Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump eslint-import-resolver-webpack and browserify-sign #5414

Merged

Conversation

joshuarrrr
Copy link
Member

Description

  • eslint-import-resolver-webpack bump removes nested dep of browserify-sign
  • because webpack 4 still has a nested dep of browserify-sign, just updated yarn.lock to compatible fixed patch version.

Issues Resolved

Fixes #5410

Screenshot

Testing the changes

Check List

  • All tests pass
    • yarn test:jest
    • yarn test:jest_integration
  • New functionality includes testing.
  • New functionality has been documented.
  • Update CHANGELOG.md
  • Commits are signed per the DCO using --signoff

Signed-off-by: Josh Romero <rmerqg@amazon.com>
Signed-off-by: Josh Romero <rmerqg@amazon.com>
Copy link

codecov bot commented Oct 31, 2023

Codecov Report

Merging #5414 (10a697d) into main (eeb3251) will decrease coverage by 0.02%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##             main    #5414      +/-   ##
==========================================
- Coverage   66.83%   66.81%   -0.02%     
==========================================
  Files        3288     3288              
  Lines       63151    63151              
  Branches    10054    10054              
==========================================
- Hits        42206    42196      -10     
- Misses      18463    18478      +15     
+ Partials     2482     2477       -5     
Flag Coverage Δ
Linux_1 35.24% <ø> (ø)
Linux_2 55.26% <ø> (ø)
Linux_3 43.83% <ø> (+<0.01%) ⬆️
Linux_4 35.35% <ø> (ø)
Windows_1 35.26% <ø> (-0.05%) ⬇️
Windows_2 55.22% <ø> (ø)
Windows_3 43.83% <ø> (ø)
Windows_4 35.35% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

see 6 files with indirect coverage changes

@joshuarrrr joshuarrrr merged commit 088fc66 into opensearch-project:main Nov 8, 2023
77 checks passed
@joshuarrrr joshuarrrr deleted the chore/fix-browserify-sign-cve branch November 8, 2023 00:28
@opensearch-trigger-bot
Copy link
Contributor

The backport to 1.3 failed:

The process '/usr/bin/git' failed with exit code 128

To backport manually, run these commands in your terminal:

# Navigate to the root of your repository
cd $(git rev-parse --show-toplevel)
# Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add ../.worktrees/OpenSearch-Dashboards/backport-1.3 1.3
# Navigate to the new working tree
pushd ../.worktrees/OpenSearch-Dashboards/backport-1.3
# Create a new branch
git switch --create backport/backport-5414-to-1.3
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 088fc667c2ae480a007fbb0a76b96bbf9439f676
# Push it to GitHub
git push --set-upstream origin backport/backport-5414-to-1.3
# Go back to the original working tree
popd
# Delete the working tree
git worktree remove ../.worktrees/OpenSearch-Dashboards/backport-1.3

Then, create a pull request where the base branch is 1.3 and the compare/head branch is backport/backport-5414-to-1.3.

@opensearch-trigger-bot
Copy link
Contributor

The backport to 2.x failed:

The process '/usr/bin/git' failed with exit code 1

To backport manually, run these commands in your terminal:

# Navigate to the root of your repository
cd $(git rev-parse --show-toplevel)
# Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add ../.worktrees/OpenSearch-Dashboards/backport-2.x 2.x
# Navigate to the new working tree
pushd ../.worktrees/OpenSearch-Dashboards/backport-2.x
# Create a new branch
git switch --create backport/backport-5414-to-2.x
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 088fc667c2ae480a007fbb0a76b96bbf9439f676
# Push it to GitHub
git push --set-upstream origin backport/backport-5414-to-2.x
# Go back to the original working tree
popd
# Delete the working tree
git worktree remove ../.worktrees/OpenSearch-Dashboards/backport-2.x

Then, create a pull request where the base branch is 2.x and the compare/head branch is backport/backport-5414-to-2.x.

ananzh added a commit to ananzh/OpenSearch-Dashboards that referenced this pull request Nov 8, 2023
Backport PR:
opensearch-project#5414

Signed-off-by: ananzh <ananzh@amazon.com>
ananzh added a commit to ananzh/OpenSearch-Dashboards that referenced this pull request Nov 8, 2023
ananzh added a commit that referenced this pull request Nov 10, 2023
Backport PR:
#5414

Signed-off-by: ananzh <ananzh@amazon.com>
ananzh added a commit that referenced this pull request Nov 10, 2023
Backport PR
#5414

Signed-off-by: ananzh <ananzh@amazon.com>
@joshuarrrr joshuarrrr added v2.11.1 Issues targeting release v2.11.1 and removed failed backport labels Nov 16, 2023
opensearch-trigger-bot bot pushed a commit that referenced this pull request Nov 16, 2023
Backport PR:
#5414

Signed-off-by: ananzh <ananzh@amazon.com>
(cherry picked from commit 90b0d02)
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

# Conflicts:
#	CHANGELOG.md
ananzh pushed a commit that referenced this pull request Dec 12, 2023
…#5483)

Backport PR:
#5414

Signed-off-by: ananzh <ananzh@amazon.com>
(cherry picked from commit 90b0d02)
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: Miki <miki@amazon.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

CVE-2023-46234 (Medium) detected in browserify-sign-4.2.1.tgz
3 participants