboards Core

Node is upgraded to 14.18.2 in core Dashboards. It successfully builds and runs. All unit, integration, functional, and sanity testing passes. The PR, currently open, can be found here (#1028). 6/8 plugins are updated with Node 14.

What’s Next?

  1. The open PR for the upgrade needs to be reviewed and merged.
  2. Upgrade the four remaining plugins with Node (ETA: 12/23).
  3. Upgrade opensearch-js client (@ananzh ) (ETA: TBD)
  4. Follow GHSA recommendations to address security issues once Node is updated (@tmarkley )
  5. Update Node version in OpenSearch build repo.

Dashboards Plugins and Client

  1. alerting-dashboards-plugin Node 14 upgrade #997 (Done)
  2. anomaly-detection-dashboards-plugin Node 14 upgrade #998 (Done)
  3. dashboards-reports Node 14 upgrade #1002 (Done)
  4. security-dashboards-plugin Node 14 upgrade #1007 (Done)
  5. dashboards-notebooks Node 14 upgrade #1003 (Done)
  6. index-management-dashboards-plugin Node 14 upgrade #1005 (Done)
  7. dashboards-visualizations Node 14 upgrade #1004 (In Progress)
  8. observability Node 14 upgrade #1006 (In Progress)
  9. [Node 14] Upgrade opensearch-js client to Node 14 opensearch-js#199 (In Progress)

@boktorbb boktorbb mentioned this issue Dec 20, 2021
Closed
8 tasks
@kavilla kavilla reopened this Jan 5, 2022
@peternied peternied mentioned this issue Jan 13, 2022
Merged
1 task
@hashworks hashworks mentioned this issue Jan 28, 2022
Closed
AMoo-Miki pushed a commit to AMoo-Miki/OpenSearch-Dashboards that referenced this issue Feb 10, 2022
@markov00
fix(xy_chart): improve line joins rendering (opensearch-project#920)
9a6771c 
This commit changes the `lineJoin` property used when rendering lines to `round`.
This will avoid spikes with very acute angles between line segments.
AMoo-Miki pushed a commit to AMoo-Miki/OpenSearch-Dashboards that referenced this issue Feb 10, 2022
@semantic-release-bot
chore(release): 24.3.0 [skip ci]
784b572 
# [24.3.0](elastic/elastic-charts@v24.2.0...v24.3.0) (2020-12-04)

### Bug Fixes

* **highlighter:** show default highlighted radius with hidden dots ([opensearch-project#926](elastic/elastic-charts#926)) ([351c20c](elastic/elastic-charts@351c20c)), closes [opensearch-project#679](elastic/elastic-charts#679)
* **xy_chart:** improve line joins rendering ([opensearch-project#920](elastic/elastic-charts#920)) ([9a6771c](elastic/elastic-charts@9a6771c))
* point highlight based on geom position and transform ([opensearch-project#934](elastic/elastic-charts#934)) ([196ee8d](elastic/elastic-charts@196ee8d))

### Features

* allow no results component, don't require series ([opensearch-project#936](elastic/elastic-charts#936)) ([6be5c8b](elastic/elastic-charts@6be5c8b))
* improved domain error handling ([opensearch-project#933](elastic/elastic-charts#933)) ([f480054](elastic/elastic-charts@f480054))
@seanneumann seanneumann unpinned this issue Apr 4, 2022
@tmarkley tmarkley mentioned this issue Apr 21, 2022
Closed
@seanneumann
Copy link
Contributor

w00t!

This was referenced Apr 21, 2022
Closed
Merged
tmarkley pushed a commit that referenced this issue Apr 22, 2022
Bumps Node.js from v14.18.2 to v14.19.1 (#1487)
e0f394e 
* Addresses multiple CVEs.
  * CVE-2021-44531 (High)
  * CVE-2022-21824 (High)
  * CVE-2022-0778 (High)
  * CVE-2021-44532 (Medium)
  * CVE-2021-44533 (Medium)
* [CHANGELOG](https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V14.md#2022-03-17-version-14191-fermium-lts-richardlau)

Follow-up from #920

Signed-off-by: Tommy Markley <markleyt@amazon.com>
opensearch-trigger-bot bot pushed a commit that referenced this issue Apr 22, 2022
@github-actions
Bumps Node.js from v14.18.2 to v14.19.1 (#1487)
8a96ef4 
* Addresses multiple CVEs.
  * CVE-2021-44531 (High)
  * CVE-2022-21824 (High)
  * CVE-2022-0778 (High)
  * CVE-2021-44532 (Medium)
  * CVE-2021-44533 (Medium)
* [CHANGELOG](https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V14.md#2022-03-17-version-14191-fermium-lts-richardlau)

Follow-up from #920

Signed-off-by: Tommy Markley <markleyt@amazon.com>
(cherry picked from commit e0f394e)
opensearch-trigger-bot bot pushed a commit that referenced this issue Apr 22, 2022
@github-actions
Bumps Node.js from v14.18.2 to v14.19.1 (#1487)
67e7812 
* Addresses multiple CVEs.
  * CVE-2021-44531 (High)
  * CVE-2022-21824 (High)
  * CVE-2022-0778 (High)
  * CVE-2021-44532 (Medium)
  * CVE-2021-44533 (Medium)
* [CHANGELOG](https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V14.md#2022-03-17-version-14191-fermium-lts-richardlau)

Follow-up from #920

Signed-off-by: Tommy Markley <markleyt@amazon.com>
(cherry picked from commit e0f394e)
tmarkley pushed a commit that referenced this issue Apr 22, 2022
@opensearch-trigger-bot
Bumps Node.js from v14.18.2 to v14.19.1 (#1487) (#1489)
b5da248 
* Addresses multiple CVEs.
  * CVE-2021-44531 (High)
  * CVE-2022-21824 (High)
  * CVE-2022-0778 (High)
  * CVE-2021-44532 (Medium)
  * CVE-2021-44533 (Medium)
* [CHANGELOG](https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V14.md#2022-03-17-version-14191-fermium-lts-richardlau)

Follow-up from #920

Signed-off-by: Tommy Markley <markleyt@amazon.com>
(cherry picked from commit e0f394e)
tmarkley pushed a commit that referenced this issue Apr 22, 2022
@opensearch-trigger-bot
Bumps Node.js from v14.18.2 to v14.19.1 (#1487) (#1490)
23ee797 
* Addresses multiple CVEs.
  * CVE-2021-44531 (High)
  * CVE-2022-21824 (High)
  * CVE-2022-0778 (High)
  * CVE-2021-44532 (Medium)
  * CVE-2021-44533 (Medium)
* [CHANGELOG](https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V14.md#2022-03-17-version-14191-fermium-lts-richardlau)

Follow-up from #920

Signed-off-by: Tommy Markley <markleyt@amazon.com>
(cherry picked from commit e0f394e)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tmarkley tmarkley

@boktorbb boktorbb

Labels
build Build related additions or modifications dependencies Pull requests that update a dependency file v2.0.0
Projects
None yet
Milestone
No milestone
4 participants
@seanneumann @tmarkley @kavilla @boktorbb