Resolves: RHEL-171604
This commit is contained in:
parent
9a3fdcbeb9
commit
dd73ed59ba
@ -1,4 +1,4 @@
|
||||
From 1e47ea7adc316e2df3d0081c2c0ebe75ddd6bda0 Mon Sep 17 00:00:00 2001
|
||||
From 6c91a24de267022108b83f54a59e342cee058be1 Mon Sep 17 00:00:00 2001
|
||||
From: Andreas Gerstmayr <agerstmayr@redhat.com>
|
||||
Date: Wed, 22 Jun 2022 16:57:52 +0200
|
||||
Subject: [PATCH] update grafana-cli script with distro-specific paths and
|
||||
@ -6,7 +6,7 @@ Subject: [PATCH] update grafana-cli script with distro-specific paths and
|
||||
|
||||
|
||||
diff --git a/packaging/wrappers/grafana-cli b/packaging/wrappers/grafana-cli
|
||||
index 7c6c46aef9..945714642b 100755
|
||||
index 7c6c46aef9e..945714642b2 100755
|
||||
--- a/packaging/wrappers/grafana-cli
|
||||
+++ b/packaging/wrappers/grafana-cli
|
||||
@@ -5,7 +5,7 @@
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
From 5b6c18f715808f99c32550fc3b670fc5bf600f72 Mon Sep 17 00:00:00 2001
|
||||
From bf16d1ebbd153bf7d973f522abd219970a5dc468 Mon Sep 17 00:00:00 2001
|
||||
From: Andreas Gerstmayr <agerstmayr@redhat.com>
|
||||
Date: Wed, 22 Jun 2022 17:01:09 +0200
|
||||
Subject: [PATCH] add manpages
|
||||
@ -6,11 +6,11 @@ Subject: [PATCH] add manpages
|
||||
|
||||
diff --git a/docs/man/man1/grafana-cli.1 b/docs/man/man1/grafana-cli.1
|
||||
new file mode 100644
|
||||
index 0000000000..39c0d5cee0
|
||||
index 00000000000..f22507c4ebf
|
||||
--- /dev/null
|
||||
+++ b/docs/man/man1/grafana-cli.1
|
||||
@@ -0,0 +1,63 @@
|
||||
+.TH GRAFANA "1" "September 2022" "Grafana cli version 9.0.9" "User Commands"
|
||||
@@ -0,0 +1,60 @@
|
||||
+.TH GRAFANA "1" "March 2026" "Grafana cli version 12.4.2" "User Commands"
|
||||
+.SH NAME
|
||||
+grafana-cli \- command line administration for the Grafana metrics dashboard and graph editor
|
||||
+.SH DESCRIPTION
|
||||
@ -28,18 +28,15 @@ index 0000000000..39c0d5cee0
|
||||
+admin
|
||||
+Grafana admin commands
|
||||
+.TP
|
||||
+cue
|
||||
+Cue validation commands
|
||||
+.TP
|
||||
+help, h
|
||||
+Shows a list of commands or help for one command
|
||||
+.SS "GLOBAL OPTIONS:"
|
||||
+.TP
|
||||
+\fB\-\-pluginsDir\fR value
|
||||
+path to the grafana plugin directory (default: "/var/lib/grafana/plugins") [$GF_PLUGIN_DIR]
|
||||
+Path to the Grafana plugin directory (default: "/var/lib/grafana/plugins") [$GF_PLUGIN_DIR]
|
||||
+.TP
|
||||
+\fB\-\-repo\fR value
|
||||
+url to the plugin repository (default: "https://grafana.com/api/plugins") [$GF_PLUGIN_REPO]
|
||||
+URL to the plugin repository (default: "https://grafana.com/api/plugins") [$GF_PLUGIN_REPO]
|
||||
+.TP
|
||||
+\fB\-\-pluginUrl\fR value
|
||||
+Full url to the plugin zip file instead of downloading the plugin from grafana.com/api [$GF_PLUGIN_URL]
|
||||
@ -75,11 +72,11 @@ index 0000000000..39c0d5cee0
|
||||
+.BR http://docs.grafana.org/ .
|
||||
diff --git a/docs/man/man1/grafana-server.1 b/docs/man/man1/grafana-server.1
|
||||
new file mode 100644
|
||||
index 0000000000..683a2369cc
|
||||
index 00000000000..1b10799c934
|
||||
--- /dev/null
|
||||
+++ b/docs/man/man1/grafana-server.1
|
||||
@@ -0,0 +1,80 @@
|
||||
+.TH VERSION "1" "September 2022" "Version 9.0.9" "User Commands"
|
||||
@@ -0,0 +1,103 @@
|
||||
+.TH VERSION "1" "March 2026" "Version 12.4.2" "User Commands"
|
||||
+.SH NAME
|
||||
+grafana-server \- back-end server for the Grafana metrics dashboard and graph editor
|
||||
+.SH DESCRIPTION
|
||||
@ -101,6 +98,13 @@ index 0000000000..683a2369cc
|
||||
+.B systemctl start grafana-server.service
|
||||
+.in
|
||||
+.P
|
||||
+.SH COMMANDS
|
||||
+.TP
|
||||
+target
|
||||
+Target specific grafana services
|
||||
+.TP
|
||||
+help, h
|
||||
+Shows a list of commands or help for one command
|
||||
+.SH OPTIONS
|
||||
+The
|
||||
+.B grafana-server
|
||||
@ -111,51 +115,102 @@ index 0000000000..683a2369cc
|
||||
+the same (or similar) name in the configuration file.
|
||||
+.P
|
||||
+.HP
|
||||
+\fB\-config\fR string
|
||||
+\fB\-\-config\fR value
|
||||
+.IP
|
||||
+path to config file
|
||||
+Path to config file
|
||||
+.HP
|
||||
+\fB\-homepath\fR string
|
||||
+\fB\-\-homepath\fR value
|
||||
+.IP
|
||||
+path to grafana install/home path, defaults to working directory
|
||||
+Path to Grafana install/home path, defaults to working directory
|
||||
+.HP
|
||||
+\fB\-packaging\fR string
|
||||
+\fB\-\-pidfile\fR value
|
||||
+.IP
|
||||
+describes the way Grafana was installed (default "unknown")
|
||||
+Path to Grafana pid file
|
||||
+.HP
|
||||
+\fB\-pidfile\fR string
|
||||
+\fB\-\-packaging\fR value
|
||||
+.IP
|
||||
+path to pid file
|
||||
+describes the way Grafana was installed (default: "unknown")
|
||||
+.HP
|
||||
+\fB\-profile\fR
|
||||
+\fB\-\-configOverrides\fR value
|
||||
+.IP
|
||||
+Configuration options to override defaults as a string. e.g. cfg:default.paths.log=/dev/null
|
||||
+.HP
|
||||
+\fB\-\-version\fR, \fB\-v\fR
|
||||
+.IP
|
||||
+print the version
|
||||
+.HP
|
||||
+\fB\-\-vv\fR
|
||||
+.IP
|
||||
+prints current version, all dependencies and exits
|
||||
+.HP
|
||||
+\fB\-\-profile\fR
|
||||
+.IP
|
||||
+Turn on pprof profiling
|
||||
+.HP
|
||||
+\fB\-profile\-addr\fR string
|
||||
+\fB\-\-profile\-addr\fR value
|
||||
+.IP
|
||||
+Define custom address for profiling (default "localhost")
|
||||
+Define custom address for profiling (default: "localhost")
|
||||
+.HP
|
||||
+\fB\-profile\-port\fR uint
|
||||
+\fB\-\-profile\-port\fR value
|
||||
+.IP
|
||||
+Define custom port for profiling (default 6060)
|
||||
+Define custom port for profiling (default: 6060)
|
||||
+.HP
|
||||
+\fB\-tracing\fR
|
||||
+\fB\-\-profile\-block\-rate\fR value
|
||||
+.IP
|
||||
+Controls the fraction of goroutine blocking events that are reported in the blocking profile. The profiler aims to sample an average of one blocking event per rate nanoseconds spent blocked. To turn off profiling entirely, use 0 (default: 1)
|
||||
+.HP
|
||||
+\fB\-\-profile\-mutex\-rate\fR value
|
||||
+.IP
|
||||
+Controls the fraction of mutex contention events that are reported in the mutex profile. On average 1/rate events are reported. To turn off mutex profiling entirely, use 0 (default: 0)
|
||||
+.HP
|
||||
+\fB\-\-tracing\fR
|
||||
+.IP
|
||||
+Turn on tracing
|
||||
+.HP
|
||||
+\fB\-tracing\-file\fR string
|
||||
+\fB\-\-tracing\-file\fR value
|
||||
+.IP
|
||||
+Define tracing output file (default "trace.out")
|
||||
+.TP
|
||||
+\fB\-v\fR
|
||||
+Define tracing output file (default: "trace.out")
|
||||
+.HP
|
||||
+\fB\-\-help\fR, \fB\-h\fR
|
||||
+.IP
|
||||
+prints current version and exits
|
||||
+.TP
|
||||
+\fB\-vv\fR
|
||||
+.IP
|
||||
+prints current version, all dependencies and exits
|
||||
+show help
|
||||
+.SH "SEE ALSO"
|
||||
+The full documentation for
|
||||
+.B Grafana
|
||||
+is available on-line at
|
||||
+.BR http://docs.grafana.org/ .
|
||||
diff --git a/docs/man/man1/grafana.1 b/docs/man/man1/grafana.1
|
||||
new file mode 100644
|
||||
index 00000000000..bd4c24e8662
|
||||
--- /dev/null
|
||||
+++ b/docs/man/man1/grafana.1
|
||||
@@ -0,0 +1,29 @@
|
||||
+.TH GRAFANA "1" "March 2026" "Grafana version 12.4.2" "User Commands"
|
||||
+.SH NAME
|
||||
+grafana \- metrics dashboard and graph editor
|
||||
+.SH DESCRIPTION
|
||||
+.B grafana
|
||||
+is the main entry point for the Grafana metrics dashboard and graph editor.
|
||||
+It provides subcommands to start the Grafana server and manage plugins.
|
||||
+.SH COMMANDS
|
||||
+.TP
|
||||
+server
|
||||
+Start the Grafana back-end server. See
|
||||
+.BR grafana-server (1)
|
||||
+for details.
|
||||
+.TP
|
||||
+cli
|
||||
+Command line administration for Grafana. See
|
||||
+.BR grafana-cli (1)
|
||||
+for details.
|
||||
+.TP
|
||||
+help, h
|
||||
+Shows a list of commands or help for one command.
|
||||
+.SH "SEE ALSO"
|
||||
+.BR grafana-server (1),
|
||||
+.BR grafana-cli (1).
|
||||
+.P
|
||||
+The full documentation for
|
||||
+.B Grafana
|
||||
+is available on-line at
|
||||
+.BR http://docs.grafana.org/ .
|
||||
|
||||
@ -1,14 +1,14 @@
|
||||
From 026c4f235fd3bfc741304a5e12e13bd1c7b85eac Mon Sep 17 00:00:00 2001
|
||||
From edebb6f199881f9769c579645ddfeb0733dc4509 Mon Sep 17 00:00:00 2001
|
||||
From: Andreas Gerstmayr <agerstmayr@redhat.com>
|
||||
Date: Wed, 22 Jun 2022 17:05:48 +0200
|
||||
Subject: [PATCH] update default configuration
|
||||
|
||||
|
||||
diff --git a/conf/defaults.ini b/conf/defaults.ini
|
||||
index 9f7cf4a90b..e1e5468bfa 100644
|
||||
index d5acfefd5d7..3dac6bd49af 100644
|
||||
--- a/conf/defaults.ini
|
||||
+++ b/conf/defaults.ini
|
||||
@@ -240,7 +240,7 @@ user_agent =
|
||||
@@ -295,7 +295,7 @@ user_agent =
|
||||
# No ip addresses are being tracked, only simple counters to track
|
||||
# running instances, dashboard and error counts. It is very helpful to us.
|
||||
# Change this option to false to disable reporting.
|
||||
@ -17,7 +17,7 @@ index 9f7cf4a90b..e1e5468bfa 100644
|
||||
|
||||
# The name of the distributor of the Grafana instance. Ex hosted-grafana, grafana-labs
|
||||
reporting_distributor = grafana-labs
|
||||
@@ -249,8 +249,8 @@ reporting_distributor = grafana-labs
|
||||
@@ -304,8 +304,8 @@ reporting_distributor = grafana-labs
|
||||
# for new versions of grafana. The check is used
|
||||
# in some UI views to notify that a grafana update exists.
|
||||
# This option does not cause any auto updates, nor send any information
|
||||
@ -29,10 +29,10 @@ index 9f7cf4a90b..e1e5468bfa 100644
|
||||
# Set to false to disable all checks to https://grafana.com
|
||||
# for new versions of plugins. The check is used
|
||||
diff --git a/conf/sample.ini b/conf/sample.ini
|
||||
index 916de769f9..2f270d4940 100644
|
||||
index 604507b1e84..0cc0968c962 100644
|
||||
--- a/conf/sample.ini
|
||||
+++ b/conf/sample.ini
|
||||
@@ -247,7 +247,7 @@
|
||||
@@ -282,7 +282,7 @@
|
||||
# No ip addresses are being tracked, only simple counters to track
|
||||
# running instances, dashboard and error counts. It is very helpful to us.
|
||||
# Change this option to false to disable reporting.
|
||||
@ -41,7 +41,7 @@ index 916de769f9..2f270d4940 100644
|
||||
|
||||
# The name of the distributor of the Grafana instance. Ex hosted-grafana, grafana-labs
|
||||
;reporting_distributor = grafana-labs
|
||||
@@ -256,8 +256,8 @@
|
||||
@@ -291,8 +291,8 @@
|
||||
# for new versions of grafana. The check is used
|
||||
# in some UI views to notify that a grafana update exists.
|
||||
# This option does not cause any auto updates, nor send any information
|
||||
@ -52,7 +52,7 @@ index 916de769f9..2f270d4940 100644
|
||||
|
||||
# Set to false to disable all checks to https://grafana.com
|
||||
# for new versions of plugins. The check is used
|
||||
@@ -427,7 +427,7 @@
|
||||
@@ -490,7 +490,7 @@
|
||||
|
||||
# Minimum dashboard refresh interval. When set, this will restrict users to set the refresh interval of a dashboard lower than given interval. Per default this is 5 seconds.
