Merge branch '7.9' into backport/7.9/pr-72605

Author: elasticmachine

.backportrc.json

@@ -1,5 +1,33 @@
 {
   "upstream": "elastic/kibana",
-  "branches": [{ "name": "7.x", "checked": true }, "7.4", "7.3", "7.2", "7.1", "7.0", "6.8", "6.7", "6.6", "6.5", "6.4", "6.3", "6.2", "6.1", "6.0", "5.6"],
-  "labels": ["backport"]
+  "targetBranchChoices": [
+    { "name": "master", "checked": true },
+    { "name": "7.x", "checked": true },
+    "7.9",
+    "7.8",
+    "7.7",
+    "7.6",
+    "7.5",
+    "7.4",
+    "7.3",
+    "7.2",
+    "7.1",
+    "7.0",
+    "6.8",
+    "6.7",
+    "6.6",
+    "6.5",
+    "6.4",
+    "6.3",
+    "6.2",
+    "6.1",
+    "6.0",
+    "5.6"
+  ],
+  "targetPRLabels": ["backport"],
+  "branchLabelMapping": {
+    "^v8.0.0$": "master",
+    "^v7.10.0$": "7.x",
+    "^v(\\d+).(\\d+).\\d+$": "$1.$2"
+  }
 }

docs/api/using-api.asciidoc

@@ -45,10 +45,8 @@ For all APIs, you must use a request header. The {kib} APIs support the `kbn-xsr
   By default, you must use `kbn-xsrf` for all API calls, except in the following scenarios:
 
 * The API endpoint uses the `GET` or `HEAD` operations
-
-* The path is whitelisted using the <<settings, `server.xsrf.whitelist`>> setting
-
-* XSRF protections are disabled using the `server.xsrf.disableProtection` setting
+* The path is whitelisted using the <<settings-xsrf-whitelist, `server.xsrf.whitelist`>> setting
+* XSRF protections are disabled using the <<settings-xsrf-disableProtection, `server.xsrf.disableProtection`>> setting
 
 `Content-Type: application/json`::
   Applicable only when you send a payload in the API request. {kib} API requests and responses use JSON. Typically, if you include the `kbn-xsrf` header, you must also include the `Content-Type` header.

docs/apm/api.asciidoc

@@ -40,8 +40,8 @@ users interacting with APM APIs must have <<apm-app-api-user,sufficient privileg
   By default, you must use `kbn-xsrf` for all API calls, except in the following scenarios:
 
 * The API endpoint uses the `GET` or `HEAD` operations
-* The path is whitelisted using the <<settings, `server.xsrf.whitelist`>> setting
-* XSRF protections are disabled using the `server.xsrf.disableProtection` setting
+* The path is whitelisted using the <<settings-xsrf-whitelist, `server.xsrf.whitelist`>> setting
+* XSRF protections are disabled using the <<settings-xsrf-disableProtection, `server.xsrf.disableProtection`>> setting
 
 `Content-Type: application/json`::
   Applicable only when you send a payload in the API request.

docs/canvas/canvas-function-reference.asciidoc

@@ -13,7 +13,7 @@ A *** denotes a required argument.
 
 A † denotes an argument can be passed multiple times.
 
-<<a_fns>> | B | <<c_fns>> | <<d_fns>> | <<e_fns>> | <<f_fns>> | <<g_fns>> | <<h_fns>> | <<i_fns>> | <<j_fns>> | K | <<l_fns>> | <<m_fns>> | <<n_fns>> | O | <<p_fns>> | Q | <<r_fns>> | <<s_fns>> | <<t_fns>> | <<u_fns>> | V | W | X | Y | Z
+<<a_fns>> | B | <<c_fns>> | <<d_fns>> | <<e_fns>> | <<f_fns>> | <<g_fns>> | <<h_fns>> | <<i_fns>> | <<j_fns>> | K | <<l_fns>> | <<m_fns>> | <<n_fns>> | O | <<p_fns>> | Q | <<r_fns>> | <<s_fns>> | <<t_fns>> | <<u_fns>> | <<v_fns>> | W | X | Y | Z
 
 [float]
 [[a_fns]]
@@ -2871,3 +2871,56 @@ Default: `""`
 |===
 
 *Returns:* `string`
+
+[float]
+[[v_fns]]
+== V
+
+[float]
+[[var_fn]]
+=== `var`
+
+Updates the Kibana global context.
+
+*Accepts:* `any`
+
+[cols="3*^<"]
+|===
+|Argument |Type |Description
+
+|_Unnamed_ ***
+
+Alias: `name`
+|`string`
+|Specify the name of the variable.
+|===
+
+*Returns:* Depends on your input and arguments
+
+
+[float]
+[[var_set_fn]]
+=== `var_set`
+
+Updates the Kibana global context.
+
+*Accepts:* `any`
+
+[cols="3*^<"]
+|===
+|Argument |Type |Description
+
+|_Unnamed_ ***
+
+Alias: `name`
+|`string`
+|Specify the name of the variable.
+
+|`value`
+
+Alias: `val`
+|`any`
+|Specify the value for the variable. When unspecified, the input context is used.
+|===
+
+*Returns:* Depends on your input and arguments

docs/developer/architecture/security/index.asciidoc

@@ -1,7 +1,7 @@
 [[development-security]]
 === Security
 
-{kib} has generally been able to implement security transparently to core and plugin developers, and this largely remains the case. {kib} on two methods that the elasticsearch `Cluster` provides: `callWithRequest` and `callWithInternalUser`. 
+{kib} has generally been able to implement security transparently to core and plugin developers, and this largely remains the case. {kib} on two methods that the elasticsearch `Cluster` provides: `callWithRequest` and `callWithInternalUser`.
 
