From 4d72cb1a8e971c2f76fa6a30da7e3266356ed1cb Mon Sep 17 00:00:00 2001 From: Andreas Gerstmayr Date: Wed, 27 Jul 2022 12:43:28 +0200 Subject: [PATCH] update to upstream Grafana 9.0.5 --- ...li-script-with-distro-specific-paths.patch | 2 +- 0002-add-manpages.patch | 10 +- 0003-update-default-configuration.patch | 2 +- 0004-remove-unused-backend-dependencies.patch | 20 ++-- 0005-remove-unused-frontend-crypto.patch | 99 +++++++++---------- ...e-HMAC-SHA256-to-generate-password-r.patch | 6 +- 0007-disable-husky-git-hook.patch | 4 +- ...skip-marketplace-plugin-install-test.patch | 2 +- ...nteger-overflow-in-rate-interval-cal.patch | 2 +- ...nteger-overflow-in-rate-interval-cal.patch | 2 +- grafana.spec | 19 ++-- sources | 6 +- 12 files changed, 87 insertions(+), 87 deletions(-) diff --git a/0001-update-grafana-cli-script-with-distro-specific-paths.patch b/0001-update-grafana-cli-script-with-distro-specific-paths.patch index 225357e..3ceb1eb 100644 --- a/0001-update-grafana-cli-script-with-distro-specific-paths.patch +++ b/0001-update-grafana-cli-script-with-distro-specific-paths.patch @@ -1,4 +1,4 @@ -From 7355a597e6b7290ec643c0a19b664746e0654e11 Mon Sep 17 00:00:00 2001 +From 055e0dd18587a4fb04d314527a39e419989b6cd3 Mon Sep 17 00:00:00 2001 From: Andreas Gerstmayr Date: Wed, 22 Jun 2022 16:57:52 +0200 Subject: [PATCH] update grafana-cli script with distro-specific paths and diff --git a/0002-add-manpages.patch b/0002-add-manpages.patch index 8984872..db27b7c 100644 --- a/0002-add-manpages.patch +++ b/0002-add-manpages.patch @@ -1,4 +1,4 @@ -From 1169b578b7a3aa1a96a0496c8e2f994f1796b853 Mon Sep 17 00:00:00 2001 +From af9688a2f1d15fa4b4840a0224ec159a97bcc411 Mon Sep 17 00:00:00 2001 From: Andreas Gerstmayr Date: Wed, 22 Jun 2022 17:01:09 +0200 Subject: [PATCH] add manpages @@ -6,11 +6,11 @@ Subject: [PATCH] add manpages diff --git a/docs/man/man1/grafana-cli.1 b/docs/man/man1/grafana-cli.1 new file mode 100644 -index 0000000000..736c6f7506 +index 0000000000..081d35bfae --- /dev/null +++ b/docs/man/man1/grafana-cli.1 @@ -0,0 +1,63 @@ -+.TH GRAFANA "1" "June 2022" "Grafana cli version 8.5.6" "User Commands" ++.TH GRAFANA "1" "July 2022" "Grafana cli version 9.0.5" "User Commands" +.SH NAME +grafana-cli \- command line administration for the Grafana metrics dashboard and graph editor +.SH DESCRIPTION @@ -75,11 +75,11 @@ index 0000000000..736c6f7506 +.BR http://docs.grafana.org/ . diff --git a/docs/man/man1/grafana-server.1 b/docs/man/man1/grafana-server.1 new file mode 100644 -index 0000000000..1f48e898fb +index 0000000000..a10acbb253 --- /dev/null +++ b/docs/man/man1/grafana-server.1 @@ -0,0 +1,80 @@ -+.TH VERSION "1" "June 2022" "Version 8.5.6" "User Commands" ++.TH VERSION "1" "July 2022" "Version 9.0.5" "User Commands" +.SH NAME +grafana-server \- back-end server for the Grafana metrics dashboard and graph editor +.SH DESCRIPTION diff --git a/0003-update-default-configuration.patch b/0003-update-default-configuration.patch index 769036f..97ec495 100644 --- a/0003-update-default-configuration.patch +++ b/0003-update-default-configuration.patch @@ -1,4 +1,4 @@ -From 12da643fe5c9ff99a7d5ee439026be50a320eef5 Mon Sep 17 00:00:00 2001 +From 4e98684081dff58ff4159e7c4af46227c85b77c6 Mon Sep 17 00:00:00 2001 From: Andreas Gerstmayr Date: Wed, 22 Jun 2022 17:05:48 +0200 Subject: [PATCH] update default configuration diff --git a/0004-remove-unused-backend-dependencies.patch b/0004-remove-unused-backend-dependencies.patch index 493e3dc..af9fb9f 100644 --- a/0004-remove-unused-backend-dependencies.patch +++ b/0004-remove-unused-backend-dependencies.patch @@ -1,4 +1,4 @@ -From e4bd08496af62938c6ea99658ae6fd8619258447 Mon Sep 17 00:00:00 2001 +From 64155b6b75589f127b304c1bc04a21baaaf92961 Mon Sep 17 00:00:00 2001 From: Andreas Gerstmayr