|
||||
# The interval string is a possibly signed sequence of decimal numbers, followed by a unit suffix (ms, s, m, h, d), e.g. 30s or 1m.
|
||||
@ -61,7 +61,7 @@ index 916de769f9..2f270d4940 100644
|
||||
|
||||
# Path to the default home dashboard. If this value is empty, then Grafana uses StaticRootPath + "dashboards/home.json"
|
||||
;default_home_dashboard_path =
|
||||
@@ -1411,7 +1411,7 @@
|
||||
@@ -1870,7 +1870,7 @@ default_datasource_uid =
|
||||
;enable_alpha = false
|
||||
;app_tls_skip_verify_insecure = false
|
||||
# Enter a comma-separated list of plugin identifiers to identify plugins to load even if they are unsigned. Plugins with modified signatures are never loaded.
|
||||
|
||||
@ -1,62 +0,0 @@
|
||||
From 076177ff583b8e6d92948e0a4ddde0e8992d09a3 Mon Sep 17 00:00:00 2001
|
||||
From: Andreas Gerstmayr <agerstmayr@redhat.com>
|
||||
Date: Wed, 22 Jun 2022 17:18:56 +0200
|
||||
Subject: [PATCH] remove unused backend dependencies
|
||||
|
||||
saml and gofpdf are not used in the OSS edition of Grafana
|
||||
after editing `pkg/extensions/main.go`, run `go mod tidy`
|
||||
|
||||
diff --git a/go.mod b/go.mod
|
||||
index fcbc09da5e..82fdf39842 100644
|
||||
--- a/go.mod
|
||||
+++ b/go.mod
|
||||
@@ -45,7 +45,6 @@ require (
|
||||
github.com/blang/semver/v4 v4.0.0 // @grafana/grafana-release-guild
|
||||
github.com/bradfitz/gomemcache v0.0.0-20190913173617-a41fca850d0b // @grafana/backend-platform
|
||||
github.com/centrifugal/centrifuge v0.30.2 // @grafana/grafana-app-platform-squad
|
||||
- github.com/crewjam/saml v0.4.13 // @grafana/grafana-authnz-team
|
||||
github.com/fatih/color v1.15.0 // @grafana/backend-platform
|
||||
github.com/gchaincl/sqlhooks v1.3.0 // @grafana/backend-platform
|
||||
github.com/go-ldap/ldap/v3 v3.4.4 // @grafana/grafana-authnz-team
|
||||
@@ -187,7 +186,6 @@ require (
|
||||
github.com/josharian/intern v1.0.0 // indirect
|
||||
github.com/jpillora/backoff v1.0.0 // indirect
|
||||
github.com/mailru/easyjson v0.7.7 // indirect
|
||||
- github.com/mattermost/xml-roundtrip-validator v0.1.0 // indirect
|
||||
github.com/mattetti/filebuffer v1.0.1 // indirect
|
||||
github.com/mattn/go-runewidth v0.0.13 // indirect
|
||||
github.com/miekg/dns v1.1.51 // indirect
|
||||
diff --git a/go.sum b/go.sum
|
||||
index d05dfb55fd..b160387abe 100644
|
||||
--- a/go.sum
|
||||
+++ b/go.sum
|
||||
@@ -1826,8 +1826,6 @@ github.com/grafana/pyroscope/api v0.3.0/go.mod h1:JggA80ToAAUACYGfwL49XoFk5aN5ec
|
||||
github.com/grafana/regexp v0.0.0-20221122212121-6b5c0a4cb7fd/go.mod h1:M5qHK+eWfAv8VR/265dIuEpL3fNfeC21tXXp9itM24A=
|
||||
github.com/grafana/regexp v0.0.0-20221123153739-15dc172cd2db h1:7aN5cccjIqCLTzedH7MZzRZt5/lsAHch6Z3L2ZGn5FA=
|
||||
github.com/grafana/regexp v0.0.0-20221123153739-15dc172cd2db/go.mod h1:M5qHK+eWfAv8VR/265dIuEpL3fNfeC21tXXp9itM24A=
|
||||
-github.com/grafana/saml v0.4.15-0.20231025143828-a6c0e9b86a4c h1:1pHLC1ZTz7N5QI3jzCs5sqmVvAKe+JwGnpp9lQ+iUjY=
|
||||
-github.com/grafana/saml v0.4.15-0.20231025143828-a6c0e9b86a4c/go.mod h1:S4+611dxnKt8z/ulbvaJzcgSHsuhjVc1QHNTcr1R7Fw=
|
||||
github.com/grafana/sqlds/v2 v2.3.10 h1:HWKhE0vR6LoEiE+Is8CSZOgaB//D1yqb2ntkass9Fd4=
|
||||
github.com/grafana/sqlds/v2 v2.3.10/go.mod h1:c6ibxnxRVGxV/0YkEgvy7QpQH/lyifFyV7K/14xvdIs=
|
||||
github.com/grafana/tempo v1.5.1-0.20230524121406-1dc1bfe7085b h1:mDlkqgTEJuK7vjPG44f3ZMtId5AAYLWHvBVbiGqIOOQ=
|
||||
@@ -2222,8 +2220,6 @@ github.com/markbates/sigtx v1.0.0/go.mod h1:QF1Hv6Ic6Ca6W+T+DL0Y/ypborFKyvUY9Hmu
|
||||
github.com/markbates/willie v1.0.9/go.mod h1:fsrFVWl91+gXpx/6dv715j7i11fYPfZ9ZGfH0DQzY7w=
|
||||
github.com/matryer/is v1.4.0 h1:sosSmIWwkYITGrxZ25ULNDeKiMNzFSr4V/eqBQP0PeE=
|
||||
github.com/matryer/is v1.4.0/go.mod h1:8I/i5uYgLzgsgEloJE1U6xx5HkBQpAZvepWuujKwMRU=
|
||||
-github.com/mattermost/xml-roundtrip-validator v0.1.0 h1:RXbVD2UAl7A7nOTR4u7E3ILa4IbtvKBHw64LDsmu9hU=
|
||||
-github.com/mattermost/xml-roundtrip-validator v0.1.0/go.mod h1:qccnGMcpgwcNaBnxqpJpWWUiPNr5H3O8eDgGV9gT5To=
|
||||
github.com/mattetti/filebuffer v1.0.1 h1:gG7pyfnSIZCxdoKq+cPa8T0hhYtD9NxCdI4D7PTjRLM=
|
||||
github.com/mattetti/filebuffer v1.0.1/go.mod h1:YdMURNDOttIiruleeVr6f56OrMc+MydEnTcXwtkxNVs=
|
||||
github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU=
|
||||
diff --git a/pkg/extensions/main.go b/pkg/extensions/main.go
|
||||
index 327e208221..426aad2a21 100644
|
||||
--- a/pkg/extensions/main.go
|
||||
+++ b/pkg/extensions/main.go
|
||||
@@ -11,7 +11,6 @@ import (
|
||||
_ "github.com/beevik/etree"
|
||||
_ "github.com/blugelabs/bluge"
|
||||
_ "github.com/blugelabs/bluge_segment_api"
|
||||
- _ "github.com/crewjam/saml"
|
||||
_ "github.com/go-jose/go-jose/v3"
|
||||
_ "github.com/gobwas/glob"
|
||||
_ "github.com/googleapis/gax-go/v2"
|
||||
282
0004-remove-unused-frontend-crypto.patch
Normal file
282
0004-remove-unused-frontend-crypto.patch
Normal file
@ -0,0 +1,282 @@
|
||||
From 17d7edbdd13fa561a60a8e855caca35f0abc0d82 Mon Sep 17 00:00:00 2001
|
||||
From: Andreas Gerstmayr <agerstmayr@redhat.com>
|
||||
Date: Wed, 22 Jun 2022 17:36:47 +0200
|
||||
Subject: [PATCH] remove unused frontend crypto
|
||||
|
||||
update `package.json` and then run `yarn install` to update the
|
||||
`yarn.lock` lockfile
|
||||
|
||||
diff --git a/package.json b/package.json
|
||||
index 206ff23e4a2..88ddcd2f18f 100644
|
||||
--- a/package.json
|
||||
+++ b/package.json
|
||||
@@ -447,6 +447,7 @@
|
||||
"semver@npm:~7.3.5": "^7.3.5",
|
||||
"debug@npm:^0.7.2": "2.6.9",
|
||||
"debug@npm:^0.7.4": "2.6.9",
|
||||
+ "http-signature": "https://registry.yarnpkg.com/@favware/skip-dependency/-/skip-dependency-1.1.3.tgz",
|
||||
"slate-dev-environment@^0.2.2": "patch:slate-dev-environment@npm:0.2.5#.yarn/patches/slate-dev-environment-npm-0.2.5-9aeb7da7b5.patch",
|
||||
"react-split-pane@0.1.92": "patch:react-split-pane@npm:0.1.92#.yarn/patches/react-split-pane-npm-0.1.92-93dbf51dff.patch",
|
||||
"history@4.10.1": "patch:history@npm%3A4.10.1#./.yarn/patches/history-npm-4.10.1-ee217563ae.patch",
|
||||
diff --git a/yarn.lock b/yarn.lock
|
||||
index 1347dad105c..6c5506b85ed 100644
|
||||
--- a/yarn.lock
|
||||
+++ b/yarn.lock
|
||||
@@ -13482,22 +13482,6 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
-"asn1@npm:~0.2.3":
|
||||
- version: 0.2.6
|
||||
- resolution: "asn1@npm:0.2.6"
|
||||
- dependencies:
|
||||
- safer-buffer: "npm:~2.1.0"
|
||||
- checksum: 10/cf629291fee6c1a6f530549939433ebf32200d7849f38b810ff26ee74235e845c0c12b2ed0f1607ac17383d19b219b69cefa009b920dab57924c5c544e495078
|
||||
- languageName: node
|
||||
- linkType: hard
|
||||
-
|
||||
-"assert-plus@npm:1.0.0, assert-plus@npm:^1.0.0":
|
||||
- version: 1.0.0
|
||||
- resolution: "assert-plus@npm:1.0.0"
|
||||
- checksum: 10/f4f991ae2df849cc678b1afba52d512a7cbf0d09613ba111e72255409ff9158550c775162a47b12d015d1b82b3c273e8e25df0e4783d3ddb008a293486d00a07
|
||||
- languageName: node
|
||||
- linkType: hard
|
||||
-
|
||||
"assert@npm:2.0.0":
|
||||
version: 2.0.0
|
||||
resolution: "assert@npm:2.0.0"
|
||||
@@ -13977,15 +13961,6 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
-"bcrypt-pbkdf@npm:^1.0.0":
|
||||
- version: 1.0.2
|
||||
- resolution: "bcrypt-pbkdf@npm:1.0.2"
|
||||
- dependencies:
|
||||
- tweetnacl: "npm:^0.14.3"
|
||||
- checksum: 10/13a4cde058250dbf1fa77a4f1b9a07d32ae2e3b9e28e88a0c7a1827835bc3482f3e478c4a0cfd4da6ff0c46dae07da1061123a995372b32cc563d9975f975404
|
||||
- languageName: node
|
||||
- linkType: hard
|
||||
-
|
||||
"before-after-hook@npm:^2.2.0":
|
||||
version: 2.2.3
|
||||
resolution: "before-after-hook@npm:2.2.3"
|
||||
@@ -15716,13 +15691,6 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
-"core-util-is@npm:1.0.2":
|
||||
- version: 1.0.2
|
||||
- resolution: "core-util-is@npm:1.0.2"
|
||||
- checksum: 10/d0f7587346b44a1fe6c269267e037dd34b4787191e473c3e685f507229d88561c40eb18872fabfff02977301815d474300b7bfbd15396c13c5377393f7e87ec3
|
||||
- languageName: node
|
||||
- linkType: hard
|
||||
-
|
||||
"core-util-is@npm:~1.0.0":
|
||||
version: 1.0.3
|
||||
resolution: "core-util-is@npm:1.0.3"
|
||||
@@ -16682,15 +16650,6 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
-"dashdash@npm:^1.12.0":
|
||||
- version: 1.14.1
|
||||
- resolution: "dashdash@npm:1.14.1"
|
||||
- dependencies:
|
||||
- assert-plus: "npm:^1.0.0"
|
||||
- checksum: 10/137b287fa021201ce100cef772c8eeeaaafdd2aa7282864022acf3b873021e54cb809e9c060fa164840bf54ff72d00d6e2d8da1ee5a86d7200eeefa1123a8f7f
|
||||
- languageName: node
|
||||
- linkType: hard
|
||||
-
|
||||
"data-uri-to-buffer@npm:^6.0.2":
|
||||
version: 6.0.2
|
||||
resolution: "data-uri-to-buffer@npm:6.0.2"
|
||||
@@ -17570,16 +17529,6 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
-"ecc-jsbn@npm:~0.1.1":
|
||||
- version: 0.1.2
|
||||
- resolution: "ecc-jsbn@npm:0.1.2"
|
||||
- dependencies:
|
||||
- jsbn: "npm:~0.1.0"
|
||||
- safer-buffer: "npm:^2.1.0"
|
||||
- checksum: 10/d43591f2396196266e186e6d6928038cc11c76c3699a912cb9c13757060f7bbc7f17f47c4cb16168cdeacffc7965aef021142577e646fb3cb88810c15173eb57
|
||||
- languageName: node
|
||||
- linkType: hard
|
||||
-
|
||||
"ee-first@npm:1.1.1":
|
||||
version: 1.1.1
|
||||
resolution: "ee-first@npm:1.1.1"
|
||||
@@ -19128,20 +19077,6 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
-"extsprintf@npm:1.3.0":
|
||||
- version: 1.3.0
|
||||
- resolution: "extsprintf@npm:1.3.0"
|
||||
- checksum: 10/26967d6c7ecbfb5bc5b7a6c43503dc5fafd9454802037e9fa1665e41f615da4ff5918bd6cb871a3beabed01a31eca1ccd0bdfb41231f50ad50d405a430f78377
|
||||
- languageName: node
|
||||
- linkType: hard
|
||||
-
|
||||
-"extsprintf@npm:^1.2.0":
|
||||
- version: 1.4.1
|
||||
