-
Notifications
You must be signed in to change notification settings - Fork 102
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update cron-utils #266
Update cron-utils #266
Conversation
Signed-off-by: Ashish Agrawal <ashisagr@amazon.com>
Codecov Report
@@ Coverage Diff @@
## main #266 +/- ##
============================================
+ Coverage 78.58% 78.60% +0.01%
Complexity 217 217
============================================
Files 173 173
Lines 6968 6968
Branches 915 915
============================================
+ Hits 5476 5477 +1
- Misses 1003 1005 +2
+ Partials 489 486 -3
Continue to review full report at Codecov.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The force dependency seems wrong. Looks like you're inheriting a certain version from an upstream project like OpenSearch, these need to be fixed there.
Will update the dependencies in OpenSearch and will remove all the force dependencies in this PR |
Signed-off-by: Ashish Agrawal <ashisagr@amazon.com>
Can we backport this one onto the 1.2 branch? We're likely to do a 1.2.4 release. |
* Update cron-utils Signed-off-by: Ashish Agrawal <ashisagr@amazon.com>
* Update cron-utils Signed-off-by: Ashish Agrawal <ashisagr@amazon.com>
* Update license headers (#239) Signed-off-by: Annie Lee <leeyun@amazon.com> * Delete unused properties file. (#262) Signed-off-by: dblock <dblock@dblock.org> * Update cron-utils (#266) * Update cron-utils Signed-off-by: Ashish Agrawal <ashisagr@amazon.com> * Add last run context to Monitor data model Signed-off-by: Ashish Agrawal <ashisagr@amazon.com> Co-authored-by: Annie Lee <71157062+leeyun-amzn@users.noreply.github.com> Co-authored-by: Daniel Doubrovkine (dB.) <dblock@dblock.org>
* Update cron-utils Signed-off-by: Ashish Agrawal <ashisagr@amazon.com> Signed-off-by: AWSHurneyt <hurneyt@amazon.com>
* Update license headers (opensearch-project#239) Signed-off-by: Annie Lee <leeyun@amazon.com> * Delete unused properties file. (opensearch-project#262) Signed-off-by: dblock <dblock@dblock.org> * Update cron-utils (opensearch-project#266) * Update cron-utils Signed-off-by: Ashish Agrawal <ashisagr@amazon.com> * Add last run context to Monitor data model Signed-off-by: Ashish Agrawal <ashisagr@amazon.com> Co-authored-by: Annie Lee <71157062+leeyun-amzn@users.noreply.github.com> Co-authored-by: Daniel Doubrovkine (dB.) <dblock@dblock.org>
* Document level alerting dev (#272) * Update license headers (#239) Signed-off-by: Annie Lee <leeyun@amazon.com> * Delete unused properties file. (#262) Signed-off-by: dblock <dblock@dblock.org> * Update cron-utils (#266) * Update cron-utils Signed-off-by: Ashish Agrawal <ashisagr@amazon.com> * Add last run context to Monitor data model Signed-off-by: Ashish Agrawal <ashisagr@amazon.com> Co-authored-by: Annie Lee <71157062+leeyun-amzn@users.noreply.github.com> Co-authored-by: Daniel Doubrovkine (dB.) <dblock@dblock.org> * add Update Monitor function Signed-off-by: Ashish Agrawal <ashisagr@amazon.com> * fix integ test Signed-off-by: Ashish Agrawal <ashisagr@amazon.com> * Implemented draft of Finding data model, a new Input type, and some basic unit tests. (#260) * Implemented draft of Finding data model, and some basic unit tests for it. Signed-off-by: AWSHurneyt <79280347+AWSHurneyt@users.noreply.github.com> * POC for doc-level-alerting (#277) Signed-off-by: Sriram <59816283+skkosuri-amzn@users.noreply.github.com> * Add connection to triggers for doc level alerting (#316) Signed-off-by: Ashish Agrawal <ashisagr@amazon.com> * CRUD APIs integration Tests and validation"conflict resolved" (#362) Signed-off-by: charliezhangaws <zhanncha@amazon.com> * Seggregate monitor runner logic for separation of concerns (#363) * Refactor monitor runner logic for separation of concerns and better testability. Signed-off-by: Saurabh Singh <getsaurabh02@gmail.com> * Add action and alert flow and findings schema and additional fixes (#381) Signed-off-by: Ashish Agrawal <ashisagr@amazon.com> * Finding Search API (#385) * Findings search API based on Annie's work Signed-off-by: Annie Lee <leeyun@amazon.com> * Fix Search API and add IT tests Signed-off-by: Ashish Agrawal <ashisagr@amazon.com> Co-authored-by: Annie Lee <leeyun@amazon.com> * Fix integ tests and minor issues from doc level changes Signed-off-by: Ashish Agrawal <ashisagr@amazon.com> Co-authored-by: Annie Lee <71157062+leeyun-amzn@users.noreply.github.com> Co-authored-by: Daniel Doubrovkine (dB.) <dblock@dblock.org> Co-authored-by: AWSHurneyt <79280347+AWSHurneyt@users.noreply.github.com> Co-authored-by: Sriram <59816283+skkosuri-amzn@users.noreply.github.com> Co-authored-by: charliezhangaws <zhanncha@amazon.com> Co-authored-by: Saurabh Singh <getsaurabh02@gmail.com> Co-authored-by: Annie Lee <leeyun@amazon.com>
Signed-off-by: Ashish Agrawal ashisagr@amazon.com
Issue #, if available:
N/A
Description of changes:
Update
cron-utils
from9.1.3
to9.1.6
due to CVE-2021-41269This CVE only affects projects using the @Cron annotation to validate untrusted Cron expressions. Though @Cron is never used in OpenSearch, this dependency version bump is being done to future proof the code base and for users who run security scans and are uncomfortable with the presence of a library version that contains a CRITICAL CVE.
CheckList:
[X] Commits are signed per the DCO using --signoff
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.