Date: Wed, 22 Jun 2022 17:18:56 +0200 Subject: [PATCH] remove unused backend dependencies @@ -7,7 +7,7 @@ saml and gofpdf are not used in the OSS edition of Grafana after editing `pkg/extensions/main.go`, run `go mod tidy` diff --git a/go.mod b/go.mod -index 535c18fb68..56bb414bbe 100644 +index 951745c95f..5b1379fa98 100644 --- a/go.mod +++ b/go.mod @@ -27,7 +27,6 @@ require ( @@ -35,7 +35,7 @@ index 535c18fb68..56bb414bbe 100644 github.com/mattn/go-runewidth v0.0.9 // indirect github.com/miekg/dns v1.1.43 // indirect diff --git a/go.sum b/go.sum -index aa98e6bc0e..ced9bf3a15 100644 +index 0f2ad00d37..19e3489ca1 100644 --- a/go.sum +++ b/go.sum @@ -740,7 +740,6 @@ github.com/cpuguy83/go-md2man/v2 v2.0.1/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46t @@ -62,7 +62,7 @@ index aa98e6bc0e..ced9bf3a15 100644 github.com/form3tech-oss/jwt-go v3.2.3+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= github.com/fortytw2/leaktest v1.3.0/go.mod h1:jDsjWgpAGjm2CA7WthBh/CdZYEPF31XHquHwclZch5g= github.com/foxcpp/go-mockdns v0.0.0-20201212160233-ede2f9158d15/go.mod h1:tPg4cp4nseejPd+UKxtCVQ2hUxNTZ7qQZJa7CLriIeo= -@@ -1457,8 +1454,6 @@ github.com/grafana/grafana-plugin-sdk-go v0.138.0 h1:uJWNwHL4RoQF3axoi3RDSwoNu/K +@@ -1459,8 +1456,6 @@ github.com/grafana/grafana-plugin-sdk-go v0.138.0 h1:uJWNwHL4RoQF3axoi3RDSwoNu/K github.com/grafana/grafana-plugin-sdk-go v0.138.0/go.mod h1:Y+Ps2sesZ62AyCnX+hzrYnyDQYe/ZZl+A8yKLOBm12c= github.com/grafana/loki v1.6.2-0.20211015002020-7832783b1caa h1:+pXjAxavVR2FKKNsuuCXGCWEj8XGc1Af6SPiyBpzU2A= github.com/grafana/loki v1.6.2-0.20211015002020-7832783b1caa/go.mod h1:0O8o/juxNSKN/e+DzWDTRkl7Zm8CkZcz0NDqEdojlrk= @@ -71,7 +71,7 @@ index aa98e6bc0e..ced9bf3a15 100644 github.com/grafana/sqlds/v2 v2.3.7/go.mod h1:c6ibxnxRVGxV/0YkEgvy7QpQH/lyifFyV7K/14xvdIs= github.com/grafana/thema v0.0.0-20220523183731-72aebd14e751 h1:5PpsfN52XA0hxOjD/qQ0QNiEkp9Y9Tb+yz/Hj9fyL4M= github.com/grafana/thema v0.0.0-20220523183731-72aebd14e751/go.mod h1:KuqTKX9lfM87uu9vt9DS/q+REqSrAm2xYMnBBvlmevA= -@@ -1764,7 +1759,6 @@ github.com/joefitzgerald/rainbow-reporter v0.1.0/go.mod h1:481CNgqmVHQZzdIbN52Cu +@@ -1766,7 +1761,6 @@ github.com/joefitzgerald/rainbow-reporter v0.1.0/go.mod h1:481CNgqmVHQZzdIbN52Cu github.com/joeshaw/multierror v0.0.0-20140124173710-69b34d4ec901/go.mod h1:Z86h9688Y0wesXCyonoVr47MasHilkuLMqGhRZ4Hpak= github.com/joho/godotenv v1.3.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqxOKXbg= github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= @@ -79,7 +79,7 @@ index aa98e6bc0e..ced9bf3a15 100644 github.com/jonboulle/clockwork v0.2.2 h1:UOGuzwb1PwsrDAObMuhUnj0p5ULPj8V/xJ7Kx9qUBdQ= github.com/jonboulle/clockwork v0.2.2/go.mod h1:Pkfl5aHPm1nk2H9h0bjmnJD/BcgbGXUBGnn1kMkgxc8= github.com/joncrlsn/dque v2.2.1-0.20200515025108-956d14155fa2+incompatible/go.mod h1:hDZb8oMj3Kp8MxtbNLg9vrtAUDHjgI1yZvqivT4O8Iw= -@@ -1799,8 +1793,6 @@ github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7V +@@ -1801,8 +1795,6 @@ github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7V github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM= github.com/jung-kurt/gofpdf v1.0.0/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes= github.com/jung-kurt/gofpdf v1.0.3-0.20190309125859-24315acbbda5/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes= @@ -88,7 +88,7 @@ index aa98e6bc0e..ced9bf3a15 100644 github.com/jwilder/encoding v0.0.0-20170811194829-b4e1701a28ef/go.mod h1:Ct9fl0F6iIOGgxJ5npU/IUOhOhqlVrGjyIZc8/MagT0= github.com/kardianos/osext v0.0.0-20190222173326-2bc1f35cddc0/go.mod h1:1NbS8ALrpOvjt0rHPNLyCIeMtbizbir8U//inJ+zuB8= github.com/kardianos/service v1.0.0/go.mod h1:8CzDhVuCuugtsHyZoTvsOBuvonN/UDBvl0kH+BUxvbo= -@@ -1928,8 +1920,6 @@ github.com/marstr/guid v1.1.0/go.mod