- resolution: "extsprintf@npm:1.4.1"
|
||||
- checksum: 10/bfd6d55f3c0c04d826fe0213264b383c03f32825af6b1ff777f3f2dc49467e599361993568d75b7b19a8ea1bb08c8e7cd8c3d87d179ced91bb0dcf81ca6938e0
|
||||
- languageName: node
|
||||
- linkType: hard
|
||||
-
|
||||
"fast-deep-equal@npm:^3.1.1, fast-deep-equal@npm:^3.1.3":
|
||||
version: 3.1.3
|
||||
resolution: "fast-deep-equal@npm:3.1.3"
|
||||
@@ -20281,15 +20216,6 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
-"getpass@npm:^0.1.1":
|
||||
- version: 0.1.7
|
||||
- resolution: "getpass@npm:0.1.7"
|
||||
- dependencies:
|
||||
- assert-plus: "npm:^1.0.0"
|
||||
- checksum: 10/ab18d55661db264e3eac6012c2d3daeafaab7a501c035ae0ccb193c3c23e9849c6e29b6ac762b9c2adae460266f925d55a3a2a3a3c8b94be2f222df94d70c046
|
||||
- languageName: node
|
||||
- linkType: hard
|
||||
-
|
||||
"gifwrap@npm:^0.10.1":
|
||||
version: 0.10.1
|
||||
resolution: "gifwrap@npm:0.10.1"
|
||||
@@ -21711,14 +21637,10 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
-"http-signature@npm:~1.4.0":
|
||||
- version: 1.4.0
|
||||
- resolution: "http-signature@npm:1.4.0"
|
||||
- dependencies:
|
||||
- assert-plus: "npm:^1.0.0"
|
||||
- jsprim: "npm:^2.0.2"
|
||||
- sshpk: "npm:^1.18.0"
|
||||
- checksum: 10/f9f5eed4ac5db5e1ec6d00652680c7d8b76d553560017e34505c0c22c37abb2e6d22b9268ed4a8542aa9746852a2d64850531091e443393c9c8e0f4fd4174455
|
||||
+"http-signature@https://registry.yarnpkg.com/@favware/skip-dependency/-/skip-dependency-1.1.3.tgz":
|
||||
+ version: 1.1.3
|
||||
+ resolution: "http-signature@https://registry.yarnpkg.com/@favware/skip-dependency/-/skip-dependency-1.1.3.tgz"
|
||||
+ checksum: 10/78b64605540e2d25bede2d74ec9e7740ab9a466c9a562ae3a8ccc7e07e26e601a013859c94adf890679403cd337b9690f598d64bc4fbc1d2eaa2f27241ca08a1
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
@@ -24050,13 +23972,6 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
-"jsbn@npm:~0.1.0":
|
||||
- version: 0.1.1
|
||||
- resolution: "jsbn@npm:0.1.1"
|
||||
- checksum: 10/5450133242845100e694f0ef9175f44c012691a9b770b2571e677314e6f70600abb10777cdfc9a0c6a9f2ac6d134577403633de73e2fcd0f97875a67744e2d14
|
||||
- languageName: node
|
||||
- linkType: hard
|
||||
-
|
||||
"jsdoc-type-pratt-parser@npm:^4.0.0, jsdoc-type-pratt-parser@npm:~4.1.0":
|
||||
version: 4.1.0
|
||||
resolution: "jsdoc-type-pratt-parser@npm:4.1.0"
|
||||
@@ -24209,13 +24124,6 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
-"json-schema@npm:0.4.0":
|
||||
- version: 0.4.0
|
||||
- resolution: "json-schema@npm:0.4.0"
|
||||
- checksum: 10/8b3b64eff4a807dc2a3045b104ed1b9335cd8d57aa74c58718f07f0f48b8baa3293b00af4dcfbdc9144c3aafea1e97982cc27cc8e150fc5d93c540649507a458
|
||||
- languageName: node
|
||||
- linkType: hard
|
||||
-
|
||||
"json-source-map@npm:0.6.1":
|
||||
version: 0.6.1
|
||||
resolution: "json-source-map@npm:0.6.1"
|
||||
@@ -24335,18 +24243,6 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
-"jsprim@npm:^2.0.2":
|
||||
- version: 2.0.2
|
||||
- resolution: "jsprim@npm:2.0.2"
|
||||
- dependencies:
|
||||
- assert-plus: "npm:1.0.0"
|
||||
- extsprintf: "npm:1.3.0"
|
||||
- json-schema: "npm:0.4.0"
|
||||
- verror: "npm:1.10.0"
|
||||
- checksum: 10/fcfca5b55f83e1b8be5f932c71754bd37afd2611f81685abd05689e8ce718a91155ff7bd5b94c65ce483a787b5c43c6d0c18c1d2259fca5bb61a3f8ea2e29c0a
|
||||
- languageName: node
|
||||
- linkType: hard
|
||||
-
|
||||
"jsurl@npm:^0.1.5":
|
||||
version: 0.1.5
|
||||
resolution: "jsurl@npm:0.1.5"
|
||||
@@ -31842,7 +31738,7 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
-"safer-buffer@npm:>= 2.1.2 < 3, safer-buffer@npm:>= 2.1.2 < 3.0.0, safer-buffer@npm:^2.0.2, safer-buffer@npm:^2.1.0, safer-buffer@npm:~2.1.0":
|
||||
+"safer-buffer@npm:>= 2.1.2 < 3, safer-buffer@npm:>= 2.1.2 < 3.0.0":
|
||||
version: 2.1.2
|
||||
resolution: "safer-buffer@npm:2.1.2"
|
||||
checksum: 10/7eaf7a0cf37cc27b42fb3ef6a9b1df6e93a1c6d98c6c6702b02fe262d5fcbd89db63320793b99b21cb5348097d0a53de81bd5f4e8b86e20cc9412e3f1cfb4e83
|
||||
@@ -32899,27 +32795,6 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
-"sshpk@npm:^1.18.0":
|
||||
- version: 1.18.0
|
||||
- resolution: "sshpk@npm:1.18.0"
|
||||
- dependencies:
|
||||
- asn1: "npm:~0.2.3"
|
||||
- assert-plus: "npm:^1.0.0"
|
||||
- bcrypt-pbkdf: "npm:^1.0.0"
|
||||
- dashdash: "npm:^1.12.0"
|
||||
- ecc-jsbn: "npm:~0.1.1"
|
||||
- getpass: "npm:^0.1.1"
|
||||
- jsbn: "npm:~0.1.0"
|
||||
- safer-buffer: "npm:^2.0.2"
|
||||
- tweetnacl: "npm:~0.14.0"
|
||||
- bin:
|
||||
- sshpk-conv: bin/sshpk-conv
|
||||
- sshpk-sign: bin/sshpk-sign
|
||||
- sshpk-verify: bin/sshpk-verify
|
||||
- checksum: 10/858339d43e3c6b6a848772a66f69442ce74f1a37655d9f35ba9d1f85329499ff0000af9f8ab83dbb39ad24c0c370edabe0be1e39863f70c6cded9924b8458c34
|
||||
- languageName: node
|
||||
- linkType: hard
|
||||
-
|
||||
"ssri@npm:12.0.0, ssri@npm:^12.0.0":
|
||||
version: 12.0.0
|
||||
resolution: "ssri@npm:12.0.0"
|
||||
@@ -34683,13 +34558,6 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
-"tweetnacl@npm:^0.14.3, tweetnacl@npm:~0.14.0":
|
||||
- version: 0.14.5
|
||||
- resolution: "tweetnacl@npm:0.14.5"
|
||||
- checksum: 10/04ee27901cde46c1c0a64b9584e04c96c5fe45b38c0d74930710751ea991408b405747d01dfae72f80fc158137018aea94f9c38c651cb9c318f0861a310c3679
|
||||
- languageName: node
|
||||
- linkType: hard
|
||||
-
|
||||
"type-check@npm:^0.4.0, type-check@npm:~0.4.0":
|
||||
version: 0.4.0
|
||||
resolution: "type-check@npm:0.4.0"
|
||||
@@ -35528,17 +35396,6 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
-"verror@npm:1.10.0":
|
||||
- version: 1.10.0
|
||||
- resolution: "verror@npm:1.10.0"
|
||||
- dependencies:
|
||||
- assert-plus: "npm:^1.0.0"
|
||||
- core-util-is: "npm:1.0.2"
|
||||
- extsprintf: "npm:^1.2.0"
|
||||
- checksum: 10/da548149dd9c130a8a2587c9ee71ea30128d1526925707e2d01ed9c5c45c9e9f86733c66a328247cdd5f7c1516fb25b0f959ba754bfbe15072aa99ff96468a29
|
||||
- languageName: node
|
||||
- linkType: hard
|
||||
-
|
||||
"vinyl-contents@npm:^2.0.0":
|
||||
version: 2.0.0
|
||||
resolution: "vinyl-contents@npm:2.0.0"
|
||||
@ -1,333 +0,0 @@
|
||||
From ddd615152004e0bc5985a574c05d31778351dfa3 Mon Sep 17 00:00:00 2001
|
||||
From: Andreas Gerstmayr <agerstmayr@redhat.com>
|
||||
Date: Wed, 22 Jun 2022 17:36:47 +0200
|
||||
Subject: [PATCH] remove unused frontend crypto
|
||||
|
||||
update `package.json` and then run `yarn install` to update the
|
||||
`yarn.lock` lockfile
|
||||
|
||||
diff --git a/package.json b/package.json
|
||||
index 38deb6d7de..aad5e88bf0 100644
|
||||
--- a/package.json
|
||||
+++ b/package.json
|
||||
@@ -425,6 +425,9 @@
|
||||
"resolutions": {
|
||||
"underscore": "1.13.6",
|
||||
"@types/slate": "0.47.11",
|
||||
+ "crypto-browserify": "https://registry.yarnpkg.com/@favware/skip-dependency/-/skip-dependency-1.1.3.tgz",
|
||||
+ "selfsigned": "https://registry.yarnpkg.com/@favware/skip-dependency/-/skip-dependency-1.1.3.tgz",
|
||||
+ "http-signature": "https://registry.yarnpkg.com/@favware/skip-dependency/-/skip-dependency-1.1.3.tgz",
|
||||
"ngtemplate-loader/loader-utils": "^2.0.0",
|
||||
"semver@~7.0.0": "7.5.4",
|
||||
"semver@7.3.4": "7.5.4",
|
||||
diff --git a/yarn.lock b/yarn.lock
|
||||
index bf22ba52a1..1552ddc052 100644
|
||||
--- a/yarn.lock
|
||||
+++ b/yarn.lock
|
||||
@@ -10935,22 +10935,6 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
-"asn1@npm:~0.2.3":
|
||||
- version: 0.2.6
|
||||
- resolution: "asn1@npm:0.2.6"
|
||||
- dependencies:
|
||||
- safer-buffer: "npm:~2.1.0"
|
||||
- checksum: cf629291fee6c1a6f530549939433ebf32200d7849f38b810ff26ee74235e845c0c12b2ed0f1607ac17383d19b219b69cefa009b920dab57924c5c544e495078
|
||||
- languageName: node
|
||||
- linkType: hard
|
||||
-
|
||||
-"assert-plus@npm:1.0.0, assert-plus@npm:^1.0.0":
|
||||
- version: 1.0.0
|
||||
- resolution: "assert-plus@npm:1.0.0"
|
||||
- checksum: f4f991ae2df849cc678b1afba52d512a7cbf0d09613ba111e72255409ff9158550c775162a47b12d015d1b82b3c273e8e25df0e4783d3ddb008a293486d00a07
|
||||
- languageName: node
|
||||
- linkType: hard
|
||||
-
|
||||
"assert@npm:2.0.0, assert@npm:^2.0.0":
|
||||
version: 2.0.0
|
||||
resolution: "assert@npm:2.0.0"
|
||||
@@ -11427,15 +11411,6 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
-"bcrypt-pbkdf@npm:^1.0.0":
|
||||
- version: 1.0.2
|
||||
- resolution: "bcrypt-pbkdf@npm:1.0.2"
|
||||
- dependencies:
|
||||
- tweetnacl: "npm:^0.14.3"
|
||||
- checksum: 13a4cde058250dbf1fa77a4f1b9a07d32ae2e3b9e28e88a0c7a1827835bc3482f3e478c4a0cfd4da6ff0c46dae07da1061123a995372b32cc563d9975f975404
|
||||
- languageName: node
|
||||
- linkType: hard
|
||||
-
|
||||
"before-after-hook@npm:^2.2.0":
|
||||
version: 2.2.2
|
||||
resolution: "before-after-hook@npm:2.2.2"
|
||||
@@ -12929,13 +12904,6 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
-"core-util-is@npm:1.0.2":
|
||||
- version: 1.0.2
|
||||
- resolution: "core-util-is@npm:1.0.2"
|
||||
- checksum: d0f7587346b44a1fe6c269267e037dd34b4787191e473c3e685f507229d88561c40eb18872fabfff02977301815d474300b7bfbd15396c13c5377393f7e87ec3
|
||||
- languageName: node
|
||||
- linkType: hard
|
||||
-
|
||||
"core-util-is@npm:~1.0.0":
|
||||
version: 1.0.3
|
||||
resolution: "core-util-is@npm:1.0.3"
|
||||
@@ -13857,15 +13825,6 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
-"dashdash@npm:^1.12.0":
|
||||
- version: 1.14.1
|
||||
- resolution: "dashdash@npm:1.14.1"
|
||||
- dependencies:
|
||||
- assert-plus: "npm:^1.0.0"
|
||||
- checksum: 137b287fa021201ce100cef772c8eeeaaafdd2aa7282864022acf3b873021e54cb809e9c060fa164840bf54ff72d00d6e2d8da1ee5a86d7200eeefa1123a8f7f
|
||||
- languageName: node
|
||||
- linkType: hard
|
||||
-
|
||||
"data-urls@npm:^3.0.2":