 `callWithRequest` executes requests against Elasticsearch using the authentication credentials of the {kib} end-user. So, if you log into {kib} with the user of `foo` when `callWithRequest` is used, {kib} execute the request against Elasticsearch as the user `foo`. Historically, `callWithRequest` has been used extensively to perform actions that are initiated at the request of {kib} end-users.
 

docs/developer/architecture/security/rbac.asciidoc

@@ -1,4 +1,5 @@
-[[development-security-rbac]]
+[discrete]
+[[development-rbac]]
 ==== Role-based access control
 
 Role-based access control (RBAC) in {kib} relies upon the
@@ -7,9 +8,10 @@ that Elasticsearch exposes. This allows {kib} to define the privileges that
 {kib} wishes to grant to users, assign them to the relevant users using roles,
 and then authorize the user to perform a specific action. This is handled within
 a secured instance of the `SavedObjectsClient` and available transparently to
-consumers when using `request.getSavedObjectsClient()` or 
+consumers when using `request.getSavedObjectsClient()` or
 `savedObjects.getScopedSavedObjectsClient()`.
 
+[discrete]
 [[development-rbac-privileges]]
 ===== {kib} Privileges
 
@@ -55,6 +57,7 @@ The application is created by concatenating the prefix of `kibana-` with the val
 
 ==============================================
 
+[discrete]
 [[development-rbac-assigning-privileges]]
 ===== Assigning {kib} Privileges
 
@@ -77,9 +80,10 @@ The application is created by concatenating the prefix of `kibana-` with the val
  }
 ----------------------------------
 
-Roles that grant <<kibana-privileges>> should be managed using the <<role-management-api>> or the *Management -> Security -> Roles* page, not directly using the {es} {ref}/security-api.html#security-role-apis[role management API]. This role can then be assigned to users using the {es} 
+Roles that grant <<kibana-privileges>> should be managed using the <<role-management-api>> or the *Management -> Security -> Roles* page, not directly using the {es} {ref}/security-api.html#security-role-apis[role management API]. This role can then be assigned to users using the {es}
 {ref}/security-api.html#security-user-apis[user management APIs].
 
+[discrete]
 [[development-rbac-authorization]]
 ===== Authorization
 

docs/developer/getting-started/index.asciidoc

@@ -30,7 +30,7 @@ you can switch to the correct version when using nvm by running:
 nvm use
 ----
 
-Install the latest version of https://yarnpkg.com[yarn].
+Install the latest version of https://classic.yarnpkg.com/en/docs/install[yarn v1].
 
 Bootstrap {kib} and install all the dependencies:
 

docs/development/core/server/kibana-plugin-core-server.savedobjectsbulkcreateobject.md

@@ -20,5 +20,4 @@ export interface SavedObjectsBulkCreateObject<T = unknown>
 |  [migrationVersion](./kibana-plugin-core-server.savedobjectsbulkcreateobject.migrationversion.md) | <code>SavedObjectsMigrationVersion</code> | Information about the migrations that have been applied to this SavedObject. When Kibana starts up, KibanaMigrator detects outdated documents and migrates them based on this value. For each migration that has been applied, the plugin's name is used as a key and the latest migration version as the value. |
 |  [references](./kibana-plugin-core-server.savedobjectsbulkcreateobject.references.md) | <code>SavedObjectReference[]</code> |  |
 |  [type](./kibana-plugin-core-server.savedobjectsbulkcreateobject.type.md) | <code>string</code> |  |
-|  [version](./kibana-plugin-core-server.savedobjectsbulkcreateobject.version.md) | <code>string</code> |  |
 

docs/development/core/server/kibana-plugin-core-server.savedobjectsbulkcreateobject.version.md

@@ -20,5 +20,4 @@ export interface SavedObjectsCreateOptions extends SavedObjectsBaseOptions
 |  [overwrite](./kibana-plugin-core-server.savedobjectscreateoptions.overwrite.md) | <code>boolean</code> | Overwrite existing documents (defaults to false) |
 |  [references](./kibana-plugin-core-server.savedobjectscreateoptions.references.md) | <code>SavedObjectReference[]</code> |  |
 |  [refresh](./kibana-plugin-core-server.savedobjectscreateoptions.refresh.md) | <code>MutatingOperationRefreshSetting</code> | The Elasticsearch Refresh setting for this operation |
-|  [version](./kibana-plugin-core-server.savedobjectscreateoptions.version.md) | <code>string</code> | An opaque version number which changes on each successful write operation. Can be used in conjunction with <code>overwrite</code> for implementing optimistic concurrency control. |