h1:74gB1z2wpxxInTG6yaqA7KrtM0NZ+RbrcqDvYHef +@@ -1930,8 +1922,6 @@ github.com/marstr/guid v1.1.0/go.mod h1:74gB1z2wpxxInTG6yaqA7KrtM0NZ+RbrcqDvYHef github.com/matryer/is v1.4.0 h1:sosSmIWwkYITGrxZ25ULNDeKiMNzFSr4V/eqBQP0PeE= github.com/matryer/is v1.4.0/go.mod h1:8I/i5uYgLzgsgEloJE1U6xx5HkBQpAZvepWuujKwMRU= github.com/matryer/moq v0.0.0-20190312154309-6cfb0558e1bd/go.mod h1:9ELz6aaclSIGnZBoaSLZ3NAl1VTufbOrXBPvtcy6WiQ= @@ -97,7 +97,7 @@ index aa98e6bc0e..ced9bf3a15 100644 github.com/mattetti/filebuffer v1.0.1 h1:gG7pyfnSIZCxdoKq+cPa8T0hhYtD9NxCdI4D7PTjRLM= github.com/mattetti/filebuffer v1.0.1/go.mod h1:YdMURNDOttIiruleeVr6f56OrMc+MydEnTcXwtkxNVs= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= -@@ -2237,7 +2227,6 @@ github.com/peterh/liner v1.0.1-0.20180619022028-8c1271fcf47f/go.mod h1:xIteQHvHu +@@ -2239,7 +2229,6 @@ github.com/peterh/liner v1.0.1-0.20180619022028-8c1271fcf47f/go.mod h1:xIteQHvHu github.com/philhofer/fwd v1.0.0/go.mod h1:gk3iGcWd9+svBvR0sR+KPcfE+RNWozjowpeBVG3ZVNU= github.com/philhofer/fwd v1.1.1/go.mod h1:gk3iGcWd9+svBvR0sR+KPcfE+RNWozjowpeBVG3ZVNU= github.com/phpdave11/gofpdf v1.4.2/go.mod h1:zpO6xFn9yxo3YLyMvW8HcKWVdbNqgIfOOp2dXMnm1mY= @@ -105,7 +105,7 @@ index aa98e6bc0e..ced9bf3a15 100644 github.com/phpdave11/gofpdi v1.0.12/go.mod h1:vBmVV0Do6hSBHC8uKUQ71JGW+ZGQq74llk/7bXwjDoI= github.com/phpdave11/gofpdi v1.0.13/go.mod h1:vBmVV0Do6hSBHC8uKUQ71JGW+ZGQq74llk/7bXwjDoI= github.com/pierrec/lz4 v1.0.2-0.20190131084431-473cd7ce01a1/go.mod h1:3/3N9NVKO0jef7pBehbT1qWhCMrIgbYNnFAZCqQ5LRc= -@@ -2431,7 +2420,6 @@ github.com/rs/xid v1.2.1/go.mod h1:+uKXf+4Djp6Md1KODXJxgGQPKngRmWyn10oCKFzNHOQ= +@@ -2433,7 +2422,6 @@ github.com/rs/xid v1.2.1/go.mod h1:+uKXf+4Djp6Md1KODXJxgGQPKngRmWyn10oCKFzNHOQ= github.com/rs/zerolog v1.4.0/go.mod h1:YbFCdg8HfsridGWAh22vktObvhZbQsZXe4/zB0OKkWU= github.com/rs/zerolog v1.13.0/go.mod h1:YbFCdg8HfsridGWAh22vktObvhZbQsZXe4/zB0OKkWU= github.com/rs/zerolog v1.15.0/go.mod h1:xYTKnLHcpfU2225ny5qZjxnj9NvkumZYjJHlAThCjNc= @@ -113,7 +113,7 @@ index aa98e6bc0e..ced9bf3a15 100644 github.com/russellhaering/goxmldsig v1.1.1 h1:vI0r2osGF1A9PLvsGdPUAGwEIrKa4Pj5sesSBsebIxM= github.com/russellhaering/goxmldsig v1.1.1/go.mod h1:gM4MDENBQf7M+V824SGfyIUVFWydB7n0KkEubVJl+Tw= github.com/russross/blackfriday v1.5.2 h1:HyvC0ARfnZBqnXwABFeSZHpKvJHJJfPz81GNueLj0oo= -@@ -2745,7 +2733,6 @@ github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43/go.mod h1:aX +@@ -2747,7 +2735,6 @@ github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43/go.mod h1:aX github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50/go.mod h1:NUSPSUX/bi6SeDMUh6brw0nXpxHnc96TguQh0+r/ssA= github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f/go.mod h1:GlGEuHIJweS1mbCqG+7vt2nvWLzLLnRHbXz5JKd/Qbg= github.com/zenazn/goji v0.9.0/go.mod h1:7S9M489iMyHBNxwZnk9/EHS098H4/F6TATF2mIxtB1Q= diff --git a/0005-remove-unused-frontend-crypto.patch b/0005-remove-unused-frontend-crypto.patch index 12b0462..6e660d7 100644 --- a/0005-remove-unused-frontend-crypto.patch +++ b/0005-remove-unused-frontend-crypto.patch @@ -1,4 +1,4 @@ -From 57cc28e1783315f311b7946d2e60c41c6590f349 Mon Sep 17 00:00:00 2001 +From 7aacc4ad1439e13a0b1aee0f5775819fb1434ebf Mon Sep 17 00:00:00 2001 From: Andreas Gerstmayr Date: Wed, 22 Jun 2022 17:36:47 +0200 Subject: [PATCH] remove unused frontend crypto @@ -7,7 +7,7 @@ update `package.json` and then run `yarn install` to update the `yarn.lock` lockfile diff --git a/package.json b/package.json -index fc77a1a3c0..195dcd4756 100644 +index 2741ac47bf..9c2e666bf2 100644 --- a/package.json +++ b/package.json @@ -396,6 +396,9 @@ @@ -21,10 +21,10 @@ index fc77a1a3c0..195dcd4756 100644 "@types/slate": "0.47.2", "@microsoft/api-extractor-model": "7.17.3", diff --git a/yarn.lock b/yarn.lock -index aac4c30c27..8ae68abaab 