|
||||
version: 3.0.2
|
||||
resolution: "data-urls@npm:3.0.2"
|
||||
@@ -14573,16 +14532,6 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
-"ecc-jsbn@npm:~0.1.1":
|
||||
- version: 0.1.2
|
||||
- resolution: "ecc-jsbn@npm:0.1.2"
|
||||
- dependencies:
|
||||
- jsbn: "npm:~0.1.0"
|
||||
- safer-buffer: "npm:^2.1.0"
|
||||
- checksum: d43591f2396196266e186e6d6928038cc11c76c3699a912cb9c13757060f7bbc7f17f47c4cb16168cdeacffc7965aef021142577e646fb3cb88810c15173eb57
|
||||
- languageName: node
|
||||
- linkType: hard
|
||||
-
|
||||
"ee-first@npm:1.1.1":
|
||||
version: 1.1.1
|
||||
resolution: "ee-first@npm:1.1.1"
|
||||
@@ -15991,20 +15940,6 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
-"extsprintf@npm:1.3.0":
|
||||
- version: 1.3.0
|
||||
- resolution: "extsprintf@npm:1.3.0"
|
||||
- checksum: 26967d6c7ecbfb5bc5b7a6c43503dc5fafd9454802037e9fa1665e41f615da4ff5918bd6cb871a3beabed01a31eca1ccd0bdfb41231f50ad50d405a430f78377
|
||||
- languageName: node
|
||||
- linkType: hard
|
||||
-
|
||||
-"extsprintf@npm:^1.2.0":
|
||||
- version: 1.4.1
|
||||
- resolution: "extsprintf@npm:1.4.1"
|
||||
- checksum: bfd6d55f3c0c04d826fe0213264b383c03f32825af6b1ff777f3f2dc49467e599361993568d75b7b19a8ea1bb08c8e7cd8c3d87d179ced91bb0dcf81ca6938e0
|
||||
- languageName: node
|
||||
- linkType: hard
|
||||
-
|
||||
"fast-deep-equal@npm:^3.1.1, fast-deep-equal@npm:^3.1.3":
|
||||
version: 3.1.3
|
||||
resolution: "fast-deep-equal@npm:3.1.3"
|
||||
@@ -16916,15 +16851,6 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
-"getpass@npm:^0.1.1":
|
||||
- version: 0.1.7
|
||||
- resolution: "getpass@npm:0.1.7"
|
||||
- dependencies:
|
||||
- assert-plus: "npm:^1.0.0"
|
||||
- checksum: ab18d55661db264e3eac6012c2d3daeafaab7a501c035ae0ccb193c3c23e9849c6e29b6ac762b9c2adae460266f925d55a3a2a3a3c8b94be2f222df94d70c046
|
||||
- languageName: node
|
||||
- linkType: hard
|
||||
-
|
||||
"giget@npm:^1.0.0":
|
||||
version: 1.1.2
|
||||
resolution: "giget@npm:1.1.2"
|
||||
@@ -18263,25 +18189,10 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
-"http-signature@npm:~1.2.0":
|
||||
- version: 1.2.0
|
||||
- resolution: "http-signature@npm:1.2.0"
|
||||
- dependencies:
|
||||
- assert-plus: "npm:^1.0.0"
|
||||
- jsprim: "npm:^1.2.2"
|
||||
- sshpk: "npm:^1.7.0"
|
||||
- checksum: 2ff7112e6b0d8f08b382dfe705078c655501f2ddd76cf589d108445a9dd388a0a9be928c37108261519a7f53e6bbd1651048d74057b804807cce1ec49e87a95b
|
||||
- languageName: node
|
||||
- linkType: hard
|
||||
-
|
||||
-"http-signature@npm:~1.3.6":
|
||||
- version: 1.3.6
|
||||
- resolution: "http-signature@npm:1.3.6"
|
||||
- dependencies:
|
||||
- assert-plus: "npm:^1.0.0"
|
||||
- jsprim: "npm:^2.0.2"
|
||||
- sshpk: "npm:^1.14.1"
|
||||
- checksum: 5f08e0c82174999da97114facb0d0d47e268d60b6fc10f92cb87b99d5ccccd36f79b9508c29dda0b4f4e3a1b2f7bcaf847e68ecd5da2f1fc465fcd1d054b7884
|
||||
+"http-signature@https://registry.yarnpkg.com/@favware/skip-dependency/-/skip-dependency-1.1.3.tgz":
|
||||
+ version: 1.1.3
|
||||
+ resolution: "http-signature@https://registry.yarnpkg.com/@favware/skip-dependency/-/skip-dependency-1.1.3.tgz"
|
||||
+ checksum: 78b64605540e2d25bede2d74ec9e7740ab9a466c9a562ae3a8ccc7e07e26e601a013859c94adf890679403cd337b9690f598d64bc4fbc1d2eaa2f27241ca08a1
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
@@ -20609,13 +20520,6 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
-"jsbn@npm:~0.1.0":
|
||||
- version: 0.1.1
|
||||
- resolution: "jsbn@npm:0.1.1"
|
||||
- checksum: 5450133242845100e694f0ef9175f44c012691a9b770b2571e677314e6f70600abb10777cdfc9a0c6a9f2ac6d134577403633de73e2fcd0f97875a67744e2d14
|
||||
- languageName: node
|
||||
- linkType: hard
|
||||
-
|
||||
"jscodeshift@npm:^0.14.0":
|
||||
version: 0.14.0
|
||||
resolution: "jscodeshift@npm:0.14.0"
|
||||
@@ -20767,13 +20671,6 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
-"json-schema@npm:0.4.0":
|
||||
- version: 0.4.0
|
||||
- resolution: "json-schema@npm:0.4.0"
|
||||
- checksum: 8b3b64eff4a807dc2a3045b104ed1b9335cd8d57aa74c58718f07f0f48b8baa3293b00af4dcfbdc9144c3aafea1e97982cc27cc8e150fc5d93c540649507a458
|
||||
- languageName: node
|
||||
- linkType: hard
|
||||
-
|
||||
"json-source-map@npm:0.6.1":
|
||||
version: 0.6.1
|
||||
resolution: "json-source-map@npm:0.6.1"
|
||||
@@ -20886,30 +20783,6 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
-"jsprim@npm:^1.2.2":
|
||||
- version: 1.4.2
|
||||
- resolution: "jsprim@npm:1.4.2"
|
||||
- dependencies:
|
||||
- assert-plus: "npm:1.0.0"
|
||||
- extsprintf: "npm:1.3.0"
|
||||
- json-schema: "npm:0.4.0"
|
||||
- verror: "npm:1.10.0"
|
||||
- checksum: df2bf234eab1b5078d01bcbff3553d50a243f7b5c10a169745efeda6344d62798bd1d85bcca6a8446f3b5d0495e989db45f9de8dae219f0f9796e70e0c776089
|
||||
- languageName: node
|
||||
- linkType: hard
|
||||
-
|
||||
-"jsprim@npm:^2.0.2":
|
||||
- version: 2.0.2
|
||||
- resolution: "jsprim@npm:2.0.2"
|
||||
- dependencies:
|
||||
- assert-plus: "npm:1.0.0"
|
||||
- extsprintf: "npm:1.3.0"
|
||||
- json-schema: "npm:0.4.0"
|
||||
- verror: "npm:1.10.0"
|
||||
- checksum: fcfca5b55f83e1b8be5f932c71754bd37afd2611f81685abd05689e8ce718a91155ff7bd5b94c65ce483a787b5c43c6d0c18c1d2259fca5bb61a3f8ea2e29c0a
|
||||
- languageName: node
|
||||
- linkType: hard
|
||||
-
|
||||
"jsurl@npm:^0.1.5":
|
||||
version: 0.1.5
|
||||
resolution: "jsurl@npm:0.1.5"
|
||||
@@ -22734,7 +22607,7 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
-"node-forge@npm:^1, node-forge@npm:^1.3.1":
|
||||
+"node-forge@npm:^1.3.1":
|
||||
version: 1.3.1
|
||||
resolution: "node-forge@npm:1.3.1"
|
||||
checksum: 05bab6868633bf9ad4c3b1dd50ec501c22ffd69f556cdf169a00998ca1d03e8107a6032ba013852f202035372021b845603aeccd7dfcb58cdb7430013b3daa8d
|
||||
@@ -27151,7 +27024,7 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
-"safer-buffer@npm:>= 2.1.2 < 3, safer-buffer@npm:>= 2.1.2 < 3.0.0, safer-buffer@npm:^2.0.2, safer-buffer@npm:^2.1.0, safer-buffer@npm:~2.1.0":
|
||||
+"safer-buffer@npm:>= 2.1.2 < 3, safer-buffer@npm:>= 2.1.2 < 3.0.0":
|
||||
version: 2.1.2
|
||||
resolution: "safer-buffer@npm:2.1.2"
|
||||
checksum: 7eaf7a0cf37cc27b42fb3ef6a9b1df6e93a1c6d98c6c6702b02fe262d5fcbd89db63320793b99b21cb5348097d0a53de81bd5f4e8b86e20cc9412e3f1cfb4e83
|
||||
@@ -27282,12 +27155,10 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
-"selfsigned@npm:^2.1.1":
|
||||
- version: 2.1.1
|
||||
- resolution: "selfsigned@npm:2.1.1"
|
||||
- dependencies:
|
||||
- node-forge: "npm:^1"
|
||||
- checksum: 6005206e0d005448274aceceaded5195b944f67a42b72d212a6169d2e5f4bdc87c15a3fe45732c544db8c7175702091aaf95403ad6632585294a6ec8cca63638
|
||||
+"selfsigned@https://registry.yarnpkg.com/@favware/skip-dependency/-/skip-dependency-1.1.3.tgz":
|
||||
+ version: 1.1.3
|
||||
+ resolution: "selfsigned@https://registry.yarnpkg.com/@favware/skip-dependency/-/skip-dependency-1.1.3.tgz"
|
||||
+ checksum: 4988a0dbdf123fb808194a6198f5951e2df711de6fd967d72a8876baccaa23d5c260efb8f1dbfbc5bf1f852e81f897ad09267908977ab94862867ef971a3d48d
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
@@ -28053,27 +27924,6 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
-"sshpk@npm:^1.14.1, sshpk@npm:^1.7.0":
|
||||
- version: 1.17.0
|
||||
- resolution: "sshpk@npm:1.17.0"
|
||||
- dependencies:
|
||||
- asn1: "npm:~0.2.3"
|
||||
- assert-plus: "npm:^1.0.0"
|
||||
- bcrypt-pbkdf: "npm:^1.0.0"
|
||||
- dashdash: "npm:^1.12.0"
|
||||
- ecc-jsbn: "npm:~0.1.1"
|
||||
- getpass: "npm:^0.1.1"
|
||||
- jsbn: "npm:~0.1.0"
|
||||
- safer-buffer: "npm:^2.0.2"
|
||||
- tweetnacl: "npm:~0.14.0"
|
||||
- bin:
|
||||
- sshpk-conv: bin/sshpk-conv
|
||||
- sshpk-sign: bin/sshpk-sign
|
||||
- sshpk-verify: bin/sshpk-verify
|
||||
- checksum: 668c2a279a6ce66fd739ce5684e37927dd75427cc020c828a208f85890a4c400705d4ba09f32fa44efca894339dc6931941664f6f6ba36dfa543de6d006cbe9c
|
||||
- languageName: node
|
||||
- linkType: hard
|
||||
-
|
||||
"ssri@npm:^10.0.0, ssri@npm:^10.0.1":
|
||||
version: 10.0.5
|
||||
resolution: "ssri@npm:10.0.5"
|
||||
@@ -29479,13 +29329,6 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
-"tweetnacl@npm:^0.14.3, tweetnacl@npm:~0.14.0":
|
||||
- version: 0.14.5
|
||||
- resolution: "tweetnacl@npm:0.14.5"
|
||||
- checksum: 04ee27901cde46c1c0a64b9584e04c96c5fe45b38c0d74930710751ea991408b405747d01dfae72f80fc158137018aea94f9c38c651cb9c318f0861a310c3679
|
||||
- languageName: node
|
||||
- linkType: hard
|
||||
-
|
||||
"type-check@npm:^0.4.0, type-check@npm:~0.4.0":
|
||||
version: 0.4.0
|
||||
resolution: "type-check@npm:0.4.0"
|
||||
@@ -30199,17 +30042,6 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: soft
|
||||
|
||||
-"verror@npm:1.10.0":
|
||||
- version: 1.10.0
|
||||
- resolution: "verror@npm:1.10.0"
|
||||
- dependencies:
|
||||
- assert-plus: "npm:^1.0.0"
|
||||
- core-util-is: "npm:1.0.2"
|
||||
- extsprintf: "npm:^1.2.0"
|
||||
- checksum: da548149dd9c130a8a2587c9ee71ea30128d1526925707e2d01ed9c5c45c9e9f86733c66a328247cdd5f7c1516fb25b0f959ba754bfbe15072aa99ff96468a29
|
||||
- languageName: node
|
||||
- linkType: hard
|
||||
-
|
||||
"vinyl-fs@npm:^3.0.2":
|
||||
version: 3.0.3
|
||||
resolution: "vinyl-fs@npm:3.0.3"
|
||||
@ -1,4 +1,4 @@
|
||||
From ed8a438d72a667844ae07804491b568ad2f5dcdd Mon Sep 17 00:00:00 2001
|
||||
From a5fa7c218a70654f3bbbe76f9ca2951ff17f91e6 Mon Sep 17 00:00:00 2001
|
||||
From: Andreas Gerstmayr <agerstmayr@redhat.com>
|
||||
Date: Thu, 23 Jun 2022 17:00:46 +0200
|
||||
Subject: [PATCH] skip marketplace plugin install test
|
||||
@ -8,10 +8,10 @@ Network connectivity is disabled in the build environment for security
|
||||
reasons, therefore we need to disable this test.
