diff --git a/opensearch-dashboards-2.yaml b/opensearch-dashboards-2.yaml index dab209de0e8..4ff35ab0387 100644 --- a/opensearch-dashboards-2.yaml +++ b/opensearch-dashboards-2.yaml @@ -1,7 +1,7 @@ package: name: opensearch-dashboards-2 - version: "2.19.0" # when updating please check if we can remove the patched package.json for the reporting plugin - epoch: 1 + version: "2.19.1" # when updating please check if we can remove the patched package.json for the reporting plugin + epoch: 0 description: Open source visualization dashboards for OpenSearch copyright: - license: Apache-2.0 @@ -58,7 +58,7 @@ pipeline: with: repository: https://github.com/opensearch-project/OpenSearch-Dashboards.git tag: ${{package.version}} - expected-commit: f04c140417a3fbb14fd8391fee1807e225f021c9 + expected-commit: 782801008fa7d872292e48caca1aca74be5304a6 - runs: | # Workaround for "OpenSearch Dashboards should not be run as root. Use --allow-root to continue." @@ -87,6 +87,10 @@ pipeline: devDependencies='{"dompurify": "^3.1.3"}' jq --argjson devDependencies "$devDependencies" '.devDependencies += $devDependencies' package.json > temp.json && mv temp.json package.json + # fix CVE-2023-28155 + devDependencies='{"cypress": "^13.5.1"}' + jq --argjson devDependencies "$devDependencies" '.devDependencies += $devDependencies' package.json > temp.json && mv temp.json package.json + yarn osd bootstrap --allow-root yarn build-platform --skip-os-packages --skip-archives --release --allow-root @@ -111,7 +115,7 @@ subpackages: repository: https://github.com/opensearch-project/opensearch-build tag: ${{package.version}} destination: opensearch-build - expected-commit: 58c499356b52e438ff2cbf71a75e893c99357d5d # will need to be manually updated when opensearch dashboard auto update happens + expected-commit: 4a479daa3b09736ddc91f7794a5b46aa6f195a7f # will need to be manually updated when opensearch dashboard auto update happens - runs: | install -Dm755 opensearch-build/docker/release/config/opensearch-dashboards/opensearch-dashboards-docker-entrypoint-2.x.sh ${{targets.contextdir}}/usr/share/opensearch-dashboards/opensearch-dashboards-docker-entrypoint.sh install -Dm655 opensearch-build/config/opensearch_dashboards-2.x.yml ${{targets.contextdir}}/usr/share/opensearch-dashboards/config/opensearch_dashboards.yml @@ -129,27 +133,11 @@ subpackages: repository: https://github.com/opensearch-project/${{range.key}}.git tag: ${{package.version}}.0 destination: ./plugins/${{range.value}} - - if: "'${{range.value}}' == 'reportsDashboards'" - uses: git-checkout - with: - repository: https://github.com/opensearch-project/${{range.key}}.git - tag: ${{package.version}}.0 - destination: ./plugins/${{range.value}} - cherry-picks: | - 2.19/3ad10434bd83591588476a057b8eacc5739f7882: required to bump jspdf to 3.0, fixes CVE-2025-26791 - runs: | cd ./plugins/${{range.value}} - # Downgrade cypress version to 12.17.4 if this is securityDashboard due to upstream problem: - # ERROR [single_version_dependencies] Multiple version ranges for the same dependency were found declared across different package.json files. - # This should be able to be removed in future versions, once upstream corrects the issue. - if [ ${{range.value}} = "securityDashboards" ] - then - # Define the dependencies - dependencies='{"cypress": "12.17.4"}' - # Apply the dependencies - jq --argjson dependencies "$dependencies" '.dependencies += $dependencies' package.json > temp.json && mv temp.json package.json - fi + dependencies='{"cypress": "^13.5.1"}' + jq --argjson dependencies "$dependencies" '.dependencies += $dependencies' package.json > temp.json && mv temp.json package.json yarn osd bootstrap --allow-root 2>/dev/null node /home/build/scripts/plugin_helpers build --allow-root --skip-archive