100644 +index 1bb1a2f2f5..27fd81c9be 100644 --- a/yarn.lock +++ b/yarn.lock -@@ -12284,34 +12284,6 @@ __metadata: +@@ -12285,34 +12285,6 @@ __metadata: languageName: node linkType: hard @@ -59,7 +59,7 @@ index aac4c30c27..8ae68abaab 100644 "assert@npm:2.0.0": version: 2.0.0 resolution: "assert@npm:2.0.0" -@@ -12898,15 +12870,6 @@ __metadata: +@@ -12899,15 +12871,6 @@ __metadata: languageName: node linkType: hard @@ -75,7 +75,7 @@ index aac4c30c27..8ae68abaab 100644 "before-after-hook@npm:^2.2.0": version: 2.2.2 resolution: "before-after-hook@npm:2.2.2" -@@ -12998,20 +12961,6 @@ __metadata: +@@ -12999,20 +12962,6 @@ __metadata: languageName: node linkType: hard @@ -96,7 +96,7 @@ index aac4c30c27..8ae68abaab 100644 "body-parser@npm:1.19.0": version: 1.19.0 resolution: "body-parser@npm:1.19.0" -@@ -13136,13 +13085,6 @@ __metadata: +@@ -13137,13 +13086,6 @@ __metadata: languageName: node linkType: hard @@ -110,7 +110,7 @@ index aac4c30c27..8ae68abaab 100644 "browser-process-hrtime@npm:^1.0.0": version: 1.0.0 resolution: "browser-process-hrtime@npm:1.0.0" -@@ -13157,70 +13099,6 @@ __metadata: +@@ -13158,70 +13100,6 @@ __metadata: languageName: node linkType: hard @@ -181,7 +181,7 @@ index aac4c30c27..8ae68abaab 100644 "browserify-zlib@npm:^0.2.0": version: 0.2.0 resolution: "browserify-zlib@npm:0.2.0" -@@ -13322,13 +13200,6 @@ __metadata: +@@ -13323,13 +13201,6 @@ __metadata: languageName: node linkType: hard @@ -195,7 +195,7 @@ index aac4c30c27..8ae68abaab 100644 "buffer@npm:^4.3.0": version: 4.9.2 resolution: "buffer@npm:4.9.2" -@@ -13924,16 +13795,6 @@ __metadata: +@@ -13925,16 +13796,6 @@ __metadata: languageName: node linkType: hard @@ -212,7 +212,7 @@ index aac4c30c27..8ae68abaab 100644 "cjs-module-lexer@npm:^1.0.0": version: 1.2.2 resolution: "cjs-module-lexer@npm:1.2.2" -@@ -14834,13 +14695,6 @@ __metadata: +@@ -14835,13 +14696,6 @@ __metadata: languageName: node linkType: hard @@ -226,7 +226,7 @@ index aac4c30c27..8ae68abaab 100644 "core-util-is@npm:~1.0.0": version: 1.0.3 resolution: "core-util-is@npm:1.0.3" -@@ -14910,16 +14764,6 @@ __metadata: +@@ -14911,16 +14765,6 @@ __metadata: languageName: node linkType: hard @@ -243,7 +243,7 @@ index aac4c30c27..8ae68abaab 100644 "create-emotion@npm:^10.0.14, create-emotion@npm:^10.0.27": version: 10.0.27 resolution: "create-emotion@npm:10.0.27" -@@ -14932,33 +14776,6 @@ __metadata: +@@ -14933,33 +14777,6 @@ __metadata: languageName: node linkType: hard @@ -277,7 +277,7 @@ index aac4c30c27..8ae68abaab 100644 "create-require@npm:^1.1.0": version: 1.1.1 resolution: "create-require@npm:1.1.1" -@@ -14990,22 +14807,10 @@ __metadata: +@@ -14991,22 +14808,10 @@ __metadata: languageName: node linkType: hard @@ -304,7 +304,7 @@ index aac4c30c27..8ae68abaab 100644 languageName: node linkType: hard -@@ -15956,15 +15761,6 @@ __metadata: +@@ -15957,15 +15762,6 @@ __metadata: languageName: node linkType: hard @@ -320,7 +320,7 @@ index aac4c30c27..8ae68abaab 100644 "data-urls@npm:^2.0.0": version: 2.0.0 resolution: "data-urls@npm:2.0.0" -@@ -16279,16 +16075,6 @@ __metadata: +@@ -16280,16 +16076,6 @@ __metadata: languageName: node linkType: hard @@ -337,7 +337,7 @@ index aac4c30c27..8ae68abaab 100644 "destroy@npm:~1.0.4": version: 1.0.4 resolution: "destroy@npm:1.0.4" -@@ -16425,17 +16211,6 @@ __metadata: +@@ -16426,17 +16212,6 @@ __metadata: languageName: node linkType: hard @@ -355,7 +355,7 @@ index aac4c30c27..8ae68abaab 100644 "dir-glob@npm:^2.2.2": version: 2.2.2 resolution: "dir-glob@npm:2.2.2" -@@ -16722,16 +16497,6 @@ __metadata: +@@ -16723,16 +16498,6 @@ __metadata: languageName: node linkType: hard @@ -372,7 +372,7 @@ index aac4c30c27..8ae68abaab 100644 "ee-first@npm:1.1.1": version: 1.1.1 resolution: "ee-first@npm:1.1.1" -@@ -16776,21 +16541,6 @@ __metadata: +@@ -16777,21 +16542,6 @@ __metadata: languageName: node linkType: hard @@ -394,7 +394,7 @@ index aac4c30c27..8ae68abaab 100644 "emitter-component@npm:^1.1.1": version: 1.1.1 resolution: "emitter-component@npm:1.1.1" -@@ -17744,17 +17494,6 @@ __metadata: +@@ -17745,17 +17495,6 @@ __metadata: languageName: node linkType: hard @@ -412,7 +412,7 @@ index aac4c30c27..8ae68abaab 100644 "exec-sh@npm:^0.3.2": version: 0.3.6 resolution: "exec-sh@npm:0.3.6" -@@ -18034,20 +17773,6 @@ __metadata: +@@ -18035,20 +17774,6 @@ __metadata: languageName: node linkType: hard @@ -433,7 +433,7 @@ index aac4c30c27..8ae68abaab 100644 "fast-deep-equal@npm:^3.0.0, fast-deep-equal@npm:^3.1.1, fast-deep-equal@npm:^3.1.3": version: 3.1.3 resolution: "fast-deep-equal@npm:3.1.3" -@@ -19084,15 +18809,6 @@ __metadata: +@@ -19075,15 +18800,6 @@ __metadata: languageName: node linkType: hard @@ -449,7 +449,7 @@ index aac4c30c27..8ae68abaab 100644 "git-raw-commits@npm:^2.0.8": version: 2.0.10 resolution: "git-raw-commits@npm:2.0.10" -@@ -19925,27 +19641,6 @@ __metadata: +@@ -19916,27 +19632,6 @@ __metadata: languageName: node linkType: hard @@ -477,7 +477,7 @@ index aac4c30c27..8ae68abaab 100644 "hast-to-hyperscript@npm:^9.0.0": version: 9.0.1 resolution: "hast-to-hyperscript@npm:9.0.1" -@@ -20081,17 +19776,6 @@ __metadata: +@@ -20072,17 +19767,6 @@ __metadata: languageName: node linkType: hard @@ -495,7 +495,7 @@ index aac4c30c27..8ae68abaab 100644 "hoist-non-react-statics@npm:3.3.2, hoist-non-react-statics@npm:^3.1.0, hoist-non-react-statics@npm:^3.3.0, hoist-non-react-statics@npm:^3.3.1, hoist-non-react-statics@npm:^3.3.2": version: 3.3.2 resolution: "hoist-non-react-statics@npm:3.3.2" -@@ -20432,25 +20116,10 @@ __metadata: +@@ -20423,25 +20107,10 @@ __metadata: languageName: node linkType: hard @@ -525,7 +525,7 @@ index aac4c30c27..8ae68abaab 100644 languageName: node linkType: hard -@@ -22600,13 +22269,6 @@ __metadata: +@@ -22591,13 +22260,6 @@ __metadata: languageName: node linkType: hard @@ -539,18 +539,11 @@ index aac4c30c27..8ae68abaab 100644 "jsdoc-type-pratt-parser@npm:~2.2.5": version: 2.2.5 resolution: "jsdoc-type-pratt-parser@npm:2.2.5" -@@ -22721,20 +22383,6 @@ __metadata: +@@ -22712,13 +22374,6 @@ __metadata: languageName: node linkType: hard --"json-schema@npm:0.2.3": -- version: 0.2.3 -- resolution: "json-schema@npm:0.2.3" -- checksum: bbc2070988fb5f2a2266a31b956f1b5660e03ea7eaa95b33402901274f625feb586ae0c485e1df854fde40a7f0dc679f3b3ca8e5b8d31f8ea07a0d834de785c7 -- languageName: node -- linkType: hard -- --"json-schema@npm:0.4.0": +-"json-schema@npm:0.2.3, json-schema@npm:0.4.0": - version: 0.4.0 - resolution: "json-schema@npm:0.4.0" - checksum: 66389434c3469e698da0df2e7ac5a3281bcff75e797a5c127db7c5b56270e01ae13d9afa3c03344f76e32e81678337a8c912bdbb75101c62e487dc3778461d72 @@ -560,7 +553,7 @@ index aac4c30c27..8ae68abaab 100644 "json-source-map@npm:0.6.1": version: 0.6.1 resolution: "json-source-map@npm:0.6.1" -@@ -22838,30 +22486,6 @@ __metadata: +@@ -22822,30 +22477,6 @@ __metadata: languageName: node linkType: hard @@ -591,7 +584,7 @@ index aac4c30c27..8ae68abaab 100644 "jsurl@npm:^0.1.5": version: 0.1.5 resolution: "jsurl@npm:0.1.5" -@@ -23863,17 +23487,6 @@ __metadata: +@@ -23847,17 +23478,6 @@ __metadata: languageName: node linkType: hard @@ -609,7 +602,7 @@ index aac4c30c27..8ae68abaab 100644 "mdast-squeeze-paragraphs@npm:^4.0.0": version: 4.0.0 resolution: "mdast-squeeze-paragraphs@npm:4.0.0" -@@ -24153,18 +23766,6 @@ __metadata: +@@ -24137,18 +23757,6 @@ __metadata: languageName: node linkType: hard @@ -628,7 +621,7 @@ index aac4c30c27..8ae68abaab 100644 "mime-db@npm:1.50.0, mime-db@npm:>= 1.43.0 < 2": version: 1.50.0 resolution: "mime-db@npm:1.50.0" -@@ -24292,20 +23893,13 @@ __metadata: +@@ -24276,20 +23884,13 @@ __metadata: languageName: node linkType: hard @@ -650,7 +643,7 @@ index aac4c30c27..8ae68abaab 100644 "minimatch@npm:3.0.4, minimatch@npm:^3.0.4": version: 3.0.4 resolution: "minimatch@npm:3.0.4" -@@ -24948,13 +24542,6 @@ __metadata: +@@ -24932,13 +24533,6 @@ __metadata: languageName: node linkType: hard @@ -664,7 +657,7 @@ index aac4c30c27..8ae68abaab 100644 "node-gettext@npm:^3.0.0": version: 3.0.0 resolution: "node-gettext@npm:3.0.0" -@@ -26069,19 +25656,6 @@ __metadata: +@@ -26053,19 +25647,6 @@ __metadata: languageName: node linkType: hard @@ -684,7 +677,7 @@ index aac4c30c27..8ae68abaab 100644 "parse-entities@npm:^2.0.0": version: 2.0.0 resolution: "parse-entities@npm:2.0.0" -@@ -26303,19 +25877,6 @@ __metadata: +@@ -26287,19 +25868,6 @@ __metadata: languageName: node linkType: hard @@ -704,7 +697,7 @@ index aac4c30c27..8ae68abaab 100644 "pend@npm:~1.2.0": version: 1.2.0 resolution: "pend@npm:1.2.0" -@@ -28004,20 +27565,6 @@ __metadata: +@@ -27988,20 +27556,6 @@ __metadata: languageName: node linkType: hard @@ -725,7 +718,7 @@ index aac4c30c27..8ae68abaab 100644 "pump@npm:^2.0.0": version: 2.0.1 resolution: "pump@npm:2.0.1" -@@ -28226,7 +27773,7 @@ __metadata: +@@ -28210,7 +27764,7 @@ __metadata: languageName: node linkType: hard @@ -734,7 +727,7 @@ index aac4c30c27..8ae68abaab 100644 version: 2.1.0 resolution: "randombytes@npm:2.1.0" dependencies: -@@ -28235,16 +27782,6 @@ __metadata: +@@ -28219,16 +27773,6 @@ __metadata: languageName: node linkType: hard @@ -751,7 +744,7 @@ index aac4c30c27..8ae68abaab 100644 "range-parser@npm:^1.2.1, range-parser@npm:~1.2.1": version: 1.2.1 resolution: "range-parser@npm:1.2.1" -@@ -30488,16 +30025,6 @@ __metadata: +@@ -30472,16 +30016,6 @@ __metadata: languageName: node linkType: hard @@ -768,7 +761,7 @@ index aac4c30c27..8ae68abaab 100644 "rollup-plugin-copy@npm:3.4.0": version: 3.4.0 resolution: "rollup-plugin-copy@npm:3.4.0" -@@ -30683,7 +30210,7 @@ __metadata: +@@ -30667,7 +30201,7 @@ __metadata: languageName: node linkType: hard @@ -777,7 +770,7 @@ index aac4c30c27..8ae68abaab 100644 version: 5.2.1 resolution: "safe-buffer@npm:5.2.1" checksum: b99c4b41fdd67a6aaf280fcd05e9ffb0813654894223afb78a31f14a19ad220bba8aba1cb14eddce1fcfb037155fe6de4e861784eb434f7d11ed58d1e70dd491 -@@ -30699,7 +30226,7 @@ __metadata: +@@ -30683,7 +30217,7 @@ __metadata: languageName: node linkType: hard @@ -786,7 +779,7 @@ index aac4c30c27..8ae68abaab 100644 version: 2.1.2 resolution: "safer-buffer@npm:2.1.2" checksum: cab8f25ae6f1434abee8d80023d7e72b598cf1327164ddab31003c51215526801e40b66c5e65d658a0af1e9d6478cadcb4c745f4bd6751f97d8644786c0978b0 -@@ -30936,12 +30463,10 @@ __metadata: +@@ -30920,12 +30454,10 @@ __metadata: languageName: node linkType: hard @@ -803,7 +796,7 @@ index aac4c30c27..8ae68abaab 100644 languageName: node linkType: hard -@@ -31178,18 +30703,6 @@ __metadata: +@@ -31162,18 +30694,6 @@ __metadata: languageName: node linkType: hard @@ -822,7 +815,7 @@ index aac4c30c27..8ae68abaab 100644 "shallow-clone@npm:^3.0.0": version: 3.0.1 resolution: "shallow-clone@npm:3.0.1" -@@ -31837,27 +31350,6 @@ __metadata: +@@ -31821,27 +31341,6 @@ __metadata: languageName: node linkType: hard @@ -850,7 +843,7 @@ index aac4c30c27..8ae68abaab 100644 "ssri@npm:^6.0.1": version: 6.0.2 resolution: "ssri@npm:6.0.2" -@@ -33516,13 +33008,6 @@ __metadata: +@@ -33500,13 +32999,6 @@ __metadata: languageName: node linkType: hard @@ -864,7 +857,7 @@ index aac4c30c27..8ae68abaab 100644 "type-check@npm:^0.4.0, type-check@npm:~0.4.0": version: 0.4.0 resolution: "type-check@npm:0.4.0" -@@ -34336,17 +33821,6 @@ __metadata: +@@ -34320,17 +33812,6 @@ __metadata: languageName: node linkType: soft diff --git a/0006-notifications-use-HMAC-SHA256-to-generate-password-r.patch b/0006-notifications-use-HMAC-SHA256-to-generate-password-r.patch