|
||||
|
||||
diff --git a/pkg/tests/api/plugins/api_plugins_test.go b/pkg/tests/api/plugins/api_plugins_test.go
|
||||
index 4fc2295ed8..a326c40b04 100644
|
||||
index 86158deafbc..7aba79bd499 100644
|
||||
--- a/pkg/tests/api/plugins/api_plugins_test.go
|
||||
+++ b/pkg/tests/api/plugins/api_plugins_test.go
|
||||
@@ -71,6 +71,7 @@ func TestIntegrationPlugins(t *testing.T) {
|
||||
@@ -82,6 +82,7 @@ func TestIntegrationPlugins(t *testing.T) {
|
||||
})
|
||||
|
||||
t.Run("Request is not forbidden if from an admin", func(t *testing.T) {
|
||||
21
0006-redact-weak-ciphers.patch
Normal file
21
0006-redact-weak-ciphers.patch
Normal file
@ -0,0 +1,21 @@
|
||||
From 35b75b4709df69fb566de51780e26abe3e348446 Mon Sep 17 00:00:00 2001
|
||||
From: Stan Cox <scox@redhat.com>
|
||||
Date: Wed, 22 Jun 2022 17:05:48 +0200
|
||||
Subject: [PATCH] redact weak ciphers
|
||||
|
||||
|
||||
diff --git a/pkg/api/http_server.go b/pkg/api/http_server.go
|
||||
index afd12214685..2db40b42e88 100644
|
||||
--- a/pkg/api/http_server.go
|
||||
+++ b/pkg/api/http_server.go
|
||||
@@ -839,8 +839,8 @@ func (hs *HTTPServer) getDefaultCiphers(tlsVersion uint16, protocol string) []ui
|
||||
tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
|
||||
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
|
||||
tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
|
||||
- tls.TLS_RSA_WITH_AES_128_GCM_SHA256,
|
||||
- tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
|
||||
+ // tls.TLS_RSA_WITH_AES_128_GCM_SHA256,
|
||||
+ // tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
|
||||
}
|
||||
}
|
||||
if protocol == "h2" {
|
||||
@ -1,30 +0,0 @@
|
||||
From 7ac26d6beb2175f0d6001ca0df322ce610401cce Mon Sep 17 00:00:00 2001
|
||||
From: Stan Cox <scox@redhat.com>
|
||||
Date: Wed, 22 Jun 2022 17:05:48 +0200
|
||||
Subject: [PATCH] redact weak ciphers
|
||||
|
||||
|
||||
diff --git a/pkg/api/http_server.go b/pkg/api/http_server.go
|
||||
index da04044683..8a29270d4d 100644
|
||||
--- a/pkg/api/http_server.go
|
||||
+++ b/pkg/api/http_server.go
|
||||
@@ -820,13 +820,13 @@ func (hs *HTTPServer) getDefaultCiphers(tlsVersion uint16, protocol string) []ui
|
||||
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
|
||||
tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
|
||||
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
|
||||
- tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
|
||||
+ // tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
|
||||
tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
|
||||
- tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
|
||||
- tls.TLS_RSA_WITH_AES_128_GCM_SHA256,
|
||||
- tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
|
||||
- tls.TLS_RSA_WITH_AES_128_CBC_SHA,
|
||||
- tls.TLS_RSA_WITH_AES_256_CBC_SHA,
|
||||
+ // tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
|
||||
+ // tls.TLS_RSA_WITH_AES_128_GCM_SHA256,
|
||||
+ // tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
|
||||
+ // tls.TLS_RSA_WITH_AES_128_CBC_SHA,
|
||||
+ // tls.TLS_RSA_WITH_AES_256_CBC_SHA,
|
||||
}
|
||||
}
|
||||
if protocol == "h2" {
|
||||
@ -1,11 +1,11 @@
|
||||
From 5fe02f961e67af04907dc57beda42456128ab1c8 Mon Sep 17 00:00:00 2001
|
||||
From cf95173d39c2c6bcbe89ebd12c1474efaa2fc0d3 Mon Sep 17 00:00:00 2001
|
||||
From: Sam Feifer <sfeifer@redhat.com>
|
||||
Date: Fri, 1 Mar 2024 15:05:24 -0500
|
||||
Subject: [PATCH] update wrappers and systemd with distro paths
|
||||
|
||||
|
||||
diff --git a/packaging/rpm/systemd/grafana-server.service b/packaging/rpm/systemd/grafana-server.service
|
||||
index e3adc3f469..b2e4aced06 100644
|
||||
index e3adc3f4697..b2e4aced06f 100644
|
||||
--- a/packaging/rpm/systemd/grafana-server.service
|
||||
+++ b/packaging/rpm/systemd/grafana-server.service
|
||||
@@ -14,7 +14,7 @@ Restart=on-failure
|
||||
@ -18,7 +18,7 @@ index e3adc3f469..b2e4aced06 100644
|
||||
--pidfile=${PID_FILE_DIR}/grafana-server.pid \
|
||||
--packaging=rpm \
|
||||
diff --git a/packaging/wrappers/grafana b/packaging/wrappers/grafana
|
||||
index 86e0fc9faa..5c88bae4c3 100755
|
||||
index 86e0fc9faa2..5c88bae4c3b 100755
|
||||
--- a/packaging/wrappers/grafana
|
||||
+++ b/packaging/wrappers/grafana
|
||||
@@ -5,7 +5,7 @@
|
||||
@ -61,7 +61,7 @@ index 86e0fc9faa..5c88bae4c3 100755
|
||||
+fi
|
||||
\ No newline at end of file
|
||||
diff --git a/packaging/wrappers/grafana-server b/packaging/wrappers/grafana-server
|
||||
index 466b0d7c69..6be356f562 100755
|
||||
index 466b0d7c690..6be356f562c 100755
|
||||
--- a/packaging/wrappers/grafana-server
|
||||
+++ b/packaging/wrappers/grafana-server
|
||||
@@ -7,7 +7,8 @@
|
||||
@ -0,0 +1,37 @@
|
||||
From fed1500265045d3464cac032f1a186b387031ffa Mon Sep 17 00:00:00 2001
|
||||
From: Sam Feifer <sfeifer@redhat.com>
|
||||
Date: Wed, 25 Mar 2026 19:19:07 -0400
|
||||
Subject: [PATCH] fix plugin details for versions not in GCOM registry
|
||||
|
||||
|
||||
diff --git a/public/app/features/plugins/admin/api.ts b/public/app/features/plugins/admin/api.ts
|
||||
index 8f2bc538ba8..724054630b8 100644
|
||||
--- a/public/app/features/plugins/admin/api.ts
|
||||
+++ b/public/app/features/plugins/admin/api.ts
|
||||
@@ -51,7 +51,7 @@ export async function getPluginDetails(id: string): Promise<CatalogPluginDetails
|
||||
versions,
|
||||
statusContext: remote?.statusContext ?? '',
|
||||
iam: remote?.json?.iam,
|
||||
- changelog: remote?.changelog || localChangelog,
|
||||
+ changelog: localChangelog || remote?.changelog,
|
||||
licenseUrl: remote?.licenseUrl,
|
||||
documentationUrl: remote?.documentationUrl,
|
||||
sponsorshipUrl: remote?.sponsorshipUrl,
|
||||
@@ -119,7 +119,7 @@ async function getRemotePlugin(id: string): Promise<RemotePlugin | undefined> {
|
||||
}
|
||||
}
|
||||
|
||||
-async function getPluginVersion(id: string, version: string): Promise<Version> {
|
||||
+async function getPluginVersion(id: string, version: string): Promise<Version | undefined> {
|
||||
try {
|
||||
const v: PluginVersion = await getBackendSrv().get(`${GCOM_API_ROOT}/plugins/${id}/versions/${version}`);
|
||||
|
||||
@@ -137,7 +137,7 @@ async function getPluginVersion(id: string, version: string): Promise<Version> {
|
||||
// It can happen that GCOM is not available, in that case we show a limited set of information to the user.
|
||||
error.isHandled = true;
|
||||
}
|
||||
- throw error;
|
||||
+ return undefined;
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,40 +0,0 @@
|
||||
From 3f45f26993ed94837001bb9760d7859e7a057649 Mon Sep 17 00:00:00 2001
|
||||
From: Sam Feifer <sfeifer@redhat.com>
|
||||
Date: Fri, 1 Mar 2024 15:00:55 -0500
|
||||
Subject: [PATCH] replace faulty slices sort
|
||||
|
||||
|
||||
diff --git a/pkg/services/sqlstore/migrator/dialect.go b/pkg/services/sqlstore/migrator/dialect.go
|
||||
index 183b619de8..da21edeafa 100644
|
||||
--- a/pkg/services/sqlstore/migrator/dialect.go
|
||||
+++ b/pkg/services/sqlstore/migrator/dialect.go
|
||||
@@ -368,7 +368,8 @@ func (b *BaseDialect) InsertQuery(tableName string, row map[string]any) (string,
|
||||
for col := range row {
|
||||
keys = append(keys, col)
|
||||
}
|
||||
- slices.Sort[string](keys)
|
||||
+ slices.Sort(keys)
|
||||
+ //slices.Sort[string](keys)
|
||||
|
||||
// build query and values
|
||||
for _, col := range keys {
|
||||
@@ -398,7 +399,8 @@ func (b *BaseDialect) UpdateQuery(tableName string, row map[string]any, where ma
|
||||
for col := range row {
|
||||
keys = append(keys, col)
|
||||
}
|
||||
- slices.Sort[string](keys)
|
||||
+ slices.Sort(keys)
|
||||
+ //slices.Sort[string](keys)
|
||||
|
||||
// build update query and values
|
||||
for _, col := range keys {
|
||||
@@ -411,7 +413,8 @@ func (b *BaseDialect) UpdateQuery(tableName string, row map[string]any, where ma
|
||||
for col := range where {
|
||||
keys = append(keys, col)
|
||||
}
|
||||
- slices.Sort[string](keys)
|
||||
+ slices.Sort(keys)
|
||||
+ //slices.Sort[string](keys)
|
||||
|
||||
// build where clause and values
|
||||
for _, col := range keys {
|
||||
23
0009-suppress-signature-warning-for-pcp-plugin.patch
Normal file
23
0009-suppress-signature-warning-for-pcp-plugin.patch
Normal file
@ -0,0 +1,23 @@
|
||||
From e9949a271828e75a7a9095792bff049a5cd5d3a1 Mon Sep 17 00:00:00 2001
|
||||
From: Sam Feifer <sfeifer@redhat.com>
|
||||
Date: Wed, 25 Mar 2026 19:19:58 -0400
|
||||
Subject: [PATCH] suppress signature warning for pcp plugin
|
||||
|
||||
|
||||
diff --git a/public/app/features/plugins/admin/components/PluginDetailsSignature.tsx b/public/app/features/plugins/admin/components/PluginDetailsSignature.tsx
|
||||
index 711a29ccadb..c5f0eac72fd 100644
|
||||
--- a/public/app/features/plugins/admin/components/PluginDetailsSignature.tsx
|
||||
+++ b/public/app/features/plugins/admin/components/PluginDetailsSignature.tsx
|
||||
@@ -17,9 +17,11 @@ export function PluginDetailsSignature({ className, plugin }: Props): React.Reac
|
||||
const isSignatureValid = plugin.signature === PluginSignatureStatus.valid;
|
||||
const isCore = plugin.signature === PluginSignatureStatus.internal;
|
||||
const isDisabled = plugin.isDisabled && isDisabledDueTooSignatureError(plugin.error);
|
||||
+ // Suppress signature warning for distro-packaged plugins allowed via allow_loading_unsigned_plugins
|
||||
+ const isDistroPlugin = plugin.id === 'performancecopilot-pcp-app';
|
||||
|
||||
// The basic information is already available in the header
|
||||
- if (isSignatureValid || isCore || isDisabled) {
|
||||
+ if (isSignatureValid || isCore || isDisabled || isDistroPlugin) {
|
||||
return null;
|
||||
}
|
||||
|
||||
@ -1,108 +0,0 @@
|
||||
From eb711315d4c8a81ff52984293758a47372c21b8d Mon Sep 17 00:00:00 2001
|
||||
From: Sam Feifer <sfeifer@redhat.com>
|
||||
Date: Fri, 1 Mar 2024 15:07:22 -0500
|
||||
Subject: [PATCH] remove bcrypt references
|
||||
|
||||
|
||||
diff --git a/pkg/services/extsvcauth/oauthserver/oasimpl/service.go b/pkg/services/extsvcauth/oauthserver/oasimpl/service.go
|
||||
index 8c5a90248d..43f6d11e08 100644
|
||||
--- a/pkg/services/extsvcauth/oauthserver/oasimpl/service.go
|
||||
+++ b/pkg/services/extsvcauth/oauthserver/oasimpl/service.go
|
||||
@@ -19,7 +19,6 @@ import (
|
||||
"github.com/ory/fosite/compose"
|
||||
"github.com/ory/fosite/storage"
|
||||
"github.com/ory/fosite/token/jwt"
|
||||
- "golang.org/x/crypto/bcrypt"
|
||||
|
||||
"github.com/grafana/grafana/pkg/api/routing"
|
||||
"github.com/grafana/grafana/pkg/bus"
|
||||
@@ -235,88 +234,7 @@ func (s *OAuth2ServiceImpl) RemoveExternalService(ctx context.Context, name stri
|
||||
// it ensures that the associated service account has the correct permissions.
|
||||
// Database consistency is not guaranteed, consider changing this in the future.
|
||||
func (s *OAuth2ServiceImpl) SaveExternalService(ctx context.Context, registration *extsvcauth.ExternalServiceRegistration) (*extsvcauth.ExternalService, error) {
|
||||
- if registration == nil {
|
||||
- s.logger.Warn("RegisterExternalService called without registration")
|
||||
- return nil, nil
|
||||
- }
|
||||
- slug := registration.Name
|
||||
- s.logger.Info("Registering external service", "external service", slug)
|
||||
-
|
||||
- // Check if the client already exists in store
|
||||
- client, errFetchExtSvc := s.sqlstore.GetExternalServiceByName(ctx, slug)
|
||||
- if errFetchExtSvc != nil && !errors.Is(errFetchExtSvc, oauthserver.ErrClientNotFound) {
|
||||
- s.logger.Error("Error fetching service", "external service", slug, "error", errFetchExtSvc)
|
||||
- return nil, errFetchExtSvc
|
||||
- }
|
||||
- // Otherwise, create a new client
|
||||
- if client == nil {
|
||||
- s.logger.Debug("External service does not yet exist", "external service", slug)
|
||||
- client = &oauthserver.OAuthExternalService{
|
||||
- Name: slug,
|
||||
- ServiceAccountID: oauthserver.NoServiceAccountID,
|
||||
- Audiences: s.cfg.AppURL,
|
||||
- }
|
||||
- }
|
||||
-
|
||||
- // Parse registration form to compute required permissions for the client
|
||||
- client.SelfPermissions, client.ImpersonatePermissions = s.handleRegistrationPermissions(registration)
|
||||
-
|
||||
- if registration.OAuthProviderCfg == nil {
|
||||
- return nil, errors.New("missing oauth provider configuration")
|
||||
- }
|
||||
-
|
||||
- if registration.OAuthProviderCfg.RedirectURI != nil {
|
||||
- client.RedirectURI = *registration.OAuthProviderCfg.RedirectURI
|
||||
- }
|
||||
-
|
||||
- var errGenCred error
|
||||
- client.ClientID, client.Secret, errGenCred = s.genCredentials()
|
||||
- if errGenCred != nil {
|
||||
- s.logger.Error("Error generating credentials", "client", client.LogID(), "error", errGenCred)
|
||||
- return nil, errGenCred
|
||||
- }
|
||||
-
|
||||
- grantTypes := s.computeGrantTypes(registration.Self.Enabled, registration.Impersonation.Enabled)
|
||||
- client.GrantTypes = strings.Join(grantTypes, ",")
|
||||
-
|
||||
- // Handle key options
|
||||
- s.logger.Debug("Handle key options")
|
||||
- keys, err := s.handleKeyOptions(ctx, registration.OAuthProviderCfg.Key)
|
||||
- if err != nil {
|
||||
- s.logger.Error("Error handling key options", "client", client.LogID(), "error", err)
|
||||
- return nil, err
|
||||
- }
|
||||
- if keys != nil {
|
||||
- client.PublicPem = []byte(keys.PublicPem)
|
||||
- }
|
||||
- dto := client.ToExternalService(keys)
|
||||
-
|
||||
- hashedSecret, err := bcrypt.GenerateFromPassword([]byte(client.Secret), bcrypt.DefaultCost)
|
||||
- if err != nil {
|
||||
- s.logger.Error("Error hashing secret", "client", client.LogID(), "error", err)
|
||||
- return nil, err
|
||||
- }
|
||||
- client.Secret = string(hashedSecret)
|
||||
-
|
||||
- s.logger.Debug("Save service account")
|
||||
- saID, errSaveServiceAccount := s.saService.ManageExtSvcAccount(ctx, &serviceaccounts.ManageExtSvcAccountCmd{
|
||||
- ExtSvcSlug: slugify.Slugify(client.Name),
|
||||
- Enabled: registration.Self.Enabled,
|
||||
- OrgID: oauthserver.TmpOrgID,
|
||||
- Permissions: client.SelfPermissions,
|
||||
- })
|
||||
- if errSaveServiceAccount != nil {
|
||||
- return nil, errSaveServiceAccount
|
||||
- }
|
||||
- client.ServiceAccountID = saID
|
||||
-
|
||||
- err = s.sqlstore.SaveExternalService(ctx, client)
|
||||
- if err != nil {
|
||||
- s.logger.Error("Error saving external service", "client", client.LogID(), "error", err)
|
||||
- return nil, err
|
||||
- }
|
||||
- s.logger.Debug("Registered", "client", client.LogID())
|
||||
- return dto, nil
|
||||
+ panic("bcrypt cipher not available")
|
||||
}
|
||||
|
||||
// randString generates a a cryptographically secure random string of n bytes
|
||||
@ -1,55 +0,0 @@
|
||||
diff --git a/package.json b/package.json
|
||||
index 38deb6d7dee..010a24fb451 100644
|
||||
--- a/package.json
|
||||
+++ b/package.json
|
||||
@@ -432,7 +432,8 @@
|
||||
"react-split-pane@0.1.92": "patch:react-split-pane@npm:0.1.92#.yarn/patches/react-split-pane-npm-0.1.92-93dbf51dff.patch",
|
||||
"@storybook/blocks@7.4.5": "patch:@storybook/blocks@npm%3A7.4.5#./.yarn/patches/@storybook-blocks-npm-7.4.5-5a2374564a.patch",
|
||||
"history@4.10.1": "patch:history@npm%3A4.10.1#./.yarn/patches/history-npm-4.10.1-ee217563ae.patch",
|
||||
- "history@^4.9.0": "patch:history@npm%3A4.10.1#./.yarn/patches/history-npm-4.10.1-ee217563ae.patch"
|
||||
+ "history@^4.9.0": "patch:history@npm%3A4.10.1#./.yarn/patches/history-npm-4.10.1-ee217563ae.patch",
|
||||
+ "dompurify": "^2.5.0"
|
||||
},
|
||||
"workspaces": {
|
||||
"packages": [
|
||||
diff --git a/packages/grafana-data/package.json b/packages/grafana-data/package.json
|
||||
index 2182744e61b..4201ef58dda 100644
|
||||
--- a/packages/grafana-data/package.json
|
||||
+++ b/packages/grafana-data/package.json
|
||||
@@ -41,7 +41,7 @@
|
||||
"@types/string-hash": "1.1.1",
|
||||
"d3-interpolate": "3.0.1",
|
||||
"date-fns": "2.30.0",
|
||||
- "dompurify": "^2.4.3",
|
||||
+ "dompurify": "^2.5.0",
|
||||
"eventemitter3": "5.0.1",
|
||||
"fast_array_intersect": "1.1.0",
|
||||
"history": "4.10.1",
|
||||
diff --git a/yarn.lock b/yarn.lock
|
||||
index bf22ba52a17..88fc4d3fbfb 100644
|
||||
--- a/yarn.lock
|
||||
+++ b/yarn.lock
|
||||
@@ -2953,7 +2953,7 @@ __metadata:
|
||||
"@types/tinycolor2": "npm:1.4.3"
|
||||
d3-interpolate: "npm:3.0.1"
|
||||
date-fns: "npm:2.30.0"
|
||||
- dompurify: "npm:^2.4.3"
|
||||
+ dompurify: "npm:^2.5.0"
|
||||
esbuild: "npm:0.18.12"
|
||||
eventemitter3: "npm:5.0.1"
|
||||
fast_array_intersect: "npm:1.1.0"
|
||||
@@ -14478,10 +14478,10 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
-"dompurify@npm:^2.2.0, dompurify@npm:^2.4.3":
|
||||
- version: 2.4.5
|
||||
- resolution: "dompurify@npm:2.4.5"
|
||||
- checksum: d764c2ff126b3749dad35bc34eed40f51141d7dfd620e938c92f08d68c32beeb259d06abadeee91f6e2a8c8737ce670e2124ac9a257ba3bcdc666598cebcde01
|
||||
+"dompurify@npm:^2.5.0":
|
||||
+ version: 2.5.7
|
||||
+ resolution: "dompurify@npm:2.5.7"
|
||||
+ checksum: b150ca1e28083252cd51097162dc96cb45203f7e2af1fbaa8ef32b4f4d6b605e4aa8915190d38bd0635cbbf14d13a200138cd3ec1b084096819b14c718355122
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
@ -1,28 +0,0 @@
|
||||
diff --git a/go.mod b/go.mod
|
||||
index fcbc09da5e6..1771902bc1c 100644
|
||||
--- a/go.mod
|
||||
+++ b/go.mod
|
||||
@@ -164,7 +164,7 @@ require (
|
||||
github.com/go-openapi/spec v0.20.9 // indirect
|
||||
github.com/go-openapi/swag v0.22.4 // indirect
|
||||
github.com/go-openapi/validate v0.22.1 // indirect
|
||||
- github.com/golang-jwt/jwt/v4 v4.5.0 // @grafana/backend-platform
|
||||
+ github.com/golang-jwt/jwt/v4 v4.5.2 // @grafana/backend-platform
|
||||
github.com/golang-sql/civil v0.0.0-20220223132316-b832511892a9 // indirect
|
||||
github.com/golang/glog v1.1.2 // indirect
|
||||
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
|
||||
diff --git a/go.sum b/go.sum
|
||||
index d05dfb55fd4..3a045f712eb 100644
|
||||
--- a/go.sum
|
||||
+++ b/go.sum
|
||||
@@ -1593,8 +1593,9 @@ github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzw
|
||||
github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
|
||||
github.com/golang-jwt/jwt/v4 v4.4.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
|
||||
github.com/golang-jwt/jwt/v4 v4.4.3/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
|
||||
-github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg=
|
||||
github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
|
||||
+github.com/golang-jwt/jwt/v4 v4.5.2 h1:YtQM7lnr8iZ+j5q71MGKkNw9Mn7AjHM68uc9g5fXeUI=
|
||||
+github.com/golang-jwt/jwt/v4 v4.5.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
|
||||
github.com/golang-migrate/migrate/v4 v4.7.0 h1:gONcHxHApDTKXDyLH/H97gEHmpu1zcnnbAaq2zgrPrs=
|
||||
github.com/golang-migrate/migrate/v4 v4.7.0/go.mod h1:Qvut3N4xKWjoH3sokBccML6WyHSnggXm/DvMMnTsQIc=