index b872f7b..c065d2e 100644 --- a/0006-notifications-use-HMAC-SHA256-to-generate-password-r.patch +++ b/0006-notifications-use-HMAC-SHA256-to-generate-password-r.patch @@ -1,4 +1,4 @@ -From c69e745541cf3d98e6d605dec3848c28b2541bbd Mon Sep 17 00:00:00 2001 +From b540a2caa038568c39456c6a8189664d51ba5236 Mon Sep 17 00:00:00 2001 From: Andreas Gerstmayr Date: Thu, 25 Nov 2021 18:49:52 +0100 Subject: [PATCH] notifications: use HMAC-SHA256 to generate password reset @@ -300,10 +300,10 @@ index a314c8deca..be9b68ca69 100644 isValid, err := validateUserEmailCode(cfg, user, code) require.NoError(t, err) diff --git a/pkg/services/notifications/notifications.go b/pkg/services/notifications/notifications.go -index 7c86ebb834..653ac01c45 100644 +index 84a0d42cb6..52facd0992 100644 --- a/pkg/services/notifications/notifications.go +++ b/pkg/services/notifications/notifications.go -@@ -167,7 +167,7 @@ func (ns *NotificationService) SendEmailCommandHandler(ctx context.Context, cmd +@@ -168,7 +168,7 @@ func (ns *NotificationService) SendEmailCommandHandler(ctx context.Context, cmd } func (ns *NotificationService) SendResetPasswordEmail(ctx context.Context, cmd *models.SendResetPasswordEmailCommand) error { diff --git a/0007-disable-husky-git-hook.patch b/0007-disable-husky-git-hook.patch index 76f439f..5a7ba3c 100644 --- a/0007-disable-husky-git-hook.patch +++ b/0007-disable-husky-git-hook.patch @@ -1,11 +1,11 @@ -From 41629934d99471b8392dc649bf7338ad6405de56 Mon Sep 17 00:00:00 2001 +From fcea701c10eda55164580edceeecb9fbb43c8e90 Mon Sep 17 00:00:00 2001 From: Andreas Gerstmayr Date: Wed, 22 Jun 2022 18:29:42 +0200 Subject: [PATCH] disable husky git hook diff --git a/package.json b/package.json -index 195dcd4756..97b8988ffe 100644 +index 9c2e666bf2..a00cc73167 100644 --- a/package.json +++ b/package.json @@ -52,7 +52,6 @@ diff --git a/0008-skip-marketplace-plugin-install-test.patch b/0008-skip-marketplace-plugin-install-test.patch index 830daac..a6538dd 100644 --- a/0008-skip-marketplace-plugin-install-test.patch +++ b/0008-skip-marketplace-plugin-install-test.patch @@ -1,4 +1,4 @@ -From 8e6f5cf56fba46422fc9a3fa0381924b186194a3 Mon Sep 17 00:00:00 2001 +From 6cd629300d5cb10218ac9b4b23e3f97381acf502 Mon Sep 17 00:00:00 2001 From: Andreas Gerstmayr Date: Thu, 23 Jun 2022 17:00:46 +0200 Subject: [PATCH] skip marketplace plugin install test diff --git a/0009-Prometheus-Fix-integer-overflow-in-rate-interval-cal.patch b/0009-Prometheus-Fix-integer-overflow-in-rate-interval-cal.patch index 4ebd2bc..c14fa0c 100644 --- a/0009-Prometheus-Fix-integer-overflow-in-rate-interval-cal.patch +++ b/0009-Prometheus-Fix-integer-overflow-in-rate-interval-cal.patch @@ -1,4 +1,4 @@ -From fda7918ed1718ec3e6602613fad25ab1435a1b47 Mon Sep 17 00:00:00 2001 +From bcb0dae049ae5684762bf46fbee68e915fffca99 Mon Sep 17 00:00:00 2001 From: Andreas Gerstmayr Date: Mon, 27 Jun 2022 17:12:27 +0200 Subject: [PATCH] Prometheus: Fix integer overflow in rate interval calculation diff --git a/0010-Prometheus-Fix-integer-overflow-in-rate-interval-cal.patch b/0010-Prometheus-Fix-integer-overflow-in-rate-interval-cal.patch index b1dc0c7..743f1ee 100644 --- a/0010-Prometheus-Fix-integer-overflow-in-rate-interval-cal.patch +++ b/0010-Prometheus-Fix-integer-overflow-in-rate-interval-cal.patch @@ -1,4 +1,4 @@ -From 22ea44e0867420bc7eb2ecf96e8d0b8e87dd7328 Mon Sep 17 00:00:00 2001 +From 1582ba252ce38745283b2ed4d3e573ec3e445c28 Mon Sep 17 00:00:00 2001 From: Andreas Gerstmayr Date: Tue, 5 Jul 2022 17:04:13 +0200 Subject: [PATCH] Prometheus: Fix integer overflow in rate interval calculation diff --git a/grafana.spec b/grafana.spec index ce4e1fb..3997b89 100644 --- a/grafana.spec +++ b/grafana.spec @@ -19,10 +19,11 @@ end} %global gomodulesmode GO111MODULE=auto +%global gotestflags %{gotestflags} -tags=integration Name: grafana -Version: 9.0.2 -Release: 4%{?dist} +Version: 9.0.5 +Release: 1%{?dist} Summary: Metrics dashboard and graph editor License: AGPLv3 URL: https://grafana.org @@ -83,9 +84,7 @@ BuildRequires: systemd BuildRequires: systemd-rpm-macros BuildRequires: golang >= 1.17 BuildRequires: go-srpm-macros -%if 0%{?fedora} >= 31 BuildRequires: go-rpm-macros -%endif %if %{compile_frontend} BuildRequires: nodejs >= 1:16 @@ -159,6 +158,7 @@ Provides: bundled(golang(github.com/dop251/goja)) = 0.0.0-20210804101310.32956a3 Provides: bundled(golang(github.com/fatih/color)) = 1.13.0 Provides: bundled(golang(github.com/gchaincl/sqlhooks)) = 1.3.0 Provides: bundled(golang(github.com/getsentry/sentry-go)) = 0.13.0 +Provides: bundled(golang(github.com/go-kit/kit)) = 0.11.0 Provides: bundled(golang(github.com/go-openapi/strfmt)) = 0.20.2 Provides: bundled(golang(github.com/go-redis/redis/v8)) = 8.11.4 Provides: bundled(golang(github.com/go-sourcemap/sourcemap)) = 2.1.3+incompatible @@ -176,7 +176,7 @@ Provides: bundled(golang(github.com/gorilla/websocket)) = 1.4.2 Provides: bundled(golang(github.com/gosimple/slug)) = 1.9.0 Provides: bundled(golang(github.com/grafana/cuetsy)) = 0.0.1 Provides: bundled(golang(github.com/grafana/grafana-aws-sdk)) = 0.10.7 -Provides: bundled(golang(github.com/grafana/grafana-azure-sdk-go)) = 1.2.0 +Provides: bundled(golang(github.com/grafana/grafana-azure-sdk-go)) = 1.3.0 Provides: bundled(golang(github.com/grafana/grafana-plugin-sdk-go)) = 0.138.0 Provides: bundled(golang(github.com/grafana/loki)) = 1.6.2-0.20211015002020.7832783b1caa Provides: bundled(golang(github.com/grpc-ecosystem/go-grpc-middleware)) = 1.3.0 @@ -664,7 +664,7 @@ Provides: bundled(npm(ts-node)) = 9.1.1 Provides: bundled(npm(tslib)) = 1.14.1 Provides: bundled(npm(tween-functions)) = 1.2.0 Provides: bundled(npm(typescript)) = 4.5.5 -Provides: bundled(npm(uplot)) = 1.6.21 +Provides: bundled(npm(uplot)) = 1.6.22 Provides: bundled(npm(url-loader)) = 4.1.1 Provides: bundled(npm(uuid)) = 3.4.0 Provides: bundled(npm(vendor)) = 0.0.0-use.local @@ -892,6 +892,13 @@ OPENSSL_FORCE_FIPS_MODE=1 GOLANG_FIPS=1 go test -v ./pkg/util -run TestEncryptio %changelog +* Wed Jul 27 2022 Andreas Gerstmayr 9.0.5-1 +- update to 9.0.5 tagged upstream community sources, see CHANGELOG (rhbz#2107413) +- run integration tests in check phase +- remove conditional around go-rpm-macros +- resolve CVE-2022-31107 grafana: OAuth account takeover (rhbz#2107435) +- resolve CVE-2022-31097 grafana: stored XSS vulnerability (rhbz#2107436) + * Thu Jul 21 2022 Fedora Release Engineering - 9.0.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild diff --git a/sources b/sources index a71c283..bfd7930 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (grafana-9.0.2.tar.gz) = bb694d17b7c7f96143718ede8b795d93ba86ade3207c438c8e61838a04c31ff1d5f979259a09d60b223f43aee6975d43b597ddc5d2a88e86b7112e4d963d5c4f -SHA512 (grafana-webpack-9.0.2-1.tar.gz) = 9a90bf3909862afd64a5dfe34997b533a3679b099cd63b88f1792c38aa07c433d3851211b8f9ee2db7f511b212b6896c77e7bfa89230427be884e3e6a59a4b37 -SHA512 (grafana-vendor-9.0.2-1.tar.xz) = 7e08c3dad38f6fa99a5dbe056d4afff708c64878ed37c8da844442fb7b4bcaa205f2ec4c60d0e6996eebe707b3f644b9193ca396cbc03e2182e312293eb6621e +SHA512 (grafana-9.0.5.tar.gz) = c72d1ce837f0d02faa188dc722f1816c1099b1666642aee658cf2c15a3b8967adbc01e5e9b349da0f7f8503a23af607c4246d7f0e2d9ef2a2e600310fc355870 +SHA512 (grafana-webpack-9.0.5-1.tar.gz) = 424adc5dd1b73fdc5624b312b356a56a2a8f4ca5e8e14344581d5d1a9bc54b9edc8c02b2742d0d1fa3670bf63f2e08f6360569be128bb83d7f5c18041f82f1c5 +SHA512 (grafana-vendor-9.0.5-1.tar.xz) = e79a62366c03366d33544f323bd002905fd83d4bb21c0acac62297c05be34495eec978de22d64c6b9215448e31c2dbd052540b1e88ce3222a1a60bfa066e08e2