|
||||
github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0=
|
||||
@ -1,32 +0,0 @@
|
||||
From 2d4314b5ca1e527a3420fad11d3f1a25351700d4 Mon Sep 17 00:00:00 2001
|
||||
From: Sam Feifer <sfeifer@redhat.com>
|
||||
Date: Wed, 7 May 2025 16:27:08 -0400
|
||||
Subject: [PATCH] fix CVE-2025-4123
|
||||
|
||||
|
||||
diff --git a/conf/defaults.ini b/conf/defaults.ini
|
||||
index e1e5468bfa3..4221144bf54 100644
|
||||
--- a/conf/defaults.ini
|
||||
+++ b/conf/defaults.ini
|
||||
@@ -363,7 +363,7 @@ x_xss_protection = true
|
||||
|
||||
# Enable adding the Content-Security-Policy header to your requests.
|
||||
# CSP allows to control resources the user agent is allowed to load and helps prevent XSS attacks.
|
||||
-content_security_policy = false
|
||||
+content_security_policy = true
|
||||
|
||||
# Set Content Security Policy template used when adding the Content-Security-Policy header to your requests.
|
||||
# $NONCE in the template includes a random nonce.
|
||||
diff --git a/conf/sample.ini b/conf/sample.ini
|
||||
index 51d2b6c512b..fd588b48225 100644
|
||||
--- a/conf/sample.ini
|
||||
+++ b/conf/sample.ini
|
||||
@@ -364,7 +364,7 @@
|
||||
|
||||
# Enable adding the Content-Security-Policy header to your requests.
|
||||
# CSP allows to control resources the user agent is allowed to load and helps prevent XSS attacks.
|
||||
-;content_security_policy = false
|
||||
+;content_security_policy = true
|
||||
|
||||
# Set Content Security Policy template used when adding the Content-Security-Policy header to your requests.
|
||||
# $NONCE in the template includes a random nonce.
|
||||
@ -1,49 +0,0 @@
|
||||
From 3efa5e004426fed8f25ec513f2dce4658e3b6564 Mon Sep 17 00:00:00 2001
|
||||
From: Sam Feifer <sfeifer@redhat.com>
|
||||
Date: Mon, 16 Feb 2026 15:35:19 -0500
|
||||
Subject: [PATCH] Fix CVE-2026-21721
|
||||
|
||||
---
|
||||
pkg/api/api.go | 10 ++++++----
|
||||
1 file changed, 6 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/pkg/api/api.go b/pkg/api/api.go
|
||||
index 3db3cbafe73..b8c1dd5736e 100644
|
||||
--- a/pkg/api/api.go
|
||||
+++ b/pkg/api/api.go
|
||||
@@ -461,12 +461,13 @@ func (hs *HTTPServer) registerRoutes() {
|
||||
dashboardRoute.Get("/uid/:uid", authorize(ac.EvalPermission(dashboards.ActionDashboardsRead)), routing.Wrap(hs.GetDashboard))
|
||||
dashboardRoute.Delete("/uid/:uid", authorize(ac.EvalPermission(dashboards.ActionDashboardsDelete)), routing.Wrap(hs.DeleteDashboardByUID))
|
||||
dashboardRoute.Group("/uid/:uid", func(dashUidRoute routing.RouteRegister) {
|
||||
+ dashUIDScope := dashboards.ScopeDashboardsProvider.GetResourceScopeUID(ac.Parameter(":uid"))
|
||||
dashUidRoute.Get("/versions", authorize(ac.EvalPermission(dashboards.ActionDashboardsWrite)), routing.Wrap(hs.GetDashboardVersions))
|
||||
dashUidRoute.Post("/restore", authorize(ac.EvalPermission(dashboards.ActionDashboardsWrite)), routing.Wrap(hs.RestoreDashboardVersion))
|
||||
dashUidRoute.Get("/versions/:id", authorize(ac.EvalPermission(dashboards.ActionDashboardsWrite)), routing.Wrap(hs.GetDashboardVersion))
|
||||
dashUidRoute.Group("/permissions", func(dashboardPermissionRoute routing.RouteRegister) {
|
||||
- dashboardPermissionRoute.Get("/", authorize(ac.EvalPermission(dashboards.ActionDashboardsPermissionsRead)), routing.Wrap(hs.GetDashboardPermissionList))
|
||||
- dashboardPermissionRoute.Post("/", authorize(ac.EvalPermission(dashboards.ActionDashboardsPermissionsWrite)), routing.Wrap(hs.UpdateDashboardPermissions))
|
||||
+ dashboardPermissionRoute.Get("/", authorize(ac.EvalPermission(dashboards.ActionDashboardsPermissionsRead, dashUIDScope)), routing.Wrap(hs.GetDashboardPermissionList))
|
||||
+ dashboardPermissionRoute.Post("/", authorize(ac.EvalPermission(dashboards.ActionDashboardsPermissionsWrite, dashUIDScope)), routing.Wrap(hs.UpdateDashboardPermissions))
|
||||
})
|
||||
})
|
||||
|
||||
@@ -481,13 +482,14 @@ func (hs *HTTPServer) registerRoutes() {
|
||||
|
||||
// Deprecated: use /uid/:uid API instead.
|
||||
dashboardRoute.Group("/id/:dashboardId", func(dashIdRoute routing.RouteRegister) {
|
||||
+ dashIDScope := dashboards.ScopeDashboardsProvider.GetResourceScope(ac.Parameter(":dashboardId"))
|
||||
dashIdRoute.Get("/versions", authorize(ac.EvalPermission(dashboards.ActionDashboardsWrite)), routing.Wrap(hs.GetDashboardVersions))
|
||||
dashIdRoute.Get("/versions/:id", authorize(ac.EvalPermission(dashboards.ActionDashboardsWrite)), routing.Wrap(hs.GetDashboardVersion))
|
||||
dashIdRoute.Post("/restore", authorize(ac.EvalPermission(dashboards.ActionDashboardsWrite)), routing.Wrap(hs.RestoreDashboardVersion))
|
||||
|
||||
dashIdRoute.Group("/permissions", func(dashboardPermissionRoute routing.RouteRegister) {
|
||||
- dashboardPermissionRoute.Get("/", authorize(ac.EvalPermission(dashboards.ActionDashboardsPermissionsRead)), routing.Wrap(hs.GetDashboardPermissionList))
|
||||
- dashboardPermissionRoute.Post("/", authorize(ac.EvalPermission(dashboards.ActionDashboardsPermissionsWrite)), routing.Wrap(hs.UpdateDashboardPermissions))
|
||||
+ dashboardPermissionRoute.Get("/", authorize(ac.EvalPermission(dashboards.ActionDashboardsPermissionsRead, dashIDScope)), routing.Wrap(hs.GetDashboardPermissionList))
|
||||
+ dashboardPermissionRoute.Post("/", authorize(ac.EvalPermission(dashboards.ActionDashboardsPermissionsWrite, dashIDScope)), routing.Wrap(hs.UpdateDashboardPermissions))
|
||||
})
|
||||
})
|
||||
})
|
||||
--
|
||||
2.52.0
|
||||
|
||||
@ -1,123 +0,0 @@
|
||||
diff --git a/pkg/api/frontendsettings.go b/pkg/api/frontendsettings.go
|
||||
index 215714b6f83..36949e126b9 100644
|
||||
--- a/pkg/api/frontendsettings.go
|
||||
+++ b/pkg/api/frontendsettings.go
|
||||
@@ -1,6 +1,7 @@
|
||||
package api
|
||||
|
||||
import (
|
||||
+ "bytes"
|
||||
"context"
|
||||
"fmt"
|
||||
"net/http"
|
||||
@@ -18,6 +19,7 @@ import (
|
||||
"github.com/grafana/grafana/pkg/services/pluginsintegration/pluginsettings"
|
||||
"github.com/grafana/grafana/pkg/services/pluginsintegration/pluginstore"
|
||||
"github.com/grafana/grafana/pkg/services/secrets/kvstore"
|
||||
+ dashboardkind "github.com/grafana/grafana/pkg/services/store/kind/dashboard"
|
||||
"github.com/grafana/grafana/pkg/setting"
|
||||
"github.com/grafana/grafana/pkg/tsdb/grafanads"
|
||||
"github.com/grafana/grafana/pkg/util"
|
||||
@@ -297,7 +299,12 @@ func (hs *HTTPServer) getFSDataSources(c *contextmodel.ReqContext, availablePlug
|
||||
|
||||
if c.IsPublicDashboardView() {
|
||||
// If RBAC is enabled, it will filter out all datasources for a public user, so we need to skip it
|
||||
- orgDataSources = dataSources
|
||||
+ // But we can filter to only include datasources actually used by the dashboard
|
||||
+ filtered, err := hs.publicDashFilterUsedDataSources(c, dataSources)
|
||||
+ if err != nil {
|
||||
+ return nil, err
|
||||
+ }
|
||||
+ orgDataSources = filtered
|
||||
} else {
|
||||
filtered, err := hs.dsGuardian.New(c.SignedInUser.OrgID, c.SignedInUser).FilterDatasourcesByQueryPermissions(dataSources)
|
||||
if err != nil {
|
||||
@@ -633,3 +640,36 @@ func (hs *HTTPServer) getEnabledOAuthProviders() map[string]any {
|
||||
}
|
||||
return providers
|
||||
}
|
||||
+
|
||||
+func (hs *HTTPServer) publicDashFilterUsedDataSources(c *contextmodel.ReqContext, allDataSources []*datasources.DataSource) ([]*datasources.DataSource, error) {
|
||||
+ _, dash, err := hs.PublicDashboardsApi.PublicDashboardService.FindPublicDashboardAndDashboardByAccessToken(c.Req.Context(), c.PublicDashboardAccessToken)
|
||||
+ if err != nil {
|
||||
+ return nil, err
|
||||
+ }
|
||||
+
|
||||
+ payload, err := dash.Data.Encode()
|
||||
+ if err != nil {
|
||||
+ return nil, fmt.Errorf("failed to encode dashboard data: %w", err)
|
||||
+ }
|
||||
+
|
||||
+ lookup := dashboardkind.CreateDatasourceLookup([]*dashboardkind.DatasourceQueryResult{})
|
||||
+
|
||||
+ usedDSRefs, err := dashboardkind.ReadDashboard(bytes.NewReader(payload), lookup)
|
||||
+ if err != nil {
|
||||
+ return nil, fmt.Errorf("failed to parse dashboard: %w", err)
|
||||
+ }
|
||||
+
|
||||
+ usedUIDs := make(map[string]struct{}, len(usedDSRefs))
|
||||
+ for _, ds := range usedDSRefs {
|
||||
+ usedUIDs[ds.UID] = struct{}{}
|
||||
+ }
|
||||
+
|
||||
+ filtered := make([]*datasources.DataSource, 0)
|
||||
+ for _, ds := range allDataSources {
|
||||
+ if _, ok := usedUIDs[ds.UID]; ok {
|
||||
+ filtered = append(filtered, ds)
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ return filtered, nil
|
||||
+}
|
||||
diff --git a/pkg/services/store/kind/dashboard/dashboard.go b/pkg/services/store/kind/dashboard/dashboard.go
|
||||
index b325acd8c57..054dcafe8ca 100644
|
||||
--- a/pkg/services/store/kind/dashboard/dashboard.go
|
||||
+++ b/pkg/services/store/kind/dashboard/dashboard.go
|
||||
@@ -112,8 +112,17 @@ func newDatasourceVariableLookup(dsLookup DatasourceLookup) *datasourceVariableL
|
||||
}
|
||||
}
|
||||
|
||||
+// ReadDashboard parses dashboard JSON and returns the data sources used in the dashboard.
|
||||
+func ReadDashboard(stream io.Reader, lookup DatasourceLookup) ([]DataSourceRef, error) {
|
||||
+ info, err := readDashboard(stream, lookup)
|
||||
+ if err != nil {
|
||||
+ return nil, err
|
||||
+ }
|
||||
+ return info.Datasource, nil
|
||||
+}
|
||||
+
|
||||
// nolint:gocyclo
|
||||
-// ReadDashboard will take a byte stream and return dashboard info
|
||||
+// readDashboard will take a byte stream and return dashboard info
|
||||
func readDashboard(stream io.Reader, lookup DatasourceLookup) (*dashboardInfo, error) {
|
||||
dash := &dashboardInfo{}
|
||||
|
||||
diff --git a/pkg/services/store/kind/dashboard/ds_lookup.go b/pkg/services/store/kind/dashboard/ds_lookup.go
|
||||
index 5d132d569be..7330e598409 100644
|
||||
--- a/pkg/services/store/kind/dashboard/ds_lookup.go
|
||||
+++ b/pkg/services/store/kind/dashboard/ds_lookup.go
|
||||
@@ -100,6 +100,9 @@ func (d *DsLookup) ByRef(ref *DataSourceRef) *DataSourceRef {
|
||||
if ref == nil {
|
||||
return d.defaultDS
|
||||
}
|
||||
+ if ref.UID == "default" && ref.Type == "" {
|
||||
+ return d.defaultDS
|
||||
+ }
|
||||
|
||||
key := ""
|
||||
if ref.UID != "" {
|
||||
@@ -117,7 +120,13 @@ func (d *DsLookup) ByRef(ref *DataSourceRef) *DataSourceRef {
|
||||
return ds
|
||||
}
|
||||
|
||||
- return d.byName[key]
|
||||
+ ds, ok = d.byName[key]
|
||||
+ if ok {
|
||||
+ return ds
|
||||
+ }
|
||||
+
|
||||
+ // With nothing was found (or configured), use the original reference
|
||||
+ return ref
|
||||
}
|
||||
|
||||
func (d *DsLookup) ByType(dsType string) []DataSourceRef {
|
||||
File diff suppressed because it is too large
Load Diff
@ -4,6 +4,13 @@ This patch modifies the x/crypto/pbkdf2 function to use OpenSSL
|
||||
if FIPS mode is enabled.
|
||||
DEFINEFUNC is from /usr/lib/golang/src/vendor/github.com/golang-fips/openssl-fips/openssl/goopenssl.h
|
||||
|
||||
diff --git a/vendor/modules.txt b/vendor/modules.txt
|
||||
--- a/vendor/modules.txt
|
||||
+++ b/vendor/modules.txt
|
||||
@@ -1,2 +1,3 @@
|
||||
golang.org/x/crypto/internal/alias
|
||||
+golang.org/x/crypto/internal/boring
|
||||
golang.org/x/crypto/internal/poly1305
|
||||
diff --git a/vendor/golang.org/x/crypto/internal/boring/boring.go b/vendor/golang.org/x/crypto/internal/boring/boring.go
|
||||
new file mode 100644
|
||||
index 0000000000..5a06918832
|
||||
@ -111,7 +118,7 @@ index 593f653008..799a611f94 100644
|
||||
--- a/vendor/golang.org/x/crypto/pbkdf2/pbkdf2.go
|
||||
+++ b/vendor/golang.org/x/crypto/pbkdf2/pbkdf2.go
|
||||
@@ -19,8 +19,11 @@ pbkdf2.Key.
|
||||
package pbkdf2 // import "golang.org/x/crypto/pbkdf2"
|
||||
package pbkdf2
|
||||
|
||||
import (
|
||||
+ "crypto/boring"
|
||||
|
||||
@ -1,51 +0,0 @@
|
||||
diff --git a/vendor/github.com/hashicorp/go-retryablehttp/client.go b/vendor/github.com/hashicorp/go-retryablehttp/client.go
|
||||
index f40d241..765a828 100644
|
||||
--- a/vendor/github.com/hashicorp/go-retryablehttp/client.go
|
||||
+++ b/vendor/github.com/hashicorp/go-retryablehttp/client.go
|
||||
@@ -584,9 +584,9 @@ func (c *Client) Do(req *Request) (*http.Response, error) {
|
||||
if logger != nil {
|
||||
switch v := logger.(type) {
|
||||
case LeveledLogger:
|
||||
- v.Debug("performing request", "method", req.Method, "url", req.URL)
|
||||
+ v.Debug("performing request", "method", req.Method, "url", req.URL.Redacted())
|
||||
case Logger:
|
||||
- v.Printf("[DEBUG] %s %s", req.Method, req.URL)
|
||||
+ v.Printf("[DEBUG] %s %s", req.Method, req.URL.Redacted())
|
||||
}
|
||||
}
|
||||
|
||||
@@ -641,9 +641,9 @@ func (c *Client) Do(req *Request) (*http.Response, error) {
|
||||
if err != nil {
|
||||
switch v := logger.(type) {
|
||||
case LeveledLogger:
|
||||
- v.Error("request failed", "error", err, "method", req.Method, "url", req.URL)
|
||||
+ v.Error("request failed", "error", err, "method", req.Method, "url", req.URL.Redacted())
|
||||
case Logger:
|
||||
- v.Printf("[ERR] %s %s request failed: %v", req.Method, req.URL, err)
|
||||
+ v.Printf("[ERR] %s %s request failed: %v", req.Method, req.URL.Redacted(), err)
|
||||
}
|
||||
} else {
|
||||
// Call this here to maintain the behavior of logging all requests,
|
||||
@@ -679,7 +679,7 @@ func (c *Client) Do(req *Request) (*http.Response, error) {
|
||||
|
||||
wait := c.Backoff(c.RetryWaitMin, c.RetryWaitMax, i, resp)
|
||||
if logger != nil {
|
||||
- desc := fmt.Sprintf("%s %s", req.Method, req.URL)
|
||||
+ desc := fmt.Sprintf("%s %s", req.Method, req.URL.Redacted())
|
||||
if resp != nil {
|
||||
desc = fmt.Sprintf("%s (status: %d)", desc, resp.StatusCode)
|
||||
}
|
||||
@@ -735,11 +735,11 @@ func (c *Client) Do(req *Request) (*http.Response, error) {
|
||||
// communicate why
|
||||
if err == nil {
|
||||
return nil, fmt.Errorf("%s %s giving up after %d attempt(s)",
|
||||
- req.Method, req.URL, attempt)
|
||||
+ req.Method, req.URL.Redacted(), attempt)
|
||||
}
|
||||
|
||||
return nil, fmt.Errorf("%s %s giving up after %d attempt(s): %w",
|
||||
- req.Method, req.URL, attempt, err)
|
||||
+ req.Method, req.URL.Redacted(), attempt, err)
|
||||
}
|
||||
|
||||
// Try to read the response body so we can reuse this connection.
|
||||
@ -9,7 +9,6 @@ The grafana package
|
||||
## Upgrade instructions
|
||||
* follow the Setup instructions above
|
||||
* rebase to the new version: `git fetch && git rebase --onto <newversion> <oldversion>`
|
||||
* rebasing `remove-unused-backend-dependencies.patch`: only apply the patch to `pkg/extensions/main.go` and run `go mod tidy`, then `go.mod` and `go.sum` will get updated automatically
|
||||
* rebasing `remove-unused-frontend-crypto.patch`: only apply the patch to `package.json` and run `yarn install`, then `yarn.lock` will get updated automatically
|
||||
* create new patches from the modified git commits: `git format-patch -N --no-stat --no-signature <newversion> && mv *.patch ..`
|
||||
* update `Version`, `Release`, `%changelog` and tarball NVRs in the specfile
|
||||
|
||||
@ -6,15 +6,5 @@ export NODE_OPTIONS="${NODE_OPTIONS:-} --max_old_space_size=6144"
|
||||
# Build the frontend
|
||||
yarn run build
|
||||
|
||||
# Build the bundled plugins
|
||||
mkdir plugins-bundled/external
|
||||
yarn run plugins:build-bundled
|
||||
for plugin in plugins-bundled/internal/input-datasource; do
|
||||
mv $plugin $plugin.tmp
|
||||
mv $plugin.tmp/dist $plugin
|
||||
rm -rf $plugin.tmp
|
||||
done
|
||||
rm plugins-bundled/README.md plugins-bundled/.gitignore plugins-bundled/external.json
|
||||
|
||||
# Fix permissions (webpack sometimes outputs files with mode = 666 due to reasons unknown (race condition/umask issue afaics))
|
||||
chmod -R g-w,o-w public/build plugins-bundled
|
||||
chmod -R g-w,o-w public/build
|
||||
|
||||
@ -20,9 +20,7 @@ tar xf "${SOURCE_TAR}"
|
||||
pushd "${SOURCE_DIR}"
|
||||
|
||||
# Vendor Go dependencies
|
||||
patch -p1 --fuzz=0 < ../0004-remove-unused-backend-dependencies.patch
|
||||
patch -p1 --fuzz=0 < ../0012-fix-jwt-CVE.patch
|
||||
go mod vendor
|
||||
go work vendor
|
||||
|
||||
# Generate Go files
|
||||
make gen-go
|
||||
@ -31,42 +29,43 @@ make gen-go
|
||||
rm -r vendor/golang.org/x/crypto/bcrypt
|
||||
rm -r vendor/golang.org/x/crypto/blowfish
|
||||
rm -r vendor/golang.org/x/crypto/cast5
|
||||
rm -r vendor/golang.org/x/crypto/acme
|
||||
rm -r vendor/golang.org/x/crypto/argon2
|
||||
rm -r vendor/golang.org/x/crypto/blake2b
|
||||
rm -r vendor/golang.org/x/crypto/chacha20
|
||||
rm -r vendor/golang.org/x/crypto/chacha20poly1305
|
||||
rm -r vendor/golang.org/x/crypto/cryptobyte
|
||||
rm -r vendor/golang.org/x/crypto/curve25519
|
||||
rm -r vendor/golang.org/x/crypto/ed25519
|
||||
rm -r vendor/golang.org/x/crypto/hkdf
|
||||
rm -r vendor/golang.org/x/crypto/internal
|
||||
rm -r vendor/golang.org/x/crypto/md4
|
||||
rm -r vendor/golang.org/x/crypto/nacl
|
||||
rm -r vendor/golang.org/x/crypto/openpgp
|
||||
rm -r vendor/golang.org/x/crypto/pkcs12
|
||||
rm -r vendor/golang.org/x/crypto/poly1305
|
||||
rm -r vendor/golang.org/x/crypto/salsa20
|
||||
rm -r vendor/golang.org/x/crypto/scrypt
|
||||
rm -r vendor/golang.org/x/crypto/ripemd160
|
||||
rm -r vendor/golang.org/x/crypto/sha3
|
||||
rm -r vendor/golang.org/x/crypto/ssh
|
||||
|
||||
# Remove unused code under apsl licenses
|
||||
rm -r vendor/modernc.org/libc
|
||||
rm -r vendor/modernc.org/sqlite
|
||||
|
||||
# List bundled dependencies
|
||||
awk '$2 ~ /^v/ && $4 != "indirect" {print "Provides: bundled(golang(" $1 ")) = " substr($2, 2)}' go.mod | \
|
||||
awk '$1 !~ /^\/\// && $2 ~ /^v/ && $4 != "indirect" {print "Provides: bundled(golang(" $1 ")) = " substr($2, 2)}' go.mod | \
|
||||
sed -E 's/=(.*)-(.*)-(.*)/=\1-\2.\3/g' > "../${VENDOR_TAR}.manifest"
|
||||
|
||||
# Vendor Node.js dependencies
|
||||
patch -p1 --fuzz=0 < ../0005-remove-unused-frontend-crypto.patch
|
||||
patch -p1 --fuzz=0 < ../0011-fix-dompurify-CVE.patch
|
||||
patch -p1 --fuzz=0 < ../0004-remove-unused-frontend-crypto.patch
|
||||
export HUSKY=0
|
||||
yarn install --frozen-lockfile
|
||||
|
||||
# Remove files with licensing issues
|
||||
find .yarn -name 'node-notifier' -prune -exec rm -r {} \;
|
||||
find .yarn -name 'nodemon' -prune -exec rm -r {} \;
|
||||
rm -rf node_modules/node-notifier node_modules/nodemon
|
||||
|
||||
# Remove forbidden Unicode code point
|
||||
sed -i "s/$(printf '\xe2\x80\xac')//g" node_modules/http2-client/LICENSE
|
||||
|
||||
# List bundled dependencies
|
||||
../list_bundled_nodejs_packages.py . >> "../${VENDOR_TAR}.manifest"
|
||||
@ -82,25 +81,28 @@ XZ_OPT=-9 tar \
|
||||
-cJf "${VENDOR_TAR}" \
|
||||
"${SOURCE_DIR}/vendor" \
|
||||
$(find "${SOURCE_DIR}" -type f -name wire_gen.go | LC_ALL=C sort) \
|
||||
"${SOURCE_DIR}/.pnp.cjs" \
|
||||
"${SOURCE_DIR}/.yarn/cache" \
|
||||
"${SOURCE_DIR}/.yarn/unplugged"
|
||||
"${SOURCE_DIR}/node_modules"
|
||||
|
||||
|
||||
## Create webpack
|
||||
pushd "${SOURCE_DIR}"
|
||||
# Apply frontend source patches before compiling
|
||||
patch -p1 --fuzz=0 < ../0008-fix-plugin-details-for-versions-not-in-GCOM-registry.patch
|
||||
patch -p1 --fuzz=0 < ../0009-suppress-signature-warning-for-pcp-plugin.patch
|
||||
../build_frontend.sh
|
||||
popd
|
||||
|
||||
# Create tarball
|
||||
# shellcheck disable=SC2046
|
||||
tar \
|
||||
--sort=name \
|
||||
--mtime="@${SOURCE_DATE_EPOCH}" --clamp-mtime \
|
||||
--owner=0 --group=0 --numeric-owner \
|
||||
-czf "${WEBPACK_TAR}" \
|
||||
"${SOURCE_DIR}/plugins-bundled" \
|
||||
"${SOURCE_DIR}/public/build" \
|
||||
"${SOURCE_DIR}/public/img" \
|
||||
"${SOURCE_DIR}/public/lib" \
|
||||
"${SOURCE_DIR}/public/locales" \
|
||||
"${SOURCE_DIR}/public/views"
|
||||
"${SOURCE_DIR}/public/views" \
|
||||
$(find "${SOURCE_DIR}/public/app/plugins" -type d -name "dist" | LC_ALL=C sort)
|
||||
|
||||
@ -6,7 +6,7 @@
|
||||
#
|
||||
|
||||
cat <<EOF | podman build -t grafana-build -f - .
|
||||
FROM fedora:39
|
||||
FROM fedora:44
|
||||
|
||||
RUN dnf upgrade -y && \
|
||||
dnf install -y rpmdevtools python3-packaging python3-pyyaml make golang nodejs yarnpkg
|
||||
|
||||
@ -9,9 +9,12 @@ addFilter("W: invalid-url Source1: grafana-vendor-")
|
||||
addFilter("W: invalid-url Source2: grafana-webpack-")
|
||||
addFilter("E: zero-length /usr/share/grafana/public")
|
||||
addFilter("W: hidden-file-or-dir /usr/share/grafana/public")
|
||||
addFilter("W: files-duplicate /usr/share/grafana/public/img")
|
||||
addFilter("W: files-duplicate /usr/share/grafana/public/lib/.*.LICENSE.txt")
|
||||
addFilter("W: files-duplicate /usr/share/grafana/public/")
|
||||
addFilter("E: files-duplicated-waste")
|
||||
|
||||
addFilter("W: dangerous-command-in-%post chown")
|
||||
addFilter("W: log-files-without-logrotate")
|
||||
addFilter("W: %ifarch-applied-patch Patch.*: .*vendor-skip-goldenfiles-tests.patch")
|
||||
addFilter("W: post-without-tmpfile-creation")
|
||||
addFilter("W: macro-in-comment")
|
||||
addFilter("W: macro-in-%changelog")
|
||||
|
||||
1147
grafana.spec
1147
grafana.spec
File diff suppressed because it is too large
Load Diff
@ -157,8 +157,10 @@ optional_policy(`
|
||||
require {
|
||||
type proc_net_t;
|
||||
class lnk_file { read };
|
||||
class file { read open };
|
||||
}
|
||||
allow grafana_t proc_net_t:lnk_file read;
|
||||
allow grafana_t proc_net_t:file { read open };
|
||||
')
|
||||
|
||||
optional_policy(`
|
||||
|
||||
6
sources
6
sources
@ -1,3 +1,3 @@
|
||||
SHA512 (grafana-10.2.6.tar.gz) = 7244f4cb6572fe0403e6224f7247fbb273bbd1f359ee706a82001f0d409fb375d113f1cb24a657e845b93eb55ee98e1d7ae713e767c219f4d3b00eaf5c73d28e
|
||||
SHA512 (grafana-webpack-10.2.6-15.tar.gz) = 7e4a0f962bc0dbf0fffbc31599870c4099e421d4505644be0a412b26043dc7adb37e81f7b24621731f96d3c8a652009a9eef8cf68dd03e1351dc309fd87a1e6f
|
||||
SHA512 (grafana-vendor-10.2.6-15.tar.xz) = 1db5bedbbc84fecad9d07f9a44db0c17c9472387bdd0d58877415c756015dc579f109c1ae43a21ae97da5625806747ddd00b5f31be7965adabd316b1d6e943e1
|
||||
SHA512 (grafana-12.4.3.tar.gz) = 0843827a6b1d959ad71018d04b6939dc63f604121988a9054a24d26756b18e1ef623feb5e11440290b686e5a0303545d89711793a957db77affd34843dd22036
|
||||
SHA512 (grafana-vendor-12.4.3-1.tar.xz) = 8894bb10ce438aa747249addacc831330975b95081f46cbb7f0c270f7b43daa788fd498be51538b07f494d035d35d91a0418a53e6c610f110da45c8bc71d7176
|
||||
SHA512 (grafana-webpack-12.4.3-1.tar.gz) = 938b23ad8c0a5fa640f7aaffdfba667930a9713a518bf5935e0bf6092ae8c4fa5378808899a9f1af503c88e8805d228956996df32795fa41d2fdba46038fb26d
|
||||
|
||||
Loading…
Reference in New Issue
Block a user